[lxc-devel] [lxc/lxc] d90cc2: coverity: avoid null pointer dereference in cgmana...
GitHub
noreply at github.com
Fri Nov 18 01:47:17 UTC 2016
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: d90cc2e68d4cb821d45e079f6170f82cd0f0d7cd
https://github.com/lxc/lxc/commit/d90cc2e68d4cb821d45e079f6170f82cd0f0d7cd
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgmanager.c
Log Message:
-----------
coverity: avoid null pointer dereference in cgmanager
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: b52825bb943c4744539f3a45444b6b9386877860
https://github.com/lxc/lxc/commit/b52825bb943c4744539f3a45444b6b9386877860
Author: Fox Wilson <2016fwilson at babbage.csl.tjhsst.edu>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/lxc-generate-aa-rules.py
M src/lxc/lxc-ls.in
M src/lxc/lxc-start-ephemeral.in
M src/python-lxc/examples/api_test.py
M src/python-lxc/examples/pyconsole-vte.py
M src/python-lxc/examples/pyconsole.py
M src/python-lxc/setup.py.in
Log Message:
-----------
Use /usr/bin/env python3 instead of /usr/bin/python3 project-wide
This fixes invocations of certain commands when python3 is installed in
a nonstandard path (/usr/local/bin, for example).
Signed-off-by: Fox Wilson <2016fwilson at tjhsst.edu>
Commit: 94077c9f7a6f62c2f7d309cfe555eafbe790ef58
https://github.com/lxc/lxc/commit/94077c9f7a6f62c2f7d309cfe555eafbe790ef58
Author: Virgil Dupras <hsoft at hardcoded.net>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
Fetch Debian archive GPG keyrings when they're not available
When running the debian template on a non-debian host, it's usual not to
have debian-archive-keyring.gpg. When that happens, we skip the
signature checking of the release, which is dangerous because it's made over
HTTP.
This commit adds automatic fetching of Debian release keys.
Strongly related to #409
Signed-off-by: Virgil Dupras <hsoft at hardcoded.net>
Commit: fc0451a0649e27fb7887a49507148ce9b243938c
https://github.com/lxc/lxc/commit/fc0451a0649e27fb7887a49507148ce9b243938c
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: handle inverted arch
lxc uses uname to check the kernel version. Seccomp respects userspace. In the case
of 32-bit userspace on 64-bit kernel, this was a bad combination.
When we run into that case, make sure that the compat seccomp context is 32-bit, and
the lxc->seccomp_ctx is the 64-bit.
Closes #654
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 74d1b69e1338047a660849cdfa40ffa27cffd7be
https://github.com/lxc/lxc/commit/74d1b69e1338047a660849cdfa40ffa27cffd7be
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Better handle preserve_ns behavior
Commit b6b2b194a8 preserves the container's namespaces for
possible later use in stop hook. But some kernels don't have
/proc/pid/ns/ns for all the namespaces we may be interested in.
So warn but continue if this is the case.
Implement stgraber's suggested semantics.
- User requests some namespaces be preserved:
- If /proc/self/ns is missing => fail (saying kernel misses setns)
- If /proc/self/ns/<namespace> entry is missing => fail (saying kernel misses setns for <namespace>)
- User doesn't request some namespaces be preserved:
- If /proc/self/ns is missing => log an INFO message (kernel misses setns) and continue
- If /proc/self/ns/<namespace> entry is missing => log an INFO message (kernel misses setns for <namespace>) and continue
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: a2e1ec0a080c32e1c2cce69b556d89b9ce2027d1
https://github.com/lxc/lxc/commit/a2e1ec0a080c32e1c2cce69b556d89b9ce2027d1
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Revert "seccomp: handle inverted arch"
It breaks container starts.
This reverts commit 473ebc77d6762c2ec49fe59983dabc04f695fd01.
Commit: 62d4edf23d7a405a015002a5562de954ef09dd8c
https://github.com/lxc/lxc/commit/62d4edf23d7a405a015002a5562de954ef09dd8c
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxccontainer.h
Log Message:
-----------
lxc_container struct: add comment about moving member fns
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 2f0f608f509ec0f962b043a3c6cbc6c9292e0331
https://github.com/lxc/lxc/commit/2f0f608f509ec0f962b043a3c6cbc6c9292e0331
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
debian: Fix container creation on missing cache
This is currently breaking our daily image builds which happen in a
perfectly clean environment without a Debian keyring and without
anything in /var/cache/lxc
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: db5751aed686ecb500b9c528c7db23cb53674e3b
https://github.com/lxc/lxc/commit/db5751aed686ecb500b9c528c7db23cb53674e3b
Author: fli <fupan.li at windriver.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
lxc: let lxc-start support wlan phys
The commit: e5848d395cb <netdev_move_by_index: support wlan> only
made netdev_move_by_name support wlan, instead of netdev_move_by_index.
Given netdev_move_by_name is a wrapper of netdev_move_by_index, so here
replacing all of the call to lxc_netdev_move_by_index with lxc_netdev_move_by_name
to let lxc-start support wlan phys.
Signed-off-by: fupan li <fupan.li at windriver.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: a224dc7c97605ec2287ac8d8c775c54b048f7dd1
https://github.com/lxc/lxc/commit/a224dc7c97605ec2287ac8d8c775c54b048f7dd1
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lsm/apparmor.c
Log Message:
-----------
apparmor: support lxc.aa_profile = unchanged
In which case lxc will not update the apparmor profile at all.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: a707c3c98b2b0d0aa31b37e1d13a9cd239569dec
https://github.com/lxc/lxc/commit/a707c3c98b2b0d0aa31b37e1d13a9cd239569dec
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: support 32-bit arm on arm64, and 32-bit ppc on ppc64
Generally we enforce that a [arch] seccomp section can only be used on [arch].
However, on amd64 we allow [i386] sections for i386 containers, and there we
also take [all] sections and apply them for both 32- and 64-bit.
Do that also for ppc64 and arm64. This allows seccomp-protected armhf
containers to run on arm64.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: d529ba02e9766942fb376b5b7b19579ace632e1d
https://github.com/lxc/lxc/commit/d529ba02e9766942fb376b5b7b19579ace632e1d
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Conditional compilation for ARM and PPC
Check if symbols SCMP_ARCH_ARM and SCMP_ARCH_PPC are defined.
Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 763c777b2749162b298aab206e8ad59dbed9b127
https://github.com/lxc/lxc/commit/763c777b2749162b298aab206e8ad59dbed9b127
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgroup.c
Log Message:
-----------
prune_init_cgroup: don't dereference NULL
This is to avoid:
https://errors.ubuntu.com/problem/d640a68bf7343705899d7ca8c6bc070d477cd845
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: e88a5211772362a6dc0f9cd02925fe25250ff5e3
https://github.com/lxc/lxc/commit/e88a5211772362a6dc0f9cd02925fe25250ff5e3
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
fix 'lxc.mount.entry' key when clearing unexpanded config
Closes #712
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: b23b84847163b5fe17599b18654f7d4f8966f811
https://github.com/lxc/lxc/commit/b23b84847163b5fe17599b18654f7d4f8966f811
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/tests/get_item.c
Log Message:
-----------
Update get_item test after the lxc.mount.entry fix
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 91cbac9b7a6f1c3f30f92c617336dd168514e502
https://github.com/lxc/lxc/commit/91cbac9b7a6f1c3f30f92c617336dd168514e502
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
Fix seccomp profile on attach of undefined container
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
Commit: 81233155a1ef101a3f77915884d025c0f5e4d82f
https://github.com/lxc/lxc/commit/81233155a1ef101a3f77915884d025c0f5e4d82f
Author: Li Qiu <li.qiu at nomovok.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Return immediately in save_phys_nics if not run as root
Physical nic is not instantiated in lxc_create_network
Signed-off-by: Li Qiu <li.qiu at nomovok.com>
Commit: 6d8329f832676a0570258cde9ca7a515bc846bce
https://github.com/lxc/lxc/commit/6d8329f832676a0570258cde9ca7a515bc846bce
Author: Andre McCurdy <armccurdy at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc-checkconfig.in
Log Message:
-----------
lxc-checkconfig: remove zgrep dependency
zgrep is a script provided by the 'gzip' package, which may not be
installed on embedded systems etc which use busybox instead of the
standard full-featured utilities.
Signed-off-by: Andre McCurdy <armccurdy at gmail.com>
Commit: 37bb2dd942b067511e5a41d02f03d2dd7d8114c0
https://github.com/lxc/lxc/commit/37bb2dd942b067511e5a41d02f03d2dd7d8114c0
Author: Wesley M <wesleymr.27 at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Refactoring conditional directives.
Signed-off-by: Wesley Marques <wesleymr.27 at gmail.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 290ce5d504dc441daf7ca31a805f720f05b04dba
https://github.com/lxc/lxc/commit/290ce5d504dc441daf7ca31a805f720f05b04dba
Author: Eva Charlotte Mayer <eva-charlotte.mayer at posteo.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc-ls.in
Log Message:
-----------
Fix swap calculation
Signed-off-by: Eva Charlotte Mayer <eva-charlotte.mayer at posteo.de>
Commit: 99e02fe315900de31d9fa0b6c30cc607da943d44
https://github.com/lxc/lxc/commit/99e02fe315900de31d9fa0b6c30cc607da943d44
Author: Danil Osherov <shindo at yandex-team.ru>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/python-lxc/lxc.c
Log Message:
-----------
python-lxc: Call PyOS_AfterFork after attaching to a container
As lxc_attach() calls fork() PyOS_AfterFork should be called in the new
process if the Python interpreter will continue to be used.
Signed-off-by: Danil Osherov <shindo at yandex-team.ru>
Commit: b6c0daab2bf7733402b29892b7f63cdcaa5f7b40
https://github.com/lxc/lxc/commit/b6c0daab2bf7733402b29892b7f63cdcaa5f7b40
Author: tw19881113 at gmail.com <tw19881113 at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/include/ifaddrs.c
Log Message:
-----------
fix buffer overflow in ifaddrs.c
jenkins: ok to test
Signed-off-by: Tw <tw19881113 at gmail.com>
Commit: 7b1b6e5d95b20f3d5411b72915cca9430713b7f0
https://github.com/lxc/lxc/commit/7b1b6e5d95b20f3d5411b72915cca9430713b7f0
Author: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/lxc.container.conf.sgml.in
Log Message:
-----------
Documenting valueless lxc.cap.drop behaviour
>From b24b0e16848fbb93402a08efa3950cd59272b8da Mon Sep 17 00:00:00 2001
From: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Date: Sun, 3 Jan 2016 23:07:19 +0100
Subject: [PATCH] Documenting valueless lxc.cap.drop behaviour
Undocummented behaviour since 7d0eb87.
Signed-off-by: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 0b247e1cc0a50b79909a957a78f418608c68e911
https://github.com/lxc/lxc/commit/0b247e1cc0a50b79909a957a78f418608c68e911
Author: Wim Coekaerts <wim.coekaerts at oracle.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
NULL pointer deference if nlmsg_reserve() returns NULL for ifi
nlmsg_reserve() might return NULL
if (nlmsg_len + tlen > nlmsg->cap)
return NULL;
Also set err = -ENOMEM where appropriate
Signed-off-by: Wim Coekaerts <wim.coekaerts at oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: ad2416c4afba525eb59247306fde41f64aa14f49
https://github.com/lxc/lxc/commit/ad2416c4afba525eb59247306fde41f64aa14f49
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lsm/apparmor.c
Log Message:
-----------
Don't try to change aa label if we are already apparmor-confined
Closes #1459
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 4c17a8a606c0a4f6c241538cee3ccf8fa32899a3
https://github.com/lxc/lxc/commit/4c17a8a606c0a4f6c241538cee3ccf8fa32899a3
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
coverity: preserve_ns returns bool, not int
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 530c5e19de29f47309d3a5159f8ef62b0a93a6f9
https://github.com/lxc/lxc/commit/530c5e19de29f47309d3a5159f8ef62b0a93a6f9
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lsm/apparmor.c
Log Message:
-----------
apparmor: recognize 'unconfined' as unconfined.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 0bf8913d50fcf6bc66d2709f1a2575c29cc27670
https://github.com/lxc/lxc/commit/0bf8913d50fcf6bc66d2709f1a2575c29cc27670
Author: Peter Simons <simons at cryp.to>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/bash/lxc.in
Log Message:
-----------
bash completion: the 'have' command was deprecated in favor of '_have'
`bash-completion` version 2.1 and later no longer include the `have` command,
and consequently the `lxc` competion file fails on such systems. The command is
now called `_have`.
Signed-off-by: Peter Simons <simons at cryp.to>
Commit: d06c1c95516af45ebea611058566ef90ebd8226d
https://github.com/lxc/lxc/commit/d06c1c95516af45ebea611058566ef90ebd8226d
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
Set the right variable to NULL when unsetting ipv6_gateway
We were freeing one and setting a different one to NULL, eventually
leading to a crash when closing the netdev (at container shutdown)
and freeing already-freed memory.
Closes #732
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: f444130e766a7162a0af77f0a8e6963ff6d235f7
https://github.com/lxc/lxc/commit/f444130e766a7162a0af77f0a8e6963ff6d235f7
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
preserve inherited fds for stop hook
When preserving fds for the stop hook, make sure to also save
any fds we've inherited.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: ba3d86dd180bc9879f15bce86b87978cbafa6faa
https://github.com/lxc/lxc/commit/ba3d86dd180bc9879f15bce86b87978cbafa6faa
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
avoid printing null string in error message
Show the ifindex in case it's useful
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: f7a02d639bf841c3004204dae561886594d50e54
https://github.com/lxc/lxc/commit/f7a02d639bf841c3004204dae561886594d50e54
Author: Nehal J Wani <nehaljw.kkd1 at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-fedora.in
Log Message:
-----------
Fix Comment inside Fedora Template
We no longer use mirrors.kernel.org.
Commit f71e8f4 switched it to archives.fedoraproject.org
Signed-off-by: Nehal J Wani <nehaljw.kkd1 at gmail.com>
Commit: 820f2c851d6ea31448b4d3967362556a95baa165
https://github.com/lxc/lxc/commit/820f2c851d6ea31448b4d3967362556a95baa165
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
doc: Add valueless lxc.cap.drop behaviour to Japanese man page
Update for commit 7eff30f
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: a1d5e36ae32cc7c8c964ea0fc85b8b6b2ca18490
https://github.com/lxc/lxc/commit/a1d5e36ae32cc7c8c964ea0fc85b8b6b2ca18490
Author: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/lxc.container.conf.sgml.in
Log Message:
-----------
Document clear behaviour of list options
More general for all list options.
Seems to currently affect:
lxc.network (clear all NICs)
lxc.network.* (clear current NIC)
lxc.cap.drop
lxc.cap.keep
lxc.cgroup
lxc.mount.entry
lxc.mount.auto
lxc.hook
lxc.id_map
lxc.group
lxc.environment
Signed-off-by: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 290d4363c43db79b78bd92baf46fbebaf625bd9f
https://github.com/lxc/lxc/commit/290d4363c43db79b78bd92baf46fbebaf625bd9f
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc-ls.in
Log Message:
-----------
fix lockpath removal in Python lxc-ls
The lock path for lxc is not
RUNTIME_PATH/lock/lxc
but rather
RUNTIME_PATH/lxc/lock
Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: e4f62a4d9ee09004903f13117bef8e2a0d13df69
https://github.com/lxc/lxc/commit/e4f62a4d9ee09004903f13117bef8e2a0d13df69
Author: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/lxc.container.conf.sgml.in
Log Message:
-----------
Document network clear option
Should be mentioned separately because it will reset a big group of options.
Signed-off-by: Marko Hauptvogel <marko.hauptvogel at googlemail.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 5ee0980d49b5c16a86c11a2a653140fa16a4a099
https://github.com/lxc/lxc/commit/5ee0980d49b5c16a86c11a2a653140fa16a4a099
Author: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
open_without_symlink: Account when prefix is empty string
In the current implementation, the open_without_symlink function
will default to opening the root mount only if the passed rootfs
prefix is null. It doesn't account for the case where this prefix
is passed as an empty string.
Properly handle this second case as well.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 88ba5941379aee6aab7794bff44037c1667c7460
https://github.com/lxc/lxc/commit/88ba5941379aee6aab7794bff44037c1667c7460
Author: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/initutils.c
Log Message:
-----------
lxc_setup_fs: Create /dev/shm folder if it doesn't exist
When running application containers with lxc-execute, /dev is
populated only with device entries. Since /dev is a tmpfs mount in
the container environment, the /dev/shm folder not being present is not
a sufficient reason for the /dev/shm mount to fail.
Create the /dev/shm directory if not present.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 0a75e030744309892a1a731b93252719a0799e3f
https://github.com/lxc/lxc/commit/0a75e030744309892a1a731b93252719a0799e3f
Author: Tycho Andersen <tycho.andersen at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgmanager.c
Log Message:
-----------
cgmanager: don't make tasks + cgroup.procs +x
No reason for these to be +x, and it looks weird.
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 778578599dba51644767436a2ae9e4d9106074d2
https://github.com/lxc/lxc/commit/778578599dba51644767436a2ae9e4d9106074d2
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxccontainer.h
Log Message:
-----------
cleanup: lxc_container::want_* comment descriptions
They change a value and return true on success rather than
fetching the value as the comments previously suggested.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: f0a452d8e1aa993cb87148767dbcc0c6debca1a2
https://github.com/lxc/lxc/commit/f0a452d8e1aa993cb87148767dbcc0c6debca1a2
Author: Nehal J Wani <nehaljw.kkd1 at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-fedora.in
Log Message:
-----------
Fix echo statement inside fedora template
We no longer use mirrors.kernel.org.
Commit f71e8f4 switched it to archives.fedoraproject.org
Signed-off-by: Nehal J Wani <nehaljw.kkd1 at gmail.com>
Commit: 7695ca4220c7d8795d66e5f97ea7baa3174cc546
https://github.com/lxc/lxc/commit/7695ca4220c7d8795d66e5f97ea7baa3174cc546
Author: KURODA Hiraku <kuroda at syngram.co.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-centos.in
Log Message:
-----------
Use ${utsname} instead of ${UTSNAME} because latter variable is not defined.
Signed-off-by: KURODA Hiraku <kuroda at syngram.co.jp>
Commit: 1f907acd4d7a7b1b1d0cd854f848fd0f6cadbf69
https://github.com/lxc/lxc/commit/1f907acd4d7a7b1b1d0cd854f848fd0f6cadbf69
Author: Carlos Alberto Lopez Perez <clopez at igalia.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Ignore any container with a name starting by '.'
* This are either '.', '..' or a hidden directory.
And this names should not be used for a container
in any case.
* Before this patch, if you created a git repository under lxc.lxcpath (it
can be useful to keep track of the configurations of your containers)
Then, when you run lxc-ls you will get the following output:
# lxc-ls
.git container1 container2 ....
This is because there is a 'config' file inside the '.git' directory.
It is where git stores the configuration of the repository.
And the test lxc-ls does to check if a directory contains a container
is just to check if the 'directory/config' file exists.
Signed-off-by: Carlos Alberto Lopez Perez <clopez at igalia.com>
Commit: cb45908f614685069cce007816c0e8adffa1c7f7
https://github.com/lxc/lxc/commit/cb45908f614685069cce007816c0e8adffa1c7f7
Author: Min Wang <mingewang at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
M doc/lxc.container.conf.sgml.in
M src/lxc/conf.c
Log Message:
-----------
increase /dev size to 500k ( issue #781)
Signed-off-by: Min Wang <mingewang at gmail.com>
Commit: 05c03fea224cdb3f5fe796572fdd07f1cbf08910
https://github.com/lxc/lxc/commit/05c03fea224cdb3f5fe796572fdd07f1cbf08910
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: prune the init scope from paths
Just as cgmanager does, if we are calculating a task's paths, drop
the trailing '/init.scope'. We don't want the container to sit under
there.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: d23b631217cb15e66cd44bbf89f137f19613f960
https://github.com/lxc/lxc/commit/d23b631217cb15e66cd44bbf89f137f19613f960
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
doc: add clear behaviour of list options to Japanese lxc.container.conf(5)
Update for commit ff68914
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: c94182e7d1a7566b246e82ccc9125544c501317b
https://github.com/lxc/lxc/commit/c94182e7d1a7566b246e82ccc9125544c501317b
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
doc: Add network clear option to Japanese lxc.container.conf(5)
Update for commit 020104c
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: d7f910ce29be2dc845702564cb8079d36d0f12b5
https://github.com/lxc/lxc/commit/d7f910ce29be2dc845702564cb8079d36d0f12b5
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
apparmor: allow binding /run/{,lock/} -> /var/run/{,lock/}
Some systems need to be able to bind-mount /run to /var/run
and /run/lock to /var/run/lock. (Tested with opensuse 13.1
containers migrated from openvz.)
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 8042e1f9a9f3b85abc72f1747906cf77b1ec5a75
https://github.com/lxc/lxc/commit/8042e1f9a9f3b85abc72f1747906cf77b1ec5a75
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc_usernsexec.c
Log Message:
-----------
Fix typo
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 8ab1f94bf3a264f568318edae2abb3077a5e9e11
https://github.com/lxc/lxc/commit/8ab1f94bf3a264f568318edae2abb3077a5e9e11
Author: Katze <binary at benary.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
fix typo
Signed-off-by: benaryorg <binary at benary.org>
Commit: ef1ba04cfacdc3f9e6dc0df02d571417a937703d
https://github.com/lxc/lxc/commit/ef1ba04cfacdc3f9e6dc0df02d571417a937703d
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/log.c
Log Message:
-----------
log.c:__lxc_log_set_file: fname cannot be null
fname cannot be passed in as NULL by any of its current callers. If it
could, then build_dir() would crash as it doesn't check for it. So make
sure we are warned if in the future we pass in NULL.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 950774731968d2a442d4c3da7197c147c4cab1fe
https://github.com/lxc/lxc/commit/950774731968d2a442d4c3da7197c147c4cab1fe
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/log.c
Log Message:
-----------
log.c:__lxc_log_set_file: completely close log file when overriding
Otherwise after a shortcut on error we could end up trying to write
to the closed log fd.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: f91f524497466d61e46259bd1d0b9a9aaa4adf3f
https://github.com/lxc/lxc/commit/f91f524497466d61e46259bd1d0b9a9aaa4adf3f
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
Allow sysfs remount by mountall
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 0b2b1944a349e412ba74776b84c8be2c105666e0
https://github.com/lxc/lxc/commit/0b2b1944a349e412ba74776b84c8be2c105666e0
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
M src/lxc/cgmanager.c
Log Message:
-----------
cgroups: do not fail if setting devices cgroup fails due to EPERM
If we're trying to allow a device which was denied to our parent
container, just continue.
Cgmanager does not help us to distinguish between eperm and other
errors, so just always continue.
We may want to consider actually computing the range of devices
to which the container monitor has access, but OTOH that introduces
a whole new set of complexity to compute access sets.
Closes #827
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 8eda3d3bb64305c4fe73c229d2dada5ff91e876c
https://github.com/lxc/lxc/commit/8eda3d3bb64305c4fe73c229d2dada5ff91e876c
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: also check for EACCES when writing devices
Because that's what lxcfs gives us.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: f846ddb02329b70874146dee84b104e394b69c66
https://github.com/lxc/lxc/commit/f846ddb02329b70874146dee84b104e394b69c66
Author: Ubuntu <ubuntu at localhost.localdomain>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
lxc: cgfs: handle lxcfs
When containers have lxcfs mounted instead of cgroupfs, we have to
process /proc/self/mountinfo a bit differently. In particular, we
should look for fuse.lxcfs fstype, we need to look elsewhere for the
list of comounted controllers, and the mount_prefix is not a cgroup path
which was bind mounted, so we should ignore it, and named subsystems
show up without the 'name=' prefix.
With this patchset I can start containers inside a privileged lxd
container with lxcfs mounted (i.e. without cgroup namespaces).
Closes #830
Signed-off-by: Ubuntu <ubuntu at localhost.localdomain>
Commit: e2d975315846073346b6bce30f81a0674a4773be
https://github.com/lxc/lxc/commit/e2d975315846073346b6bce30f81a0674a4773be
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc.sgml.in
M doc/lxc.sgml.in
Log Message:
-----------
Fix typo in lxc manpage
Reported-by: lintian
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: f2e8fceaa21fd5c3c0bfe1d763416c5c3c0f21ec
https://github.com/lxc/lxc/commit/f2e8fceaa21fd5c3c0bfe1d763416c5c3c0f21ec
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: make sure we use valid cgroup mountpoints
If lxcfs starts before cgroup-lite, then the first cgroup mountpoints in
/proc/self/mountinfo are /run/lxcfs/*. Unprivileged users cannot access
these. So privileged containers are ok, and unprivileged containers are ok
since they won't cache those to begin with. But unprivileged root-owned
containers cache /run/lxcfs/* and then try to use them.
So when doing cgroup automounting check whether the mountpoints we have
stored are accessible, and if not look for a new one to use.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: cae78646b634e59029e09f3d63c60e424bc00405
https://github.com/lxc/lxc/commit/cae78646b634e59029e09f3d63c60e424bc00405
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: be less verbose
don't always warn about unused cgroups, it's noisy and not helpful
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 112981f0f30cd62aa159be323495ec89585f69ae
https://github.com/lxc/lxc/commit/112981f0f30cd62aa159be323495ec89585f69ae
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc-attach.sgml.in
Log Message:
-----------
doc: improve Japanese lxc-attach(1)
Explain that the pipe symbol needs to be escaped for -e and -s.
Update for commit 759d521
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Commit: 1ab99317d8bee56df78a754c672451ebffb76cd4
https://github.com/lxc/lxc/commit/1ab99317d8bee56df78a754c672451ebffb76cd4
Author: Sungbae Yoo <sungbae.yoo at samsung.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc-unshare.sgml.in
M doc/lxc-unshare.sgml.in
Log Message:
-----------
doc: improve lxc-unshare(1)
Explain that the pipe symbol needs to be escaped for -s.
Signed-off-by: Sungbae Yoo <sungbae.yoo at samsung.com>
Commit: e67458e4bef16a5c6f96e105bac7dd3f4f98b3af
https://github.com/lxc/lxc/commit/e67458e4bef16a5c6f96e105bac7dd3f4f98b3af
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
open_without_symlink: Don't SYSERROR on something else than ELOOP
The open_without_symlink routine has been specifically created to prevent
mounts with synlinks as source or destination. Keep SYSERROR'ing in that
particular scenario, but leave error handling to calling functions for the
other ones - e.g. optional bind mount when the source dir doesn't exist
throws a nasty error.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Commit: d116264c4a62c61068de17e01bfcd7ab7deececa
https://github.com/lxc/lxc/commit/d116264c4a62c61068de17e01bfcd7ab7deececa
Author: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
lxc-busybox: Touch /etc/fstab in the container rootfs
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Commit: 7265c4a848fd78103cc1105716679ba8ffeec6b1
https://github.com/lxc/lxc/commit/7265c4a848fd78103cc1105716679ba8ffeec6b1
Author: Aleksandr Mezin <mezin.alexander at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/sync.c
M src/lxc/sync.h
Log Message:
-----------
sync: add LXC_SYNC_ERROR to report errors from another process.
Signed-off-by: Aleksandr Mezin <mezin.alexander at gmail.com>
Commit: 3ae1a347083da89e166fe74d1e620c72534c1c0e
https://github.com/lxc/lxc/commit/3ae1a347083da89e166fe74d1e620c72534c1c0e
Author: Aleksandr Mezin <mezin.alexander at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: use LXC_SYNC_ERROR to report errors.
This gives more meaningful error message than "invalid sequence".
Signed-off-by: Aleksandr Mezin <mezin.alexander at gmail.com>
Commit: d0399eb1ed377162fba74ae1e6649f9abbc0ff87
https://github.com/lxc/lxc/commit/d0399eb1ed377162fba74ae1e6649f9abbc0ff87
Author: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
lxc-busybox: Remove warning for dynamically linked Busybox
The warning has been present since commit 32b37181ea (with no purpose stated).
Support for dynamically linked Busybox has been added since commit bf6cc73696.
Haven't encountered any issues with dynamically linked Busybox in my last
2 years' testing.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at nxp.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 0087c3dc20cb48092fdd2d7c040fb9db5eda2a1a
https://github.com/lxc/lxc/commit/0087c3dc20cb48092fdd2d7c040fb9db5eda2a1a
Author: Aleksandr Mezin <mezin.alexander at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/Makefile.am
M config/init/upstart/Makefile.am
Log Message:
-----------
Fix installation of out-of-tree (VPATH) builds
Signed-off-by: Aleksandr Mezin <mezin.alexander at gmail.com>
Commit: 1cc706ab292d8d8ea5db83810a72acec6c6fcf29
https://github.com/lxc/lxc/commit/1cc706ab292d8d8ea5db83810a72acec6c6fcf29
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
use httpredir.debian.org as the default Debian mirror
http.debian.net is an alias anyways and httpredir.debian.org is the official name of the service
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: 8740e8c070c2abf400a6adc60740bc44b2f12885
https://github.com/lxc/lxc/commit/8740e8c070c2abf400a6adc60740bc44b2f12885
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-ubuntu.in
Log Message:
-----------
always provide a default mirror for debootstraping Ubuntu
debootstrap sometimes selects the wrong mirror due to [1]
[1] https://bugs.debian.org/819300
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: ecc5dc58c168f1c5284bd2dbca20eacba07d5413
https://github.com/lxc/lxc/commit/ecc5dc58c168f1c5284bd2dbca20eacba07d5413
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-ubuntu.in
Log Message:
-----------
lxc-ubuntu: Fix building on secondary architectures
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 9daa3235f60280ab7df664ea9a73835490069555
https://github.com/lxc/lxc/commit/9daa3235f60280ab7df664ea9a73835490069555
Author: Evgeni Golov <evgeni at golov.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
update Debian release names
Squeeze is EOL now, Stretch is the upcoming stable
Signed-off-by: Evgeni Golov <evgeni at golov.de>
Commit: 553aa63d1372100ec299b16fc8cacee1e3c054b8
https://github.com/lxc/lxc/commit/553aa63d1372100ec299b16fc8cacee1e3c054b8
Author: Oleg Freedhom <overlayfs at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
fix btrfs_recursive_destroy
A change in kernel 4.2 caused btrfs_recursive_destroy to
fail to delete unprivileged containers. This patch restores
the pre-kernel-4.2 behaviour. Ref: Issue 935.
Signed-off-by: Oleg Freedhom <overlayfs at gmail.com>
Commit: 64c97ec72f3690f39c30e86aa8efcc4e3aa96625
https://github.com/lxc/lxc/commit/64c97ec72f3690f39c30e86aa8efcc4e3aa96625
Author: Oleg Freedholm <overlayfs at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
store errno immediately after ioctl
Signed-off-by: Oleg Freedholm <overlayfs at gmail.com>
Commit: 3b860b7246852f1da60bb787e33c2709a4293105
https://github.com/lxc/lxc/commit/3b860b7246852f1da60bb787e33c2709a4293105
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/ja/lxc-attach.sgml.in
M doc/ja/lxc-info.sgml.in
M doc/lxc-attach.sgml.in
M doc/lxc-info.sgml.in
Log Message:
-----------
fix spelling mistakes spotted by Debian's lintian
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: b8b435e392df8d3658c7b119ea84ea2a156f9492
https://github.com/lxc/lxc/commit/b8b435e392df8d3658c7b119ea84ea2a156f9492
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/nl.c
Log Message:
-----------
netlink_open: close socket on error
All uses of netlink_open() assume that on error the
nl_handler doesn't need to be closed, but some error cases
happen after the socket was opened successfully and used to
simply return -errno.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 19bda42f45934e4af9beba0ff1b740b3cd47eb01
https://github.com/lxc/lxc/commit/19bda42f45934e4af9beba0ff1b740b3cd47eb01
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
lxc_mount_auto_mounts(): free memory on failure
Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
Commit: 58325fd7c63ac8d20b3a4db476e933578ccb094d
https://github.com/lxc/lxc/commit/58325fd7c63ac8d20b3a4db476e933578ccb094d
Author: staticfox <staticfox at staticfox.net>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M .gitignore
Log Message:
-----------
Ignore temporary files generated by doxygen
Signed-off-by: Matt Ullman <staticfox at staticfox.net>
Commit: 796873cffb52e7c005f121076116ee832d011f94
https://github.com/lxc/lxc/commit/796873cffb52e7c005f121076116ee832d011f94
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M configure.ac
Log Message:
-----------
nicer date format and support for SOURCE_DATE_EPOCH in LXC_GENERATE_DATE
Using $(date) for LXC_GENERATE_DATE has various flaws:
* formating depends on the locale of the system we execute configure on
* the output is not really a date but more a timestamp
Let's use $(date --utc '+%Y-%m-%d') instead.
While at it, also support SOURCE_DATE_EPOCH [1] to make the build
reproducible
[1] https://reproducible-builds.org/specs/source-date-epoch/
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: 729ae9dbb5df147544cad4242d2adca70afb5f23
https://github.com/lxc/lxc/commit/729ae9dbb5df147544cad4242d2adca70afb5f23
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/init/systemd/lxc.service.in
Log Message:
-----------
drop obsolete syslog.target from lxc.service.in
the target is obsolete since systemd v38 which everybody should have.
original patch by Daniel Baumann
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: a99495492b69d57bdb4a0703886eccfdec268fba
https://github.com/lxc/lxc/commit/a99495492b69d57bdb4a0703886eccfdec268fba
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M MAINTAINERS
Log Message:
-----------
Update maintainers
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 383554e79ae63418a03ab5f281ca9cc4dc9740e0
https://github.com/lxc/lxc/commit/383554e79ae63418a03ab5f281ca9cc4dc9740e0
Author: walkerning <foxdoraame at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc-checkconfig.in
Log Message:
-----------
Check if stdout is a terminal in lxc-checkconfig
Let lxc-checkconfig write to non-tty stdout without color control
characters
Signed-off-by: walkerning <foxdoraame at gmail.com>
Commit: cfaa839ee069e273434f80a7f6cde78235a936bd
https://github.com/lxc/lxc/commit/cfaa839ee069e273434f80a7f6cde78235a936bd
Author: Aron Podrigal <aronp at guaranteedplus.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/python-lxc/lxc.c
Log Message:
-----------
Fixed - set PyErr when Container.__init__ fails
When container init failed for whatever reason, previously it resulted
in a `SystemError: NULL result without error in PyObject_Call`
This will now result in a RuntimeError with the error message
previously printed to stderr.
Signed-off-by: Aron Podrigal <aronp at guaranteedplus.com>
Commit: ddb49879b13240c8c71e95928db8c4c9e7aaa24d
https://github.com/lxc/lxc/commit/ddb49879b13240c8c71e95928db8c4c9e7aaa24d
Author: Aron Podrigal <aronp at guaranteedplus.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
Added `type` to keys in lxc_list_nicconfigs
Signed-off-by: Aron Podrigal <aronp at guaranteedplus.com>
Commit: 905987c5f7a9b4915fcd2a2d75a1dde5c3d7d747
https://github.com/lxc/lxc/commit/905987c5f7a9b4915fcd2a2d75a1dde5c3d7d747
Author: Lisio <andrey at kostin.email>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-alpine.in
Log Message:
-----------
Force DHCP client to send hostname
Required for proper applying dnsmasq config entries.
Signed-off-by: Andrey Kostin <andrey at kostin.email>
Commit: e824e853385e292efb516c7357d6449eb966d473
https://github.com/lxc/lxc/commit/e824e853385e292efb516c7357d6449eb966d473
Author: Tycho Andersen <tycho.andersen at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/sync.c
Log Message:
-----------
sync: fail on unexpected message sizes
I think (?) this may be related to our hanging monitor bug. Let's do this
anyway, as it's probably a good idea.
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
Commit: d75890ba26a9f3c58c0d8028383ab0b167db6905
https://github.com/lxc/lxc/commit/d75890ba26a9f3c58c0d8028383ab0b167db6905
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/sync.c
Log Message:
-----------
sync.c: use correct types
Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
Commit: aca109c01fc03a6b53c3d9ab26d3fa08fcef3231
https://github.com/lxc/lxc/commit/aca109c01fc03a6b53c3d9ab26d3fa08fcef3231
Author: Hartnell Foster <hartnell.foster at bbc.co.uk>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-centos.in
Log Message:
-----------
Added OR statement for cases of ID = rhel in RHEL 7+
Signed-off-by: Hartnell Foster <hartnell.foster at bbc.co.uk>
Commit: c8a82316051212cdcf609ee75f2b8b2d77d598e8
https://github.com/lxc/lxc/commit/c8a82316051212cdcf609ee75f2b8b2d77d598e8
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/start.c
M src/lxc/sync.c
M src/lxc/sync.h
Log Message:
-----------
Unshare netns after setting the userns mappings
so that there is a root uid mapping for the /proc/net files.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 8bde403107e397ba7885d56ecdde485a76ab27dd
https://github.com/lxc/lxc/commit/8bde403107e397ba7885d56ecdde485a76ab27dd
Author: Stewart Brodie <stewart at metahusky.net>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
Allow configuration file values to be quoted
If the value starts and ends with matching quote characters, those
characters are stripped automatically. Quote characters are the
single quote (') or double quote ("). The quote removal is done after
the whitespace trimming.
This is needed particularly in order that lxc.environment values may
have trailing spaces. However, the quote removal is done for all values
in the parse_line function, as it has non-const access to the value.
Signed-off-by: Stewart Brodie <stewart at metahusky.net>
Commit: 426dc68585265899b5531a29b77ddb05dc8ae02d
https://github.com/lxc/lxc/commit/426dc68585265899b5531a29b77ddb05dc8ae02d
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
Log Message:
-----------
Also allow fstype=fuse for fuse filesystems
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: d326c39dfb9ba52c76bfb6155ac9a52a751d9df6
https://github.com/lxc/lxc/commit/d326c39dfb9ba52c76bfb6155ac9a52a751d9df6
Author: Andrey Kostin <andrey at kostin.email>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-alpine.in
Log Message:
-----------
Fix hostname in interface config for apline template
Signed-off-by: Andrey Kostin <andrey at kostin.email>
Commit: 3ff94e7e6fba86b3fbe860477d979d6f36f66d16
https://github.com/lxc/lxc/commit/3ff94e7e6fba86b3fbe860477d979d6f36f66d16
Author: Jörg Krause <joerg.krause at embedded.rocks>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc_user_nic.c
Log Message:
-----------
Fix redefinition of struct in6_addr
struct in6_addr is both defined in the C library header <netinet/in.h>
and the Linux kernel header <linux/in6.h>.
lxc_user_nic.c includes both <netinet/in.h> and <linux/if_bridge.h>. The
later one includes <linux/in6.h>.
This breaks build with the musl libc:
error: redefinition of ‘struct in6_addr’
As lxc_user_nic.c does not use any references from <linux/if_bridge.h> it
is safe to remove this header.
Signed-off-by: Jörg Krause <joerg.krause at embedded.rocks>
Commit: 718c2a0c8a8f11c1b87a6818eae64bc3d2bf862a
https://github.com/lxc/lxc/commit/718c2a0c8a8f11c1b87a6818eae64bc3d2bf862a
Author: Antonio Terceiro <terceiro at softwarelivre.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
lxc-debian: make sure init is installed
init 1.34 is not "Essential" anymore, in order to make it not required
on minimal chroots, docker containers, etc. Because of that we now need
to manually include it on systems that are expected to boot.
Signed-off-by: Antonio Terceiro <terceiro at debian.org>
Commit: c9c79ec829c37506c5dfe66be9a6a51e80a975f3
https://github.com/lxc/lxc/commit/c9c79ec829c37506c5dfe66be9a6a51e80a975f3
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-plamo.in
Log Message:
-----------
plamo: Improve Plamo template
* configure to start only the minimum of service
* add ntp, kmod to ignore packages
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Commit: f411d61b6b7209ca90014c1f491226338fc40107
https://github.com/lxc/lxc/commit/f411d61b6b7209ca90014c1f491226338fc40107
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/abstractions/start-container
Log Message:
-----------
AppArmor: add make-rslave to usr.bin.lxc-start
The profile already contains
mount options=(rw, make-slave) -> **,
Which allows going through all mountpoints with make-slave,
so it seems to make sense to also allow the directly
recursive variant with "make-rslave".
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
Commit: 3d28057b23d4b98b96aef71ae661a0e53a400b98
https://github.com/lxc/lxc/commit/3d28057b23d4b98b96aef71ae661a0e53a400b98
Author: Preetam D'Souza <preetamjdsouza at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/include/lxcmntent.h
Log Message:
-----------
Include all lxcmntent.h function declarations on Bionic
Newer versions of Android (5.0+, aka API Level 21+) include mntent.h,
which declares setmntent and endmntent. This hits an edge
case with the preprocessor checks in lxcmntent.h because HAVE_SETMNTENT
and HAVE_ENDMNTENT are both defined (in Bionic's mntent.h), but conf.c
always includes lxcmntent.h on Bionic! As a result, we get compiler
warnings of implicit function declarations for setmntent endmntent.
This patch always includes setmntent/endmntent/hasmntopt function
declarations on Bionic, which gets rid of these warnings.
Signed-off-by: Preetam D'Souza <preetamjdsouza at gmail.com>
Commit: 1f72ca8576d78038a8bd715dea075802e5b8f14e
https://github.com/lxc/lxc/commit/1f72ca8576d78038a8bd715dea075802e5b8f14e
Author: Antonio Terceiro <terceiro at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
lxc-debian: fix regression when creating wheezy containers
The regression was introduced by commit
3c39b0b7a2b445e08d2e2aecb05566075f4f3423 which makes it possible to
create working stretch containers by forcinig `init` to be in the
included package list.
However, `init` didn't exit before jessie, so now for wheezy we
explicitly include `sysvinit`; sysvinit on wheezy is essential,
so it would already be included anyway.
Signed-off-by: Antonio Terceiro <terceiro at debian.org>
Commit: 3246ae572c862e3a9630130e23e4cae3638ac8ef
https://github.com/lxc/lxc/commit/3246ae572c862e3a9630130e23e4cae3638ac8ef
Author: Vitaly Lavrov <vel21ripn at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Set up MTU for vlan-type interfaces.
Signed-off-by: Vitaly Lavrov <vel21ripn at gmail.com>
Commit: 7c8e003ea715209ce351cd811721ee3c4553ed81
https://github.com/lxc/lxc/commit/7c8e003ea715209ce351cd811721ee3c4553ed81
Author: Andreas Freudenberg <andreas.freudenberg at licomonch.net>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
templates: avoid noisy perl warnings caused by missing locales
Signed-off-by: Andreas Freudenberg <andreas.freudenberg at licomonch.net>
Commit: f5720a0323a28e1dd97667ff7dbcab05f69e3249
https://github.com/lxc/lxc/commit/f5720a0323a28e1dd97667ff7dbcab05f69e3249
Author: Sergio Schvezov <sergio.schvezov at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M lxc.pc.in
Log Message:
-----------
Add a prefix to the lxc.pc
This allows installing to different locations and using
the lxc.pc to build using the generated includedir and
libdir.
Signed-off-by: Sergio Schvezov <sergio.schvezov at ubuntu.com>
Commit: 791c686a941ccd52ab3f641cf1ca37c97ddc4ad3
https://github.com/lxc/lxc/commit/791c686a941ccd52ab3f641cf1ca37c97ddc4ad3
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: set pty_info to NULL after free
This fixes a double free corruption on container-requested
reboots when lxc_spawn() fails before receiving the ttys, as
lxc_fini() (part of __lxc_start()'s cleanup) calls
lxc_delete_tty().
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 679ca2c48ce58b4ff5081b48bd45e2bcfe9cb8f1
https://github.com/lxc/lxc/commit/679ca2c48ce58b4ff5081b48bd45e2bcfe9cb8f1
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/apparmor/abstractions/container-base
Log Message:
-----------
apparmor: Refresh generated file
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: a4b3ffa751ee50a9b647c7e82859e514fa8fbc35
https://github.com/lxc/lxc/commit/a4b3ffa751ee50a9b647c7e82859e514fa8fbc35
Author: Christian Brauner <cbrauner at suse.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc_create.c
Log Message:
-----------
tools: add missing newline in lxc-create output
Signed-off-by: Christian Brauner <cbrauner at suse.de>
Commit: 6352026d7a6da214210c026b9f3a4252d039b731
https://github.com/lxc/lxc/commit/6352026d7a6da214210c026b9f3a4252d039b731
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-download.in
Log Message:
-----------
Use full GPG fingerprint instead of long IDs.
With how easy it is to create a collision on a short ID nowadays and
given that the user doesn't actually have to remember or manually enter
the key ID, lets just use the full fingerprint from now on.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: ac1753d11479c22d577f4f2f3043d9e3a84cfb40
https://github.com/lxc/lxc/commit/ac1753d11479c22d577f4f2f3043d9e3a84cfb40
Author: James Cowgill <james410 at cowgill.org.uk>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/utils.h
Log Message:
-----------
utils: Add mips signalfd syscall numbers
Signed-off-by: James Cowgill <james410 at cowgill.org.uk>
Commit: 81ba4c3a52fc97c99a69a705eb8da6c6024b5488
https://github.com/lxc/lxc/commit/81ba4c3a52fc97c99a69a705eb8da6c6024b5488
Author: James Cowgill <james410 at cowgill.org.uk>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: Implement MIPS seccomp handling
MIPS processors implement 3 ABIs: o32, n64 and n32 (similar to x32). The kernel
treats each ABI separately so syscalls disallowed on "all" arches should be
added to all three seccomp sets. This is implemented by expanding compat_arch
and compat_ctx to accept two compat architectures.
After this, the MIPS hostarch detection code and config section code is added.
Signed-off-by: James Cowgill <james410 at cowgill.org.uk>
Commit: 0c3f6c3353d47b836a99eab34ae6fccb9d61c618
https://github.com/lxc/lxc/commit/0c3f6c3353d47b836a99eab34ae6fccb9d61c618
Author: James Cowgill <james410 at cowgill.org.uk>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
seccomp: Add mips and mips64 entries to lxc_config_parse_arch
Fixes "unsupported personality" warnings when starting containers.
Signed-off-by: James Cowgill <james410 at cowgill.org.uk>
Commit: 2141c533dd2ad87cb9cdd46b9ae8c71f1f9bb565
https://github.com/lxc/lxc/commit/2141c533dd2ad87cb9cdd46b9ae8c71f1f9bb565
Author: James Cowgill <james410 at cowgill.org.uk>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: fix strerror()
Signed-off-by: James Cowgill <james410 at cowgill.org.uk>
Commit: 9891ca95a0e2c4e9d85d5295f98903ad9dc1bbf2
https://github.com/lxc/lxc/commit/9891ca95a0e2c4e9d85d5295f98903ad9dc1bbf2
Author: Christian Brauner <cbrauner at suse.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
confile: add more archs to lxc_config_parse_arch()
Signed-off-by: Christian Brauner <cbrauner at suse.de>
Commit: aacdafcc352b07f459a519644829df7cc5ce2dc9
https://github.com/lxc/lxc/commit/aacdafcc352b07f459a519644829df7cc5ce2dc9
Author: Christian Brauner <cbrauner at suse.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: add support for s390x
Signed-off-by: Christian Brauner <cbrauner at suse.de>
Commit: 2bd4573ea8ad6abbaea61995ef248cfa826085d4
https://github.com/lxc/lxc/commit/2bd4573ea8ad6abbaea61995ef248cfa826085d4
Author: Christian Brauner <cbrauner at suse.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: remove double include and order includes
Signed-off-by: Christian Brauner <cbrauner at suse.de>
Commit: e721f119d5c5111c8fca0df586c03c0b9926d56f
https://github.com/lxc/lxc/commit/e721f119d5c5111c8fca0df586c03c0b9926d56f
Author: Christian Brauner <cbrauner at suse.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: non functional changes
- log more errnos
- adapt coding style
Signed-off-by: Christian Brauner <cbrauner at suse.de>
Commit: 200272c1892b25d56de91da2dbce6a7614e26f09
https://github.com/lxc/lxc/commit/200272c1892b25d56de91da2dbce6a7614e26f09
Author: Elan Ruusamäe <glen at delfi.ee>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-fedora.in
Log Message:
-----------
templates: fedora requires openssl binary
/usr/share/lxc/templates/lxc-fedora: line 1078: openssl: command not found
Signed-off-by: Elan Ruusamäe <glen at delfi.ee>
Commit: 6a61b1a7290d8cc75817efc2b0e359a88727a3e7
https://github.com/lxc/lxc/commit/6a61b1a7290d8cc75817efc2b0e359a88727a3e7
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M doc/api/Doxyfile
Log Message:
-----------
set FULL_PATH_NAMES=NO in doc/api/Doxyfile
otherwise the generated docs have the full build path in them
and nonbody cares that the files were built in
/build/lxc-_BVY2u/lxc-2.0.4/src/lxc/
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: 000d60eadfc034ceb465729995ae1fdabb3fc440
https://github.com/lxc/lxc/commit/000d60eadfc034ceb465729995ae1fdabb3fc440
Author: Christian Brauner <christian.brauner at mailbox.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/console.c
Log Message:
-----------
console: use correct log name
lxc_console is used with lxc_console.c
Signed-off-by: Christian Brauner <christian.brauner at mailbox.org>
Commit: 6a04409aa7f1d5507e7e20d2ccb95bb5bafe765a
https://github.com/lxc/lxc/commit/6a04409aa7f1d5507e7e20d2ccb95bb5bafe765a
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
lxczfs: small fixes
- We expect destroy to fail in zfs_clone() so try to silence it so users are
not irritated when they create zfs snapshots.
- Add -r recursive to zfs_destroy(). This code is only hit when a) the
container has no snapshots or b) the user calls destroy with snapshots. So
this should be safe. Without -r snapshots will remain.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: cf9d209ce1a703e9f4edd37f37c5732ea22e2365
https://github.com/lxc/lxc/commit/cf9d209ce1a703e9f4edd37f37c5732ea22e2365
Author: Lukas Pirl <github at lukas-pirl.de>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/bdev.c
Log Message:
-----------
make rsync deal with sparse files efficiently
Signed-off-by: Lukas Pirl <git at lukas-pirl.de>
Commit: 75275a1e8c15db0f94468f0bc90a9e41348106c8
https://github.com/lxc/lxc/commit/75275a1e8c15db0f94468f0bc90a9e41348106c8
Author: Thierry Fauck <tfauck at free.fr>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
lxc-create -t debian fails on ppc64el arch
Template catches arch from uname -m, but for ppc64el system, arch reports ppc64le
which doesn't match image repo.
Signed-off-by: Thierry Fauck <tfauck at free.fr>
Signed-off-by: Serge Hallyn <serge at hallyn.com>
Commit: c5c63275524da02ae881e35e8583cb72462750bd
https://github.com/lxc/lxc/commit/c5c63275524da02ae881e35e8583cb72462750bd
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
utils: fix lxc_string_split()
Make sure we don't return uninitialized memory.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: df3e388aba421ad26dedc5af2b65f58f4ff7ce59
https://github.com/lxc/lxc/commit/df3e388aba421ad26dedc5af2b65f58f4ff7ce59
Author: Roman Mueller <roman.mueller at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-centos.in
M templates/lxc-download.in
Log Message:
-----------
Fix spelling of CentOS in the templates
Signed-off-by: Roman Mueller <roman.mueller at gmail.com>
Commit: 957edbf83b0e35214963cd5d5be492fb88083a93
https://github.com/lxc/lxc/commit/957edbf83b0e35214963cd5d5be492fb88083a93
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/python-lxc/examples/api_test.py
M src/python-lxc/examples/pyconsole-vte.py
M src/python-lxc/examples/pyconsole.py
Log Message:
-----------
mark the python examples as having utf-8 encoding
this allows running them also under Python2, which otherwise
would choke on Stéphane's name and error out with
SyntaxError: Non-ASCII character '\xc3' in file …
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: dff34a76418d96a0a34cc56974c40fc24336694d
https://github.com/lxc/lxc/commit/dff34a76418d96a0a34cc56974c40fc24336694d
Author: Lans Zhang <jia.zhang at windriver.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/log.c
Log Message:
-----------
log: sanity check the returned value from snprintf()
The returned value from snprintf() should be checked carefully.
This bug can be leveraged to execute arbitrary code through carefully
constructing the payload, e.g,
lxc-freeze -n `python -c "print 'AAAAAAAA' + 'B'*959"` -P PADPAD -o /tmp/log
This command running on Ubuntu 14.04 (x86-64) can cause a segment fault.
Signed-off-by: Lans Zhang <jia.zhang at windriver.com>
Commit: e224b75f4a8e8bea45b4fd304c44fd5c7b7b9241
https://github.com/lxc/lxc/commit/e224b75f4a8e8bea45b4fd304c44fd5c7b7b9241
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-archlinux.in
Log Message:
-----------
archlinux: Do DHCP on eth0
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 5d4c9e5ff09666df5ed2778354048593017200be
https://github.com/lxc/lxc/commit/5d4c9e5ff09666df5ed2778354048593017200be
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-archlinux.in
Log Message:
-----------
archlinux: Fix resolving
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: af28b82badc101f72e2abffaaf98edb2ddf4ddf3
https://github.com/lxc/lxc/commit/af28b82badc101f72e2abffaaf98edb2ddf4ddf3
Author: Jafar Al-Gharaibeh <to.jafar at gmail.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/arguments.h
M src/lxc/lxc.h
Log Message:
-----------
Drop leftover references to lxc_strerror().
lxc_strerror() was dropped long time ago, in 2009 to be exact.
Related commit:
https://github.com/lxc/lxc/commit/7cee8789514fb42d6a48d50b904e24284f5526e3
Signed-off-by: Jafar Al-Gharaibeh <to.jafar at gmail.com>
Commit: afc54276bbedf897103e080c9b7f4ceda2a1fe6d
https://github.com/lxc/lxc/commit/afc54276bbedf897103e080c9b7f4ceda2a1fe6d
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
s390x: Fix seccomp handling of personalities
There are no personalities for s390x, so don't list itself as one.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 0e3e1eae8a850b9d0e51c20df89e10251ae8cf27
https://github.com/lxc/lxc/commit/0e3e1eae8a850b9d0e51c20df89e10251ae8cf27
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-ubuntu.in
Log Message:
-----------
ubuntu: Fix package upgrades requiring proc
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 4f0ae31f2706e8f4eb696e17c486600cae28b068
https://github.com/lxc/lxc/commit/4f0ae31f2706e8f4eb696e17c486600cae28b068
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M lxc.spec.in
Log Message:
-----------
use python3_sitearch for including the python code
Closes: #502
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: 46e81ec324cd93f4a702641d0caa4af406025b85
https://github.com/lxc/lxc/commit/46e81ec324cd93f4a702641d0caa4af406025b85
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: fix invalid free()
And let's be on the safe side by NULLing free()ed variables.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: 75fe639827f94ad966cdb3f3b79c7b27c7e8c7fd
https://github.com/lxc/lxc/commit/75fe639827f94ad966cdb3f3b79c7b27c7e8c7fd
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: add print_cgfs_init_debuginfo()
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: 2ca5963c28a4f7b9149586c7490d5bc534506e95
https://github.com/lxc/lxc/commit/2ca5963c28a4f7b9149586c7490d5bc534506e95
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: skip empty entries under /proc/self/cgroup
If cgroupv2 is enabled either alone or together with legacy hierarchies
/proc/self/cgroup can contain entries of the form:
0::/
These entries need to be skipped.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: 5eb8b13018f85860da5efcae40cadc735fbcbf22
https://github.com/lxc/lxc/commit/5eb8b13018f85860da5efcae40cadc735fbcbf22
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/lxc_stop.c
Log Message:
-----------
tools: use correct exit code for lxc-stop
When the container is already running our manpage promises to exit with 2.
Let's make it so.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: 921173af963b34e9c38c71d67c680f2dffdfe16b
https://github.com/lxc/lxc/commit/921173af963b34e9c38c71d67c680f2dffdfe16b
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
M src/lxc/conf.h
M src/lxc/start.c
Log Message:
-----------
conf: merge network namespace move & rename on shutdown
On shutdown we move physical network interfaces back to the
host namespace and rename them afterwards as well as in the
later lxc_network_delete() step. However, if the device had
a name which already exists in the host namespace then the
moving fails and so do the subsequent rename attempts. When
the namespace ceases to exist the devices finally end up
in the host namespace named 'dev<ID>' by the kernel.
In order to avoid this, we do the moving and renaming in a
single step (lxc_netdev_move_by_*()'s move & rename happen
in a single netlink transaction).
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 20aa5993a60582fea85f471abcd64bd9ccb78990
https://github.com/lxc/lxc/commit/20aa5993a60582fea85f471abcd64bd9ccb78990
Author: mgariepy <mgariepy at users.noreply.github.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-centos.in
Log Message:
-----------
create symlink for /var/run
this patch create /var/run link to point to /run.
This will fix various issue present when /var/run is persistent.
Signed-off-by: Marc Gariepy <gariepy.marc at gmail.com>
Commit: 648f2ac613daa83bed6345fb7cd611199585025f
https://github.com/lxc/lxc/commit/648f2ac613daa83bed6345fb7cd611199585025f
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/cgfs.c
Log Message:
-----------
cgfs: explicitly check for NULL
Somehow this implementation of a cgroupfs backend decided to use the hierarchy
numbers it detects in /proc/cgroups and /proc/self/cgroups as indices for
the hierarchy struct. Controller numbering usually starts at 1 but may start at
0 if:
a) the controller is not mounted on a cgroups v1 hierarchy;
b) the controller is bound to the cgroups v2 single unified hierarchy; or
c) the controller is disabled
To avoid having to rework our fallback backend significantly, we should
explicitly check for each controller if hierarchy[i] != NULL.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: 0c841790ab002f0241b088ce01579dd1d7d029f7
https://github.com/lxc/lxc/commit/0c841790ab002f0241b088ce01579dd1d7d029f7
Author: Po-Hsu Lin <po-hsu.lin at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-ubuntu-cloud.in
Log Message:
-----------
templates: add squashfs support to lxc-ubuntu-cloud.in
Add squashfs format file support for lxc-ubuntu-cloud.in
Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
Commit: fb8b3a8ebecf9658082514805ea58cdda5a7ac44
https://github.com/lxc/lxc/commit/fb8b3a8ebecf9658082514805ea58cdda5a7ac44
Author: Evgeni Golov <evgeni at debian.org>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M config/bash/Makefile.am
M configure.ac
Log Message:
-----------
install bash completion where pkg-config tells us to
Signed-off-by: Evgeni Golov <evgeni at debian.org>
Commit: 44b6c076808ad82c91dd06a9c3f0755f35473186
https://github.com/lxc/lxc/commit/44b6c076808ad82c91dd06a9c3f0755f35473186
Author: Christian Brauner <christian.brauner at canonical.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: do not use %m format specifier
This is a GNU extension and some libcs might be missing it.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
Commit: dfaf86280fea43b4b6ad369871d9b6a8e33177de
https://github.com/lxc/lxc/commit/dfaf86280fea43b4b6ad369871d9b6a8e33177de
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2016-11-17 (Thu, 17 Nov 2016)
Changed paths:
M templates/lxc-debian.in
Log Message:
-----------
debian: Don't depend on libui-dialog-perl
This package doesn't exist in stretch anymore, and it's unclear why we
were depending on a library to begin with (as opposed to having it
brought by whatever needs it).
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Compare: https://github.com/lxc/lxc/compare/584e39175f0c...dfaf86280fea
More information about the lxc-devel
mailing list