[lxc-devel] [lxc/master] update doc and test
0x0916 on Github
lxc-bot at linuxcontainers.org
Wed Jul 12 03:11:06 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170712/edd797c1/attachment.bin>
-------------- next part --------------
From 69e38e009b8a79b1e48e6b32a3af2e8a0ea237a4 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 09:43:49 +0800
Subject: [PATCH 01/12] doc: s/aa_allow_incomplete/apparmor.allow_incomplete/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ja/lxc.container.conf.sgml.in | 2 +-
doc/ko/lxc.container.conf.sgml.in | 2 +-
doc/lxc.container.conf.sgml.in | 2 +-
src/lxc/confile.c | 2 +-
src/lxc/lsm/apparmor.c | 2 +-
src/tests/lxc-test-apparmor-mount | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/doc/ja/lxc.container.conf.sgml.in b/doc/ja/lxc.container.conf.sgml.in
index 370856bba..364ecd9ab 100644
--- a/doc/ja/lxc.container.conf.sgml.in
+++ b/doc/ja/lxc.container.conf.sgml.in
@@ -1715,7 +1715,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
</varlistentry>
<varlistentry>
<term>
- <option>lxc.aa_allow_incomplete</option>
+ <option>lxc.apparmor.allow_incomplete</option>
</term>
<listitem>
<para>
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index d6deb6ccb..1454addfa 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1655,7 +1655,7 @@ proc proc proc nodev,noexec,nosuid 0 0
</varlistentry>
<varlistentry>
<term>
- <option>lxc.aa_allow_incomplete</option>
+ <option>lxc.apparmor.allow_incomplete</option>
</term>
<listitem>
<para>
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 390f6c05c..b59d3181f 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -1242,7 +1242,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
</varlistentry>
<varlistentry>
<term>
- <option>lxc.aa_allow_incomplete</option>
+ <option>lxc.apparmor.allow_incomplete</option>
</term>
<listitem>
<para>
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 73532eccc..55917e8c4 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1370,7 +1370,7 @@ static int set_config_apparmor_allow_incomplete(const char *key,
return -1;
if (lxc_conf->lsm_aa_allow_incomplete > 1) {
- ERROR("Wrong value for lxc.lsm_aa_allow_incomplete. Can only "
+ ERROR("Wrong value for lxc.apparmor.allow_incomplete. Can only "
"be set to 0 or 1");
return -1;
}
diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c
index c0b2e340d..8098fde9e 100644
--- a/src/lxc/lsm/apparmor.c
+++ b/src/lxc/lsm/apparmor.c
@@ -218,7 +218,7 @@ static int apparmor_process_label_set(const char *inlabel, struct lxc_conf *conf
WARN("Incomplete AppArmor support in your kernel");
if (!conf->lsm_aa_allow_incomplete) {
ERROR("If you really want to start this container, set");
- ERROR("lxc.aa_allow_incomplete = 1");
+ ERROR("lxc.apparmor.allow_incomplete = 1");
ERROR("in your container configuration file");
return -1;
}
diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount
index 891cd7a7c..0523a80ae 100755
--- a/src/tests/lxc-test-apparmor-mount
+++ b/src/tests/lxc-test-apparmor-mount
@@ -213,7 +213,7 @@ run_cmd lxc-stop -n $cname -k
echo "testing override"
sed -i '/aa_profile/d' $HDIR/.local/share/lxc/$cname/config
-echo "lxc.aa_allow_incomplete = 1" >> $HDIR/.local/share/lxc/$cname/config
+echo "lxc.apparmor.allow_incomplete = 1" >> $HDIR/.local/share/lxc/$cname/config
run_cmd lxc-start -n $cname -d
run_cmd lxc-wait -n $cname -s RUNNING
pid=`run_cmd lxc-info -p -H -n $cname`
From a1d5fdfd9be3d4aaf9e35f04ade20df555a6e802 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 09:53:58 +0800
Subject: [PATCH 02/12] doc: s/aa_profile/apparmor.profile/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
config/templates/debian.common.conf.in | 4 ++--
config/templates/nesting.conf.in | 2 +-
config/templates/ubuntu.common.conf.in | 4 ++--
doc/ja/lxc.container.conf.sgml.in | 6 +++---
doc/ko/lxc.container.conf.sgml.in | 6 +++---
doc/lxc.container.conf.sgml.in | 6 +++---
src/tests/attach.c | 2 +-
src/tests/lxc-test-apparmor-mount | 8 ++++----
templates/lxc-altlinux.in | 2 +-
templates/lxc-busybox.in | 2 +-
templates/lxc-centos.in | 2 +-
templates/lxc-cirros.in | 2 +-
templates/lxc-fedora-legacy.in | 2 +-
templates/lxc-fedora.in | 2 +-
templates/lxc-openmandriva.in | 2 +-
templates/lxc-opensuse.in | 2 +-
templates/lxc-pld.in | 2 +-
templates/lxc-sshd.in | 2 +-
18 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/config/templates/debian.common.conf.in b/config/templates/debian.common.conf.in
index b11f27f62..4e6a6e6a3 100644
--- a/config/templates/debian.common.conf.in
+++ b/config/templates/debian.common.conf.in
@@ -7,12 +7,12 @@ lxc.tty.dir =
# When using LXC with apparmor, the container will be confined by default.
# If you wish for it to instead run unconfined, copy the following line
# (uncommented) to the container's configuration file.
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
# If you wish to allow mounting block filesystems, then use the following
# line instead, and make sure to grant access to the block device and/or loop
# devices below in lxc.cgroup.devices.allow.
-#lxc.aa_profile = lxc-container-default-with-mounting
+#lxc.apparmor.profile = lxc-container-default-with-mounting
# Extra cgroup device access
## rtc
diff --git a/config/templates/nesting.conf.in b/config/templates/nesting.conf.in
index b712ef6bf..7620a0a84 100644
--- a/config/templates/nesting.conf.in
+++ b/config/templates/nesting.conf.in
@@ -1,5 +1,5 @@
# Use a profile which allows nesting
-lxc.aa_profile = lxc-container-default-with-nesting
+lxc.apparmor.profile = lxc-container-default-with-nesting
# Add uncovered mounts of proc and sys, else unprivileged users
# cannot remount those
diff --git a/config/templates/ubuntu.common.conf.in b/config/templates/ubuntu.common.conf.in
index a1c60d244..ff8ef6a8f 100644
--- a/config/templates/ubuntu.common.conf.in
+++ b/config/templates/ubuntu.common.conf.in
@@ -10,7 +10,7 @@ lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0
# When using LXC with apparmor, the container will be confined by default.
# If you wish for it to instead run unconfined, copy the following line
# (uncommented) to the container's configuration file.
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
# Uncomment the following line to autodetect squid-deb-proxy configuration on the
# host and forward it to the guest at start time.
@@ -19,7 +19,7 @@ lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0
# If you wish to allow mounting block filesystems, then use the following
# line instead, and make sure to grant access to the block device and/or loop
# devices below in lxc.cgroup.devices.allow.
-#lxc.aa_profile = lxc-container-default-with-mounting
+#lxc.apparmor.profile = lxc-container-default-with-mounting
# Extra cgroup device access
## rtc
diff --git a/doc/ja/lxc.container.conf.sgml.in b/doc/ja/lxc.container.conf.sgml.in
index 364ecd9ab..54616b692 100644
--- a/doc/ja/lxc.container.conf.sgml.in
+++ b/doc/ja/lxc.container.conf.sgml.in
@@ -1690,7 +1690,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<variablelist>
<varlistentry>
<term>
- <option>lxc.aa_profile</option>
+ <option>lxc.apparmor.profile</option>
</term>
<listitem>
<para>
@@ -1702,7 +1702,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
コンテナが従うべき apparmor プロファイルを指定します。
コンテナが apparmor による制限を受けないように設定するには、以下のように設定します。
</para>
- <programlisting>lxc.aa_profile = unconfined</programlisting>
+ <programlisting>lxc.apparmor.profile = unconfined</programlisting>
<para>
<!--
If the apparmor profile should remain unchanged (i.e. if you
@@ -1710,7 +1710,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
-->
もし apparmor プロファイルが変更されないままでなくてはならない場合 (ネストしたコンテナである場合や、すでに confined されている場合) は以下のように設定します。
</para>
- <programlisting>lxc.aa_profile = unchanged</programlisting>
+ <programlisting>lxc.apparmor.profile = unchanged</programlisting>
</listitem>
</varlistentry>
<varlistentry>
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 1454addfa..49077b709 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1630,7 +1630,7 @@ proc proc proc nodev,noexec,nosuid 0 0
<variablelist>
<varlistentry>
<term>
- <option>lxc.aa_profile</option>
+ <option>lxc.apparmor.profile</option>
</term>
<listitem>
<para>
@@ -1642,7 +1642,7 @@ proc proc proc nodev,noexec,nosuid 0 0
컨테이너가 따라야할 apparmor 프로파일을 지정한다.
컨테이너가 apparmor로 인한 제한을 받지 않도록 하려면, 아래와 같이 지정하면 된다.
</para>
- <programlisting>lxc.aa_profile = unconfined</programlisting>
+ <programlisting>lxc.apparmor.profile = unconfined</programlisting>
<para>
<!--
If the apparmor profile should remain unchanged (i.e. if you
@@ -1650,7 +1650,7 @@ proc proc proc nodev,noexec,nosuid 0 0
-->
apparmor 프로파일이 변경되지 않아야 한다면(중첩 컨테이너 안에 있고, 이미 confined된 경우), 아래와 같이 지정하면 된다.
</para>
- <programlisting>lxc.aa_profile = unchanged</programlisting>
+ <programlisting>lxc.apparmor.profile = unchanged</programlisting>
</listitem>
</varlistentry>
<varlistentry>
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index b59d3181f..287c8b9fe 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -1224,7 +1224,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
<variablelist>
<varlistentry>
<term>
- <option>lxc.aa_profile</option>
+ <option>lxc.apparmor.profile</option>
</term>
<listitem>
<para>
@@ -1232,12 +1232,12 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
be run. To specify that the container should be unconfined,
use
</para>
- <programlisting>lxc.aa_profile = unconfined</programlisting>
+ <programlisting>lxc.apparmor.profile = unconfined</programlisting>
<para>
If the apparmor profile should remain unchanged (i.e. if you
are nesting containers and are already confined), then use
</para>
- <programlisting>lxc.aa_profile = unchanged</programlisting>
+ <programlisting>lxc.apparmor.profile = unchanged</programlisting>
</listitem>
</varlistentry>
<varlistentry>
diff --git a/src/tests/attach.c b/src/tests/attach.c
index e59d8174d..985cea03b 100644
--- a/src/tests/attach.c
+++ b/src/tests/attach.c
@@ -55,7 +55,7 @@ static void test_lsm_detect(void)
lsm_label = "unconfined_u:unconfined_r:lxc_t:s0-s0:c0.c1023";
}
else if (!strcmp(lsm_name(), "AppArmor")) {
- lsm_config_key = "lxc.aa_profile";
+ lsm_config_key = "lxc.apparmor.profile";
if (file_exists("/proc/self/ns/cgroup"))
lsm_label = "lxc-container-default-cgns";
else
diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount
index 0523a80ae..390c6f46c 100755
--- a/src/tests/lxc-test-apparmor-mount
+++ b/src/tests/lxc-test-apparmor-mount
@@ -170,7 +170,7 @@ fi
run_cmd lxc-stop -n $cname -k
echo "test regular unconfined container"
-echo "lxc.aa_profile = unconfined" >> $HDIR/.local/share/lxc/$cname/config
+echo "lxc.apparmor.profile = unconfined" >> $HDIR/.local/share/lxc/$cname/config
run_cmd lxc-start -n $cname -d
run_cmd lxc-wait -n $cname -s RUNNING
pid=`run_cmd lxc-info -p -H -n $cname`
@@ -185,7 +185,7 @@ echo "masking $MOUNTSR"
mount --bind $dnam $MOUNTSR
echo "test default confined container"
-sed -i '/aa_profile/d' $HDIR/.local/share/lxc/$cname/config
+sed -i '/apparmor.profile/d' $HDIR/.local/share/lxc/$cname/config
run_cmd lxc-start -n $cname -d || true
sleep 3
pid=`run_cmd lxc-info -p -H -n $cname` || true
@@ -196,7 +196,7 @@ if [ -n "$pid" -a "$pid" != "-1" ]; then
fi
echo "test regular unconfined container"
-echo "lxc.aa_profile = unconfined" >> $HDIR/.local/share/lxc/$cname/config
+echo "lxc.apparmor.profile = unconfined" >> $HDIR/.local/share/lxc/$cname/config
run_cmd lxc-start -n $cname -d
run_cmd lxc-wait -n $cname -s RUNNING
pid=`run_cmd lxc-info -p -H -n $cname`
@@ -212,7 +212,7 @@ fi
run_cmd lxc-stop -n $cname -k
echo "testing override"
-sed -i '/aa_profile/d' $HDIR/.local/share/lxc/$cname/config
+sed -i '/apparmor.profile/d' $HDIR/.local/share/lxc/$cname/config
echo "lxc.apparmor.allow_incomplete = 1" >> $HDIR/.local/share/lxc/$cname/config
run_cmd lxc-start -n $cname -d
run_cmd lxc-wait -n $cname -s RUNNING
diff --git a/templates/lxc-altlinux.in b/templates/lxc-altlinux.in
index 9fde9e37c..b6de74662 100644
--- a/templates/lxc-altlinux.in
+++ b/templates/lxc-altlinux.in
@@ -282,7 +282,7 @@ lxc.pty.max = 1024
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
#networking
#lxc.net.0.type = $lxc_network_type
diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
index c4ba27555..f27efa9ef 100644
--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
@@ -349,7 +349,7 @@ lxc.pty.max = 1
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
lxc.mount.entry = shm /dev/shm tmpfs defaults 0 0
diff --git a/templates/lxc-centos.in b/templates/lxc-centos.in
index f816517ee..6832133b2 100644
--- a/templates/lxc-centos.in
+++ b/templates/lxc-centos.in
@@ -644,7 +644,7 @@ lxc.arch = $arch
lxc.uts.name = $utsname
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
# example simple networking setup, uncomment to enable
#lxc.net.0.type = $lxc_network_type
diff --git a/templates/lxc-cirros.in b/templates/lxc-cirros.in
index e884086a9..de79dafd8 100644
--- a/templates/lxc-cirros.in
+++ b/templates/lxc-cirros.in
@@ -128,7 +128,7 @@ lxc.arch = $arch
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
lxc.cgroup.devices.deny = a
diff --git a/templates/lxc-fedora-legacy.in b/templates/lxc-fedora-legacy.in
index 60d83afc6..512adbe5a 100644
--- a/templates/lxc-fedora-legacy.in
+++ b/templates/lxc-fedora-legacy.in
@@ -1130,7 +1130,7 @@ lxc.arch = $arch
lxc.uts.name = $utsname
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
# example simple networking setup, uncomment to enable
#lxc.net.0.type = $lxc_network_type
diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
index 3191757ec..57c5569bc 100644
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
@@ -489,7 +489,7 @@ lxc.arch = ${basearch}
lxc.uts.name = ${utsname}
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
# example simple networking setup, uncomment to enable
#lxc.net.0.type = ${lxc_network_type}
diff --git a/templates/lxc-openmandriva.in b/templates/lxc-openmandriva.in
index 60dee6a7f..6fefb45c1 100644
--- a/templates/lxc-openmandriva.in
+++ b/templates/lxc-openmandriva.in
@@ -235,7 +235,7 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
#networking
lxc.net.0.type = $lxc_network_type
diff --git a/templates/lxc-opensuse.in b/templates/lxc-opensuse.in
index 25b59edad..29f9f4178 100644
--- a/templates/lxc-opensuse.in
+++ b/templates/lxc-opensuse.in
@@ -355,7 +355,7 @@ lxc.uts.name = $name
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
# When using LXC with apparmor, uncomment the next line to run unconfined:
-lxc.aa_profile = unconfined
+lxc.apparmor.profile = unconfined
# example simple networking setup, uncomment to enable
#lxc.net.0.type = $lxc_network_type
diff --git a/templates/lxc-pld.in b/templates/lxc-pld.in
index 1f4f3641e..b748cb87b 100644
--- a/templates/lxc-pld.in
+++ b/templates/lxc-pld.in
@@ -248,7 +248,7 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
lxc.autodev = $auto_dev
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
## Devices
# Allow all devices
diff --git a/templates/lxc-sshd.in b/templates/lxc-sshd.in
index 3e410c3cd..e6f90ad7c 100644
--- a/templates/lxc-sshd.in
+++ b/templates/lxc-sshd.in
@@ -134,7 +134,7 @@ lxc.pty.max = 1024
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
-#lxc.aa_profile = unconfined
+#lxc.apparmor.profile = unconfined
lxc.mount.entry = /dev dev none ro,bind 0 0
lxc.mount.entry = /lib lib none ro,bind 0 0
From b84702ab432bd44f6d5a649eb0b7a6263ba44d19 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 09:58:35 +0800
Subject: [PATCH 03/12] doc: s/se_context/selinux.context/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
config/selinux/lxc.te | 2 +-
doc/ja/lxc.container.conf.sgml.in | 4 ++--
doc/ko/lxc.container.conf.sgml.in | 4 ++--
doc/lxc.container.conf.sgml.in | 4 ++--
src/tests/attach.c | 2 +-
5 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/config/selinux/lxc.te b/config/selinux/lxc.te
index 4ecb9db78..bb4bfe3a8 100644
--- a/config/selinux/lxc.te
+++ b/config/selinux/lxc.te
@@ -7,7 +7,7 @@
# semodule -i lxc.pp
#
# In your container's lxc config:
-# lxc.se_context = system_u:system_r:lxc_t:s0:c62,c86,c150,c228
+# lxc.selinux.context = system_u:system_r:lxc_t:s0:c62,c86,c150,c228
#
# Ensure your container's rootfs files are labeled:
# chcon -R system_u:object_r:lxc_file_t:s0:c62,c86,c150,c228 /path/to/rootfs
diff --git a/doc/ja/lxc.container.conf.sgml.in b/doc/ja/lxc.container.conf.sgml.in
index 54616b692..93adae36d 100644
--- a/doc/ja/lxc.container.conf.sgml.in
+++ b/doc/ja/lxc.container.conf.sgml.in
@@ -1764,7 +1764,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<variablelist>
<varlistentry>
<term>
- <option>lxc.se_context</option>
+ <option>lxc.selinux.context</option>
</term>
<listitem>
<para>
@@ -1774,7 +1774,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
-->
コンテナが従うべき SELinux コンテキストを指定するか、<command>unconfined_t</command> を指定します。例えば以下のように設定します。
</para>
- <programlisting>lxc.se_context = system_u:system_r:lxc_t:s0:c22</programlisting>
+ <programlisting>lxc.selinux.context = system_u:system_r:lxc_t:s0:c22</programlisting>
</listitem>
</varlistentry>
</variablelist>
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 49077b709..76c3655d7 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1704,7 +1704,7 @@ proc proc proc nodev,noexec,nosuid 0 0
<variablelist>
<varlistentry>
<term>
- <option>lxc.se_context</option>
+ <option>lxc.selinux.context</option>
</term>
<listitem>
<para>
@@ -1714,7 +1714,7 @@ proc proc proc nodev,noexec,nosuid 0 0
-->
컨테이너가 따라야할 SELinux 컨텍스트를 지정하거나, <command>unconfined_t</command>를 지정할 수 있다. 예를 들어 아래와 같이 지정 가능하다.
</para>
- <programlisting>lxc.se_context = system_u:system_r:lxc_t:s0:c22</programlisting>
+ <programlisting>lxc.selinux.context = system_u:system_r:lxc_t:s0:c22</programlisting>
</listitem>
</varlistentry>
</variablelist>
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 287c8b9fe..f3b594ea0 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -1278,14 +1278,14 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
<variablelist>
<varlistentry>
<term>
- <option>lxc.se_context</option>
+ <option>lxc.selinux.context</option>
</term>
<listitem>
<para>
Specify the SELinux context under which the container should
be run or <command>unconfined_t</command>. For example
</para>
- <programlisting>lxc.se_context = system_u:system_r:lxc_t:s0:c22</programlisting>
+ <programlisting>lxc.selinux.context = system_u:system_r:lxc_t:s0:c22</programlisting>
</listitem>
</varlistentry>
</variablelist>
diff --git a/src/tests/attach.c b/src/tests/attach.c
index 985cea03b..02c221e1a 100644
--- a/src/tests/attach.c
+++ b/src/tests/attach.c
@@ -51,7 +51,7 @@ static void test_lsm_detect(void)
{
if (lsm_enabled()) {
if (!strcmp(lsm_name(), "SELinux")) {
- lsm_config_key = "lxc.se_context";
+ lsm_config_key = "lxc.selinux.context";
lsm_label = "unconfined_u:unconfined_r:lxc_t:s0-s0:c0.c1023";
}
else if (!strcmp(lsm_name(), "AppArmor")) {
From 501cf9b019c7e47c4eb9f5e97ddf5ed4968477a0 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:04:58 +0800
Subject: [PATCH 04/12] doc: s/seccomp/seccomp.profile/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 76c3655d7..a91073975 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1768,7 +1768,7 @@ mknod errno 0
<variablelist>
<varlistentry>
<term>
- <option>lxc.seccomp</option>
+ <option>lxc.seccomp.profile</option>
</term>
<listitem>
<para>
From a64f3157a16952594bf9a84b30038178a037dbc2 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:23:22 +0800
Subject: [PATCH 05/12] doc: s/lxc.rootfs/lxc.rootfs.path/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ja/lxc.container.conf.sgml.in | 16 ++++++++--------
doc/ko/lxc.container.conf.sgml.in | 16 ++++++++--------
2 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/doc/ja/lxc.container.conf.sgml.in b/doc/ja/lxc.container.conf.sgml.in
index 93adae36d..6c4dadef0 100644
--- a/doc/ja/lxc.container.conf.sgml.in
+++ b/doc/ja/lxc.container.conf.sgml.in
@@ -1438,7 +1438,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<variablelist>
<varlistentry>
<term>
- <option>lxc.rootfs</option>
+ <option>lxc.rootfs.path</option>
</term>
<listitem>
<para>
@@ -1486,7 +1486,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<listitem>
<para>
<!--
- where to recursively bind <option>lxc.rootfs</option>
+ where to recursively bind <option>lxc.rootfs.path</option>
before pivoting. This is to ensure success of the
<citerefentry>
<refentrytitle><command>pivot_root</command></refentrytitle>
@@ -1495,7 +1495,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
syscall. Any directory suffices, the default should
generally work.
-->
- root ファイルシステムの変更の前に、<option>lxc.rootfs</option> を再帰的にどこにバインドするのかを指定します。これは
+ root ファイルシステムの変更の前に、<option>lxc.rootfs.path</option> を再帰的にどこにバインドするのかを指定します。これは
<citerefentry>
<refentrytitle><command>pivot_root</command></refentrytitle>
<manvolnum>8</manvolnum>
@@ -1958,7 +1958,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<listitem><para> LXC_ROOTFS_MOUNT: the path to the mounted root filesystem. </para></listitem>
<listitem><para> LXC_CONFIG_FILE: the path to the container configuration file. </para></listitem>
<listitem><para> LXC_SRC_NAME: in the case of the clone hook, this is the original container's name. </para></listitem>
- <listitem><para> LXC_ROOTFS_PATH: this is the lxc.rootfs entry for the container. Note this is likely not where the mounted rootfs is to be found, use LXC_ROOTFS_MOUNT for that. </para></listitem>
+ <listitem><para> LXC_ROOTFS_PATH: this is the lxc.rootfs.path entry for the container. Note this is likely not where the mounted rootfs is to be found, use LXC_ROOTFS_MOUNT for that. </para></listitem>
</itemizedlist>
-->
コンテナのフックが実行されるとき、情報がコマンドライン引数と環境変数の両方を通して渡されます。引数は:
@@ -1974,7 +1974,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<listitem><para> LXC_ROOTFS_MOUNT: マウントされた root ファイルシステムへのパス</para></listitem>
<listitem><para> LXC_CONFIG_FILE: コンテナの設定ファイルのパス </para></listitem>
<listitem><para> LXC_SRC_NAME: clone フックの場合、元のコンテナの名前</para></listitem>
- <listitem><para> LXC_ROOTFS_PATH: コンテナの lxc.rootfs エントリ。これはマウントされた rootfs が存在する場所にはならないでしょう。それには LXC_ROOTFS_MOUNT を使用してください。</para></listitem>
+ <listitem><para> LXC_ROOTFS_PATH: コンテナの lxc.rootfs.path エントリ。これはマウントされた rootfs が存在する場所にはならないでしょう。それには LXC_ROOTFS_MOUNT を使用してください。</para></listitem>
</itemizedlist>
</para>
<para>
@@ -2280,10 +2280,10 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
<!--
The host relative path to the container root which has been
mounted to the rootfs.mount location.
- [<option>lxc.rootfs</option>]
+ [<option>lxc.rootfs.path</option>]
-->
rootfs.mount へマウントされるコンテナのルートへのホスト上のパスです。
- [<option>lxc.rootfs</option>]
+ [<option>lxc.rootfs.path</option>]
</para>
</listitem>
</varlistentry>
@@ -2705,7 +2705,7 @@ by KATOH Yasufumi <karma at jazz.email.ne.jp>
lxc.cgroup.devices.allow = b 8:0 rw
lxc.mount.fstab = /etc/fstab.complex
lxc.mount.entry = /lib /root/myrootfs/lib none ro,bind 0 0
- lxc.rootfs = /mnt/rootfs.complex
+ lxc.rootfs.path = dir:/mnt/rootfs.complex
lxc.cap.drop = sys_module mknod setuid net_raw
lxc.cap.drop = mac_override
</programlisting>
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index a91073975..18e968999 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1426,7 +1426,7 @@ proc proc proc nodev,noexec,nosuid 0 0
<variablelist>
<varlistentry>
<term>
- <option>lxc.rootfs</option>
+ <option>lxc.rootfs.path</option>
</term>
<listitem>
<para>
@@ -1471,7 +1471,7 @@ proc proc proc nodev,noexec,nosuid 0 0
<listitem>
<para>
<!--
- where to recursively bind <option>lxc.rootfs</option>
+ where to recursively bind <option>lxc.rootfs.path</option>
before pivoting. This is to ensure success of the
<citerefentry>
<refentrytitle><command>pivot_root</command></refentrytitle>
@@ -1480,7 +1480,7 @@ proc proc proc nodev,noexec,nosuid 0 0
syscall. Any directory suffices, the default should
generally work.
-->
- 루트 파일시스템을 변경하기 전에, <option>lxc.rootfs</option>을 어디에 재귀적으로 바인드할지 정한다. 이는
+ 루트 파일시스템을 변경하기 전에, <option>lxc.rootfs.path</option>을 어디에 재귀적으로 바인드할지 정한다. 이는
<citerefentry>
<refentrytitle><command>pivot_root</command></refentrytitle>
<manvolnum>8</manvolnum>
@@ -1889,7 +1889,7 @@ mknod errno 0
<listitem><para> LXC_ROOTFS_MOUNT: the path to the mounted root filesystem. </para></listitem>
<listitem><para> LXC_CONFIG_FILE: the path to the container configuration file. </para></listitem>
<listitem><para> LXC_SRC_NAME: in the case of the clone hook, this is the original container's name. </para></listitem>
- <listitem><para> LXC_ROOTFS_PATH: this is the lxc.rootfs entry for the container. Note this is likely not where the mounted rootfs is to be found, use LXC_ROOTFS_MOUNT for that. </para></listitem>
+ <listitem><para> LXC_ROOTFS_PATH: this is the lxc.rootfs.path entry for the container. Note this is likely not where the mounted rootfs is to be found, use LXC_ROOTFS_MOUNT for that. </para></listitem>
</itemizedlist>
-->
컨테이너 훅이 실행될 때, 정보는 명령어 인수나 환경 변수를 통해 넘겨진다.
@@ -1906,7 +1906,7 @@ mknod errno 0
<listitem><para> LXC_ROOTFS_MOUNT: 마운트될 루트 파일시스템의 경로</para></listitem>
<listitem><para> LXC_CONFIG_FILE: 컨테이너 설정파일의 경로</para></listitem>
<listitem><para> LXC_SRC_NAME: clone 훅의 경우, 원본 컨테이너의 이름</para></listitem>
- <listitem><para> LXC_ROOTFS_PATH: 컨테이너의 lxc.rootfs 항목. 이 것은 마운트된 루트 파일시스템을 가리키는 것이 아님에 주의해야한다. 그 목적을 위해서는 LXC_ROOTFS_MOUNT를 사용해야 한다.</para></listitem>
+ <listitem><para> LXC_ROOTFS_PATH: 컨테이너의 lxc.rootfs.path 항목. 이 것은 마운트된 루트 파일시스템을 가리키는 것이 아님에 주의해야한다. 그 목적을 위해서는 LXC_ROOTFS_MOUNT를 사용해야 한다.</para></listitem>
</itemizedlist>
</para>
<para>
@@ -2206,10 +2206,10 @@ mknod errno 0
<!--
The host relative path to the container root which has been
mounted to the rootfs.mount location.
- [<option>lxc.rootfs</option>]
+ [<option>lxc.rootfs.path</option>]
-->
rootfs.mount에 마운트된 컨테이너 루트의 호스트에서의 경로이다.
- [<option>lxc.rootfs</option>]
+ [<option>lxc.rootfs.path</option>]
</para>
</listitem>
</varlistentry>
@@ -2624,7 +2624,7 @@ mknod errno 0
lxc.cgroup.devices.allow = b 8:0 rw
lxc.mount = /etc/fstab.complex
lxc.mount.entry = /lib /root/myrootfs/lib none ro,bind 0 0
- lxc.rootfs = /mnt/rootfs.complex
+ lxc.rootfs.path = dir:/mnt/rootfs.complex
lxc.cap.drop = sys_module mknod setuid net_raw
lxc.cap.drop = mac_override
</programlisting>
From 5042d96d12bf2181d69864b236e796d884d3ccbb Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:35:51 +0800
Subject: [PATCH 06/12] doc: s/lxc.console/lxc.console.path/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 18e968999..d8b3f5ad0 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -881,7 +881,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
</varlistentry>
<varlistentry>
<term>
- <option>lxc.console</option>
+ <option>lxc.console.path</option>
</term>
<listitem>
<para>
@@ -2150,10 +2150,10 @@ mknod errno 0
<para>
<!--
The path to the console output of the container if not NULL.
- [<option>-c</option>] [<option>lxc.console</option>]
+ [<option>-c</option>] [<option>lxc.console.path</option>]
-->
NULL이 아니라면, 컨테이너의 콘솔의 출력이 저장될 경로.
- [<option>-c</option>] [<option>lxc.console</option>]
+ [<option>-c</option>] [<option>lxc.console.path</option>]
</para>
</listitem>
</varlistentry>
From 0873f85ce7d44242eda1d878189a25298073d78a Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:45:17 +0800
Subject: [PATCH 07/12] doc: s/lxc.tty/lxc.tty.max/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index d8b3f5ad0..5c280f539 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -920,7 +920,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<variablelist>
<varlistentry>
<term>
- <option>lxc.tty</option>
+ <option>lxc.tty.max</option>
</term>
<listitem>
<para>
@@ -957,7 +957,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<variablelist>
<varlistentry>
<term>
- <option>lxc.devttydir</option>
+ <option>lxc.tty.dir</option>
</term>
<listitem>
<para>
From e4075f83857c7a13cea1d8120b0d7a4aa05d0cf3 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:47:34 +0800
Subject: [PATCH 08/12] doc: s/lxc.pts/lxc.pty.max/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 5c280f539..d6e87cbe5 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -837,7 +837,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<variablelist>
<varlistentry>
<term>
- <option>lxc.pts</option>
+ <option>lxc.pty.max</option>
</term>
<listitem>
<para>
From 48d5fccf108843c9202607b477b8dbde0285e7aa Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:51:16 +0800
Subject: [PATCH 09/12] doc: s/lxc.mount/lxc.mount.fstab/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index d6e87cbe5..2b18d4ba9 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -1069,7 +1069,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<variablelist>
<varlistentry>
<term>
- <option>lxc.mount</option>
+ <option>lxc.mount.fstab</option>
</term>
<listitem>
<para>
@@ -2622,7 +2622,7 @@ mknod errno 0
lxc.cgroup.devices.deny = a
lxc.cgroup.devices.allow = c 1:3 rw
lxc.cgroup.devices.allow = b 8:0 rw
- lxc.mount = /etc/fstab.complex
+ lxc.mount.fstab = /etc/fstab.complex
lxc.mount.entry = /lib /root/myrootfs/lib none ro,bind 0 0
lxc.rootfs.path = dir:/mnt/rootfs.complex
lxc.cap.drop = sys_module mknod setuid net_raw
From 2c67dc79878ce1f85365ece17e9604546195f9f1 Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:54:28 +0800
Subject: [PATCH 10/12] doc: s/lxc.net.ipv4/lxc.net.ipv4.address/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 2b18d4ba9..8eabc0b93 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -658,7 +658,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<varlistentry>
<term>
- <option>lxc.net.[i].ipv4</option>
+ <option>lxc.net.[i].ipv4.address</option>
</term>
<listitem>
<para>
@@ -2552,7 +2552,7 @@ mknod errno 0
lxc.net.0.link = br0
lxc.net.0.name = eth0
lxc.net.0.hwaddr = 4a:49:43:49:79:bf
- lxc.net.0.ipv4 = 1.2.3.5/24 1.2.3.255
+ lxc.net.0.ipv4.address = 1.2.3.5/24 1.2.3.255
lxc.net.0.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597
</programlisting>
</refsect2>
@@ -2601,21 +2601,21 @@ mknod errno 0
lxc.net.0.flags = up
lxc.net.0.link = br0
lxc.net.0.hwaddr = 4a:49:43:49:79:bf
- lxc.net.0.ipv4 = 10.2.3.5/24 10.2.3.255
+ lxc.net.0.ipv4.address = 10.2.3.5/24 10.2.3.255
lxc.net.0.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597
lxc.net.0.ipv6 = 2003:db8:1:0:214:5432:feab:3588
lxc.net.1.type = macvlan
lxc.net.1.flags = up
lxc.net.1.link = eth0
lxc.net.1.hwaddr = 4a:49:43:49:79:bd
- lxc.net.1.ipv4 = 10.2.3.4/24
- lxc.net.1.ipv4 = 192.168.10.125/24
+ lxc.net.1.ipv4.address = 10.2.3.4/24
+ lxc.net.1.ipv4.address = 192.168.10.125/24
lxc.net.1.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596
lxc.net.2.type = phys
lxc.net.2.flags = up
lxc.net.2.link = dummy0
lxc.net.2.hwaddr = 4a:49:43:49:79:ff
- lxc.net.2.ipv4 = 10.2.3.6/24
+ lxc.net.2.ipv4.address = 10.2.3.6/24
lxc.net.2.ipv6 = 2003:db8:1:0:214:1234:fe0b:3297
lxc.cgroup.cpuset.cpus = 0,1
lxc.cgroup.cpu.shares = 1234
From 08d9d0e5bd76759c21e13304cfe416b0e05371ba Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 10:56:20 +0800
Subject: [PATCH 11/12] doc: s/lxc.net.ipv6/lxc.net.ipv6.address/g
Signed-off-by: Long Wang <w at laoqinren.net>
---
doc/ko/lxc.container.conf.sgml.in | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/doc/ko/lxc.container.conf.sgml.in b/doc/ko/lxc.container.conf.sgml.in
index 8eabc0b93..b0466a1eb 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -709,7 +709,7 @@ by Sungbae Yoo <sungbae.yoo at samsung.com>
<varlistentry>
<term>
- <option>lxc.net.[i].ipv6</option>
+ <option>lxc.net.[i].ipv6.address</option>
</term>
<listitem>
<para>
@@ -2553,7 +2553,7 @@ mknod errno 0
lxc.net.0.name = eth0
lxc.net.0.hwaddr = 4a:49:43:49:79:bf
lxc.net.0.ipv4.address = 1.2.3.5/24 1.2.3.255
- lxc.net.0.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597
+ lxc.net.0.ipv6.address = 2003:db8:1:0:214:1234:fe0b:3597
</programlisting>
</refsect2>
@@ -2602,21 +2602,21 @@ mknod errno 0
lxc.net.0.link = br0
lxc.net.0.hwaddr = 4a:49:43:49:79:bf
lxc.net.0.ipv4.address = 10.2.3.5/24 10.2.3.255
- lxc.net.0.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597
- lxc.net.0.ipv6 = 2003:db8:1:0:214:5432:feab:3588
+ lxc.net.0.ipv6.address = 2003:db8:1:0:214:1234:fe0b:3597
+ lxc.net.0.ipv6.address = 2003:db8:1:0:214:5432:feab:3588
lxc.net.1.type = macvlan
lxc.net.1.flags = up
lxc.net.1.link = eth0
lxc.net.1.hwaddr = 4a:49:43:49:79:bd
lxc.net.1.ipv4.address = 10.2.3.4/24
lxc.net.1.ipv4.address = 192.168.10.125/24
- lxc.net.1.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596
+ lxc.net.1.ipv6.address = 2003:db8:1:0:214:1234:fe0b:3596
lxc.net.2.type = phys
lxc.net.2.flags = up
lxc.net.2.link = dummy0
lxc.net.2.hwaddr = 4a:49:43:49:79:ff
lxc.net.2.ipv4.address = 10.2.3.6/24
- lxc.net.2.ipv6 = 2003:db8:1:0:214:1234:fe0b:3297
+ lxc.net.2.ipv6.address = 2003:db8:1:0:214:1234:fe0b:3297
lxc.cgroup.cpuset.cpus = 0,1
lxc.cgroup.cpu.shares = 1234
lxc.cgroup.devices.deny = a
From f30ab9fe2abe94b1f3e46e92014554b88acc3e7d Mon Sep 17 00:00:00 2001
From: Long Wang <w at laoqinren.net>
Date: Wed, 12 Jul 2017 11:08:01 +0800
Subject: [PATCH 12/12] tests: fix typo
Signed-off-by: Long Wang <w at laoqinren.net>
---
src/tests/parse_config_file.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/tests/parse_config_file.c b/src/tests/parse_config_file.c
index 7e9044af1..d416d0b60 100644
--- a/src/tests/parse_config_file.c
+++ b/src/tests/parse_config_file.c
@@ -371,7 +371,7 @@ int main(int argc, char *argv[])
*/
if (set_get_compare_clear_save_load(c, "lxc.se_context", "system_u:system_r:lxc_t:s0:c22",
tmpf, true) < 0) {
- lxc_error("%s\n", "lxc.apparmor.se_context");
+ lxc_error("%s\n", "lxc.se_context");
goto non_test_error;
}
@@ -392,7 +392,7 @@ int main(int argc, char *argv[])
/* lxc.selinux.context */
if (set_get_compare_clear_save_load(c, "lxc.selinux.context", "system_u:system_r:lxc_t:s0:c22",
tmpf, true) < 0) {
- lxc_error("%s\n", "lxc.apparmor.selinux.context");
+ lxc_error("%s\n", "lxc.selinux.context");
goto non_test_error;
}
More information about the lxc-devel
mailing list