[lxc-devel] [lxc/lxc] 754076: added allowrunning command line option for snapsho...
Stéphane Graber
noreply at github.com
Mon Feb 18 21:40:35 UTC 2019
Branch: refs/heads/coverity
Home: https://github.com/lxc/lxc
Commit: 754076f5552c2a1c84f39f462e0ed89b05a43ee3
https://github.com/lxc/lxc/commit/754076f5552c2a1c84f39f462e0ed89b05a43ee3
Author: Bernd Helm <bernd.helm at helmundwalter.de>
Date: 2018-10-22 (Mon, 22 Oct 2018)
Changed paths:
M doc/lxc-copy.sgml.in
M src/lxc/lxccontainer.c
M src/lxc/lxccontainer.h
M src/lxc/tools/arguments.h
M src/lxc/tools/lxc_copy.c
Log Message:
-----------
added allowrunning command line option for snapshotting alive containers
Signed-off-by: Bernd Helm <bernd.helm at helmundwalter.de>
Commit: a9b8dbfa95f14d17ad014d3ee4400602933297ee
https://github.com/lxc/lxc/commit/a9b8dbfa95f14d17ad014d3ee4400602933297ee
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-11-02 (Fri, 02 Nov 2018)
Changed paths:
M src/include/lxcmntent.c
Log Message:
-----------
include: correctly include macro.h
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: acf50cfedf010bb13390821a52d964b99cd1c0d4
https://github.com/lxc/lxc/commit/acf50cfedf010bb13390821a52d964b99cd1c0d4
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-11-02 (Fri, 02 Nov 2018)
Changed paths:
M src/include/lxcmntent.c
Log Message:
-----------
Merge pull request #2717 from brauner/2018-11-02/fix_android
include: correctly include macro.h
Commit: 6e055cceb212d2a3bab201dbfdd5df7315343c30
https://github.com/lxc/lxc/commit/6e055cceb212d2a3bab201dbfdd5df7315343c30
Author: Jungsub <supsup5642 at gmail.com>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M src/lxc/namespace.c
Log Message:
-----------
Fix spacing error in namespace.c
Signed-off-by: Jungsub Shin supsup5642 at tmax.co.kr
Commit: d2b2f6298c6ffc79cd07bfded921e0694d342550
https://github.com/lxc/lxc/commit/d2b2f6298c6ffc79cd07bfded921e0694d342550
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M src/lxc/namespace.c
Log Message:
-----------
Merge pull request #2719 from ssup2/master
Fix spacing error in namespace.c
Commit: 89882306f94fed5c053d4f74ee8379f64c3babcb
https://github.com/lxc/lxc/commit/89882306f94fed5c053d4f74ee8379f64c3babcb
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/caps.c
Log Message:
-----------
caps: replace read with lxc_read_nointr
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 809d44495ac1aa217830405fb7d2ee7a50dc1a14
https://github.com/lxc/lxc/commit/809d44495ac1aa217830405fb7d2ee7a50dc1a14
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/log.c
Log Message:
-----------
log: replace write with lxc_write_nointr
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 1d5e5f26b8cba168cccb01dc5849cbbd782376f4
https://github.com/lxc/lxc/commit/1d5e5f26b8cba168cccb01dc5849cbbd782376f4
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
dlog: move match_dlog_fds()
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 30acf2823b7c9750d27ce55f229368d10c41b78a
https://github.com/lxc/lxc/commit/30acf2823b7c9750d27ce55f229368d10c41b78a
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Merge pull request #2721 from 2xsec/tizen
dlog: move match_dlog_fds()
Commit: 891a355f998e53c1eb74810c781a6f2808da59bf
https://github.com/lxc/lxc/commit/891a355f998e53c1eb74810c781a6f2808da59bf
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/caps.c
M src/lxc/log.c
Log Message:
-----------
Merge pull request #2720 from 2xsec/bugfix
replace read & write syscalls with nointr functions
Commit: 7d7333b3d0addc261dc23b1ea854393f25d8a965
https://github.com/lxc/lxc/commit/7d7333b3d0addc261dc23b1ea854393f25d8a965
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: s/ty/tty/g
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 72da60a6e51a25ab539301e82ad80378ef3be583
https://github.com/lxc/lxc/commit/72da60a6e51a25ab539301e82ad80378ef3be583
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Merge pull request #2722 from brauner/lxc/master
conf: s/ty/tty/g
Commit: a6de11a79b60a1be47df83cfaaf98b0d3f2734c5
https://github.com/lxc/lxc/commit/a6de11a79b60a1be47df83cfaaf98b0d3f2734c5
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/pam/pam_cgfs.c
Log Message:
-----------
pam_cgfs: remove redundancy file utils
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: f25a2044bf08648a3c91d0b130069c8e96d4b099
https://github.com/lxc/lxc/commit/f25a2044bf08648a3c91d0b130069c8e96d4b099
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/pam/pam_cgfs.c
Log Message:
-----------
cgfs: remove redundancy utils
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: c4a090bebfb28a35975ee4317326e82bf2756707
https://github.com/lxc/lxc/commit/c4a090bebfb28a35975ee4317326e82bf2756707
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/file_utils.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/string_utils.c
Log Message:
-----------
pam_cgfs: remove dependency from cap & log
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 7be6bcd523d06a27fa6e611dd822142e9aea6da8
https://github.com/lxc/lxc/commit/7be6bcd523d06a27fa6e611dd822142e9aea6da8
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/initutils.c
M src/lxc/utils.c
Log Message:
-----------
utils: fix coding styles
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 2f32e37ef41c97ae9d166457d7b0141df96dc3fd
https://github.com/lxc/lxc/commit/2f32e37ef41c97ae9d166457d7b0141df96dc3fd
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
utils: add errno logs for exception case
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: d25dcf18df81417b296dfb50d0ca777784762613
https://github.com/lxc/lxc/commit/d25dcf18df81417b296dfb50d0ca777784762613
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/cgroups/cgfsng.c
M src/lxc/file_utils.c
M src/lxc/initutils.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/string_utils.c
M src/lxc/utils.c
Log Message:
-----------
Merge pull request #2723 from 2xsec/bugfix
pam_cgfs: remove dependency & redundancy functions
Commit: d1acfd547132c6c11274849c5f2807cf79218ae5
https://github.com/lxc/lxc/commit/d1acfd547132c6c11274849c5f2807cf79218ae5
Author: tomponline <tomp at tomp.uk>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M src/lxc/storage/lvm.c
Log Message:
-----------
Adds -qq flags to lvcreate commands to avoid answer 'no' to ant questions the LVM subsystem asks to avoid hanging lxc-create command
Signed-off-by: tomponline <tomp at tomp.uk>
Commit: c891ab355ba1a5d7157123c60191f4f5dbbded7b
https://github.com/lxc/lxc/commit/c891ab355ba1a5d7157123c60191f4f5dbbded7b
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M src/lxc/storage/lvm.c
Log Message:
-----------
Merge pull request #2725 from tomponline/tp-lvcreate
Adds -qq flags to lvcreate commands
Commit: e6ec0a9e71aa68c9fd67c691a62aaae87e356cef
https://github.com/lxc/lxc/commit/e6ec0a9e71aa68c9fd67c691a62aaae87e356cef
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
M src/lxc/lsm/apparmor.c
Log Message:
-----------
apparmor: allow various remount,bind options
RW bind mounts need to be restricted for some paths in
order to avoid MAC restriction bypasses, but read-only bind
mounts shouldn't have that problem.
Additionally, combinations of 'nosuid', 'nodev' and
'noexec' flags shouldn't be a problem either and are
required with newer systemd versions, so let's allow those
as long as they're combined with 'ro,remount,bind'.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: ac7148050126cc3cd9872007c5ea69cad44baa91
https://github.com/lxc/lxc/commit/ac7148050126cc3cd9872007c5ea69cad44baa91
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M config/apparmor/abstractions/container-base
M config/apparmor/abstractions/container-base.in
M src/lxc/lsm/apparmor.c
Log Message:
-----------
Merge pull request #2727 from Blub/2018-11-16/apparmor.ro-bind-remount-combinations
apparmor: allow various remount,bind options
Commit: 6af699fc0e4e88fb3927b9623f8a721a55ca9eea
https://github.com/lxc/lxc/commit/6af699fc0e4e88fb3927b9623f8a721a55ca9eea
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-11-19 (Mon, 19 Nov 2018)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
utils: make keyring allocation failure non-fatal
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 7b9e86541303f7e67856b5c9686d9d8a08f3e1e3
https://github.com/lxc/lxc/commit/7b9e86541303f7e67856b5c9686d9d8a08f3e1e3
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-11-18 (Sun, 18 Nov 2018)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Merge pull request #2728 from brauner/2018-11-19/keyctl_non_fatal
utils: make keyring allocation failure non-fatal
Commit: 04fe0512132e47ffc05c338a82f845cd475e8e75
https://github.com/lxc/lxc/commit/04fe0512132e47ffc05c338a82f845cd475e8e75
Author: Radostin Stoyanov <rstoyanov1 at gmail.com>
Date: 2018-11-20 (Tue, 20 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
Log Message:
-----------
autotools: fix lxc-{create,copy} build
After commit 2b670df lxc-create and lxc-copy fails with "undefined
symbol: get_fssize".
Closes #2730
Signed-off-by: Radostin Stoyanov <rstoyanov1 at gmail.com>
Commit: 4d2ec4c460e4912f99065db9661ad098ac17a985
https://github.com/lxc/lxc/commit/4d2ec4c460e4912f99065db9661ad098ac17a985
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-20 (Tue, 20 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
Log Message:
-----------
Merge pull request #2731 from rst0git/master
autotools: fix lxc-{create,copy} build
Commit: 4143c201d1b06e27beb77707f7de9c6f4c9a6112
https://github.com/lxc/lxc/commit/4143c201d1b06e27beb77707f7de9c6f4c9a6112
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-11-20 (Tue, 20 Nov 2018)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgfsng: remove freezer requirement
The freezer controller has been made optional in all other codepaths so
don't require it.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f0d33515ba017e16a4e76d2e92f2de308b68ce73
https://github.com/lxc/lxc/commit/f0d33515ba017e16a4e76d2e92f2de308b68ce73
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-11-20 (Tue, 20 Nov 2018)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Merge pull request #2732 from brauner/2018-11-21/remove_freezer_requirement
cgfsng: remove freezer requirement
Commit: 137da20a4d211b3a8602eb82ba62a474a027404a
https://github.com/lxc/lxc/commit/137da20a4d211b3a8602eb82ba62a474a027404a
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-23 (Fri, 23 Nov 2018)
Changed paths:
M doc/lxc-copy.sgml.in
M src/lxc/lxccontainer.c
M src/lxc/lxccontainer.h
M src/lxc/tools/arguments.h
M src/lxc/tools/lxc_copy.c
Log Message:
-----------
Merge pull request #1943 from bhelm/master
Added allowrunning command line option for snapshotting running containers
Commit: 1cfc8b9ab7326b5d0466a4e027f3ba4d219d22ac
https://github.com/lxc/lxc/commit/1cfc8b9ab7326b5d0466a4e027f3ba4d219d22ac
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-23 (Fri, 23 Nov 2018)
Changed paths:
M doc/ko/lxc-copy.sgml.in
Log Message:
-----------
doc: Add -a, --allowrunning arg to Korean lxc-copy(1)
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: 77068929d7f9069cdad929074851ee9e1bfd0436
https://github.com/lxc/lxc/commit/77068929d7f9069cdad929074851ee9e1bfd0436
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-23 (Fri, 23 Nov 2018)
Changed paths:
M doc/ko/lxc-copy.sgml.in
Log Message:
-----------
Merge pull request #2737 from 2xsec/docs
doc: Add -a, --allowrunning arg to Korean lxc-copy(1)
Commit: b73cea60885f818cc11018fbe05764dc5c267207
https://github.com/lxc/lxc/commit/b73cea60885f818cc11018fbe05764dc5c267207
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2018-11-27 (Tue, 27 Nov 2018)
Changed paths:
M doc/ja/lxc-copy.sgml.in
Log Message:
-----------
Add allowrunning option into Japanese lxc-copy(1)
Update for commit 754076f
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Commit: b8f44de376aa95503831273785628491a5347a2a
https://github.com/lxc/lxc/commit/b8f44de376aa95503831273785628491a5347a2a
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-11-26 (Mon, 26 Nov 2018)
Changed paths:
M doc/ja/lxc-copy.sgml.in
Log Message:
-----------
Merge pull request #2739 from tenforward/japanese
Add allowrunning option into Japanese lxc-copy(1)
Commit: c14ea11dccbfa80021a9b169b94bd86e8b359611
https://github.com/lxc/lxc/commit/c14ea11dccbfa80021a9b169b94bd86e8b359611
Author: Cameron Nemo <camerontnorman at gmail.com>
Date: 2018-11-28 (Wed, 28 Nov 2018)
Changed paths:
M src/lxc/cmd/lxc_usernsexec.c
Log Message:
-----------
lxc-usernsexec: fix default map functionality
* Place NULL bytes at the end of strings so that
lxc_safe_ulong() can parse them correctly
* Only free the newly created id_map on error,
to avoid passing garbage to lxc_map_ids()
Signed-off-by: Cameron Nemo <camerontnorman at gmail.com>
Commit: 9760cfccf2a708476a0921d7405102948235cb8b
https://github.com/lxc/lxc/commit/9760cfccf2a708476a0921d7405102948235cb8b
Author: 2xsec <dh48.jeong at samsung.com>
Date: 2018-11-30 (Fri, 30 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
Log Message:
-----------
fix install error when using --disable-commands option
Signed-off-by: 2xsec <dh48.jeong at samsung.com>
Commit: ec4b01c01e20be8acd7cac76e0e74db71cd8aa42
https://github.com/lxc/lxc/commit/ec4b01c01e20be8acd7cac76e0e74db71cd8aa42
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-30 (Fri, 30 Nov 2018)
Changed paths:
M src/lxc/cmd/lxc_usernsexec.c
Log Message:
-----------
Merge pull request #2740 from CameronNemo/usernsexec
lxc-usernsexec: fix default map functionality
Commit: 9e42c1e3f102be48be9014e1ecbacc2a57446e20
https://github.com/lxc/lxc/commit/9e42c1e3f102be48be9014e1ecbacc2a57446e20
Author: Christian Brauner <christian at brauner.io>
Date: 2018-11-30 (Fri, 30 Nov 2018)
Changed paths:
M src/lxc/Makefile.am
Log Message:
-----------
Merge pull request #2743 from 2xsec/build
fix install error when using --disable-commands option
Commit: 0e40f65d1df7267b0a9cfa4a94941aa1f4999ec8
https://github.com/lxc/lxc/commit/0e40f65d1df7267b0a9cfa4a94941aa1f4999ec8
Author: Adam Kasztenny <adamkasztenny at gmail.com>
Date: 2018-11-30 (Fri, 30 Nov 2018)
Changed paths:
M src/lxc/tools/lxc_create.c
Log Message:
-----------
Add template-options to help output
Copied from the [manpage](https://github.com/lxc/lxc/blob/9e42c1e3f102be48be9014e1ecbacc2a57446e20/doc/lxc-create.sgml.in#L175).
Signed-off-by: Adam Kasztenny <adamkasztenny at gmail.com>
Commit: b7df06ad14c04f18b7db5b64d5142b802bf64cb2
https://github.com/lxc/lxc/commit/b7df06ad14c04f18b7db5b64d5142b802bf64cb2
Author: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Date: 2018-12-03 (Mon, 03 Dec 2018)
Changed paths:
M src/lxc/string_utils.h
Log Message:
-----------
stringutils: include stdarg for va_list
Fixes:
- http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Commit: c1b70110c89c7db6e0a1245bc765bdc3009976ae
https://github.com/lxc/lxc/commit/c1b70110c89c7db6e0a1245bc765bdc3009976ae
Author: Christian Brauner <christian at brauner.io>
Date: 2018-12-04 (Tue, 04 Dec 2018)
Changed paths:
M src/lxc/string_utils.h
Log Message:
-----------
Merge pull request #2745 from ffontaine/master
stringutils: include stdarg for va_list
Commit: 3aa7271157d3c815a4426c1f8eaea2f3b6dafa6a
https://github.com/lxc/lxc/commit/3aa7271157d3c815a4426c1f8eaea2f3b6dafa6a
Author: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Date: 2018-12-04 (Tue, 04 Dec 2018)
Changed paths:
M configure.ac
Log Message:
-----------
configure.ac: fix build without stack-protector
Compiler based hardening (including -fstack-protector-strong) are
enabled since version 3.0.3 and
https://github.com/lxc/lxc/commit/2268c27754152aa538db2c9e3753d72d19bcd17a
However, some compilers could missed the needed library (-lssp or
-lssp_nonshared) at linking step so use ax_check_link_flag instead of
ax_check_compile_flag
Fixes:
- http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Commit: be50a0d9c58d480b55cc3d429dd61d4b620f85de
https://github.com/lxc/lxc/commit/be50a0d9c58d480b55cc3d429dd61d4b620f85de
Author: Christian Brauner <christian at brauner.io>
Date: 2018-12-07 (Fri, 07 Dec 2018)
Changed paths:
M configure.ac
Log Message:
-----------
Merge pull request #2747 from ffontaine/master
configure.ac: fix build without stack-protector
Commit: 4f08c8d46f7231635278aaa61025a1df0fa4d659
https://github.com/lxc/lxc/commit/4f08c8d46f7231635278aaa61025a1df0fa4d659
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-12-11 (Tue, 11 Dec 2018)
Changed paths:
M src/lxc/storage/storage_utils.c
M src/lxc/storage/storage_utils.h
Log Message:
-----------
storage: remove unused function
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: b3fc069e4121b283b78c82d715100bddcf326d48
https://github.com/lxc/lxc/commit/b3fc069e4121b283b78c82d715100bddcf326d48
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2018-12-11 (Tue, 11 Dec 2018)
Changed paths:
M src/lxc/storage/storage_utils.c
M src/lxc/storage/storage_utils.h
Log Message:
-----------
Merge pull request #2749 from brauner/2018-12-11/storage_utils
storage: src cannot be truncated
Commit: b8ac0dd14e8dccbdc19195d2f98392226feed9ab
https://github.com/lxc/lxc/commit/b8ac0dd14e8dccbdc19195d2f98392226feed9ab
Author: Oguz Bektas <o.bektas at proxmox.com>
Date: 2018-12-12 (Wed, 12 Dec 2018)
Changed paths:
M src/lxc/tools/lxc_cgroup.c
Log Message:
-----------
fix lxc-cgroup not giving output
lxc-cgroup fails to provide any output since the latest version, this
should fix it
Signed-off-by: Oguz Bektas <o.bektas at proxmox.com>
Commit: 6a5cc5609cac4521893bf4fbc232e1505cc8e707
https://github.com/lxc/lxc/commit/6a5cc5609cac4521893bf4fbc232e1505cc8e707
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-12-12 (Wed, 12 Dec 2018)
Changed paths:
M src/lxc/tools/lxc_cgroup.c
Log Message:
-----------
tools: add newline to lxc-cgroup output
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 40b2dcbc173f30597b120291879f0eb4da45b880
https://github.com/lxc/lxc/commit/40b2dcbc173f30597b120291879f0eb4da45b880
Author: Christian Brauner <christian at brauner.io>
Date: 2018-12-12 (Wed, 12 Dec 2018)
Changed paths:
M src/lxc/tools/lxc_cgroup.c
Log Message:
-----------
Merge pull request #2751 from xorond/cgroup
fix #2742: lxc-cgroup not giving output
Commit: 2bd158cc0c79da7d48e36306d41b5677ec976fc6
https://github.com/lxc/lxc/commit/2bd158cc0c79da7d48e36306d41b5677ec976fc6
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-12-13 (Thu, 13 Dec 2018)
Changed paths:
M src/lxc/commands.c
M src/lxc/terminal.c
M src/lxc/terminal.h
Log Message:
-----------
terminal: remove sigwinch command
SIGWINCH is handled in lxc_terminal_signalfd_cb().
I cannot for the life of me figure out what this is supposed to do.
Afaict, it scans a global list that is totally unnecessary and also
let's say you have 100 ttys and for a single one SIGWINCH is sent. In
that case the whole list is walked and two ioctl()s are performed: one
to get window size one to set window size. For 99 of them the window
size hasn't changed.
If we see issues we can revert!
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4dcd858b92d4135024290d70534c245e9cdd8d6d
https://github.com/lxc/lxc/commit/4dcd858b92d4135024290d70534c245e9cdd8d6d
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2018-12-13 (Thu, 13 Dec 2018)
Changed paths:
M configure.ac
Log Message:
-----------
Release LXC 3.1.0
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 8465a7f49ed64aceaebac7ca8c489575e7a65173
https://github.com/lxc/lxc/commit/8465a7f49ed64aceaebac7ca8c489575e7a65173
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2018-12-13 (Thu, 13 Dec 2018)
Changed paths:
M configure.ac
Log Message:
-----------
Re-enable lxc_devel
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 92fa4347d7e13b586e11494201607083751bb6d3
https://github.com/lxc/lxc/commit/92fa4347d7e13b586e11494201607083751bb6d3
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-12-16 (Sun, 16 Dec 2018)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
storage: do not destroy pre-existing rootfs
Closes #2752.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4e5a9657cafad69d8447a385abb1a384423b54f8
https://github.com/lxc/lxc/commit/4e5a9657cafad69d8447a385abb1a384423b54f8
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2018-12-17 (Mon, 17 Dec 2018)
Changed paths:
M src/lxc/api_extensions.h
M src/lxc/lxccontainer.c
Log Message:
-----------
lxccontainer: fix mount api (mount_injection_file)
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 46bccf604b3c8b10a3ace3544bbb40f5a4da7779
https://github.com/lxc/lxc/commit/46bccf604b3c8b10a3ace3544bbb40f5a4da7779
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2018-12-17 (Mon, 17 Dec 2018)
Changed paths:
M src/lxc/api_extensions.h
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2757 from brauner/2018-12-17/mount_injection_file
lxccontainer: fix mount api (mount_injection_file)
Commit: 370c786023e605bf7e2250a478b7dd2bee28ec42
https://github.com/lxc/lxc/commit/370c786023e605bf7e2250a478b7dd2bee28ec42
Author: S.Çağlar Onur <caglar at 10ur.org>
Date: 2018-12-26 (Wed, 26 Dec 2018)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Set c to NULL after freeing it
Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
Commit: dfaaf1cf5a9136c2caf9aab147e0f51dcb86bafb
https://github.com/lxc/lxc/commit/dfaaf1cf5a9136c2caf9aab147e0f51dcb86bafb
Author: Christian Brauner <christian at brauner.io>
Date: 2018-12-26 (Wed, 26 Dec 2018)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2763 from caglar10ur/dangling
Set c to NULL after freeing it
Commit: 688e8982bced7f7bbfdc8a646a852890544917a4
https://github.com/lxc/lxc/commit/688e8982bced7f7bbfdc8a646a852890544917a4
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-01-04 (Fri, 04 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: use SYSERROR on lxc_write_to_file errors
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 5f666a8f7cdb307017eec2fdb0b9cc735365ae35
https://github.com/lxc/lxc/commit/5f666a8f7cdb307017eec2fdb0b9cc735365ae35
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-04 (Fri, 04 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Merge pull request #2767 from Blub/2019-01-04/use-syserror-on-write-error
conf: use SYSERROR on lxc_write_to_file errors
Commit: 4bcf92a32ea648948d4a4452051d41da01b287b7
https://github.com/lxc/lxc/commit/4bcf92a32ea648948d4a4452051d41da01b287b7
Author: S.Çağlar Onur <caglar at 10ur.org>
Date: 2019-01-05 (Sat, 05 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Revert "Set c to NULL after freeing it"
Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>
Commit: de60a7fe1c5260d4e862656c3a9090ad529d028d
https://github.com/lxc/lxc/commit/de60a7fe1c5260d4e862656c3a9090ad529d028d
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-06 (Sun, 06 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2768 from caglar10ur/revert-2763-dangling
Revert "Set c to NULL after freeing it"
Commit: 3d7e738a6befb76c47ba2c5fcc46d8cfa447171f
https://github.com/lxc/lxc/commit/3d7e738a6befb76c47ba2c5fcc46d8cfa447171f
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-07 (Mon, 07 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
lxccontainer: fix container copy
We need to strip the prefix from the container's source path before
trying to update the file.
Closes #2380.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 50d86993a7d6bf913372e0514fc491ea49ebdc5c
https://github.com/lxc/lxc/commit/50d86993a7d6bf913372e0514fc491ea49ebdc5c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-07 (Mon, 07 Jan 2019)
Changed paths:
M doc/lxc.container.conf.sgml.in
M src/lxc/api_extensions.h
M src/lxc/conf.h
M src/lxc/confile.c
M src/lxc/seccomp.c
Log Message:
-----------
confile: add lxc.seccomp.allow_nesting
This adds the lxc.seccomp.allow_nesting api extension. If
lxc.seccomp.allow_nesting is set to 1 then seccomp profiles will be
stacked. This way nested containers can load their own seccomp policy on
top of the policy that the outer container might have applied.
Cc: Simon Fels <simon.fels at canonical.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 85e66fe856508d60c96de2fb063d08a152aa8273
https://github.com/lxc/lxc/commit/85e66fe856508d60c96de2fb063d08a152aa8273
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-07 (Mon, 07 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgfsng: do not free container_full_path on error
Closes #2741.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: b5cab13962cdd40e56effea49c604ba0b1a49dfc
https://github.com/lxc/lxc/commit/b5cab13962cdd40e56effea49c604ba0b1a49dfc
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M doc/lxc.container.conf.sgml.in
M src/lxc/api_extensions.h
M src/lxc/conf.h
M src/lxc/confile.c
M src/lxc/seccomp.c
Log Message:
-----------
Merge pull request #2771 from brauner/2018-01-07/seccomp_nesting_support
confile: add lxc.seccomp.allow_nesting
Commit: 0c7114c5ceaeeed2e1e32f2e8e3a3746f3f7cb6e
https://github.com/lxc/lxc/commit/0c7114c5ceaeeed2e1e32f2e8e3a3746f3f7cb6e
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2770 from brauner/2018-01-07/container_copy
lxccontainer: fix container copy
Commit: 9aed8757960ce025af62eab46762b674f0b34d05
https://github.com/lxc/lxc/commit/9aed8757960ce025af62eab46762b674f0b34d05
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Merge pull request #2773 from brauner/2018-01-09/fix_cgroup_deletion
cgfsng: do not free container_full_path on error
Commit: 62aad75f9afe76e2c56e84ce945ac454270baab9
https://github.com/lxc/lxc/commit/62aad75f9afe76e2c56e84ce945ac454270baab9
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2755 from brauner/2018-12-16/rootfs_managed
storage: do not destroy pre-existing rootfs
Commit: b3db9f63bd2ce51bfabf354490cd16e9f4ae30f0
https://github.com/lxc/lxc/commit/b3db9f63bd2ce51bfabf354490cd16e9f4ae30f0
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/commands.c
M src/lxc/terminal.c
M src/lxc/terminal.h
Log Message:
-----------
Merge pull request #2753 from brauner/2018-12-13/remove_sigwinch_cmd
terminal: remove sigwinch command
Commit: 8523344a390f6e6c6707358b84f27ab59a891b2c
https://github.com/lxc/lxc/commit/8523344a390f6e6c6707358b84f27ab59a891b2c
Author: hn <hn at users.noreply.github.com>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
fix: unprivileged veth devices (e.g. vethFWABHX) never contain 'Z' character in the randomly generated device name part because for modulo one does not need to substract 1 from strlen().
Signed-off-by: Hajo Noerenberg <hajo-github at noerenberg.de>
Commit: da7226fbd6b4d038fbb455bfe19f6bd58bde5463
https://github.com/lxc/lxc/commit/da7226fbd6b4d038fbb455bfe19f6bd58bde5463
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
Merge pull request #2774 from hn/master
trivial fix: unprivileged veth devices (e.g. vethFWABHX) never contain 'Z' char
Commit: 60018868a3a41f22245bdae90d52e52a92be0177
https://github.com/lxc/lxc/commit/60018868a3a41f22245bdae90d52e52a92be0177
Author: Ondrej Kubik <ondrej.kubik at canonical.com>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/include/lxcmntent.c
Log Message:
-----------
Fixing compile error when compiling for android
Signed-off-by: Ondrej Kubik <ondrej.kubik at canonical.com>
Commit: 2fa5dff98804ec6ea4f19bab9ce09a7b12516881
https://github.com/lxc/lxc/commit/2fa5dff98804ec6ea4f19bab9ce09a7b12516881
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/include/lxcmntent.c
Log Message:
-----------
Merge pull request #2775 from kubiko/android-fix-compile
Fixing compile error when compiling for android
Commit: 69b4a4bbfdffc99053df289a1c1512b911072088
https://github.com/lxc/lxc/commit/69b4a4bbfdffc99053df289a1c1512b911072088
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-08 (Tue, 08 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: try to handle layouts with no cgroups
Cc: Ondrej Kubik <ondrej.kubik at canonical.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 888aad37504506567de74a285d27955cc8c725bb
https://github.com/lxc/lxc/commit/888aad37504506567de74a285d27955cc8c725bb
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-01-10 (Thu, 10 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
Merge pull request #2777 from brauner/2019-01-09/cgfsng_with_no_controllers
cgroups: try to handle layouts with no cgroups
Commit: bca7c59caddb7568b27552cf0138bfafc1fa2d30
https://github.com/lxc/lxc/commit/bca7c59caddb7568b27552cf0138bfafc1fa2d30
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-10 (Thu, 10 Jan 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: handle missing CLONE_NEWCGROUP
If cgroup namespaces are not supported we should just record it in the
log and move on.
Cc: Ondrej Kubik <ondrej.kubik at canonical.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 421a68d65c9e73a5e4b8ae1aed3800bbcb9dcc67
https://github.com/lxc/lxc/commit/421a68d65c9e73a5e4b8ae1aed3800bbcb9dcc67
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-10 (Thu, 10 Jan 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Merge pull request #2780 from brauner/2019-01-10/cgroupns_skip_on_einval
start: handle missing CLONE_NEWCGROUP
Commit: aa2fdfd362586bdbedf0a5f7751d9237bf91afa9
https://github.com/lxc/lxc/commit/aa2fdfd362586bdbedf0a5f7751d9237bf91afa9
Author: hn <hn at users.noreply.github.com>
Date: 2019-01-10 (Thu, 10 Jan 2019)
Changed paths:
M src/lxc/cmd/lxc_user_nic.c
Log Message:
-----------
network: prefix veth interface name with uid info
Signed-off-by: Hajo Noerenberg <hajo-github at noerenberg.de>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: bd72001f1aa30732a48d9fe3b58260ee9fe4eb9f
https://github.com/lxc/lxc/commit/bd72001f1aa30732a48d9fe3b58260ee9fe4eb9f
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-01-11 (Fri, 11 Jan 2019)
Changed paths:
M src/lxc/cmd/lxc_user_nic.c
Log Message:
-----------
Merge pull request #2781 from brauner/hn-veth-uid
network: prefix veth interface name with uid info
Commit: 575ea46728b10bdb1724b05b517beceb13eff567
https://github.com/lxc/lxc/commit/575ea46728b10bdb1724b05b517beceb13eff567
Author: LiFeng <lifeng68 at huawei.com>
Date: 2019-01-15 (Tue, 15 Jan 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: __lxc_start return -1 when start fails
Signed-off-by: LiFeng <lifeng68 at huawei.com>
Commit: 20b4a5929168660165e8f2db4249af14e2405802
https://github.com/lxc/lxc/commit/20b4a5929168660165e8f2db4249af14e2405802
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-16 (Wed, 16 Jan 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
Merge pull request #2785 from lifeng68/fix_return
start: __lxc_start return -1 when start fails
Commit: d1c203f480df0fa13ac008a7d9db9e64456f3e9c
https://github.com/lxc/lxc/commit/d1c203f480df0fa13ac008a7d9db9e64456f3e9c
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-01-17 (Thu, 17 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Revert "conf: remove extra MS_BIND with sysfs:mixed"
This reverts commit 51a922baf724689ff3a0df938ca8975601c9c815.
The above commit confuses the mountall unit of privileged
Ubuntu 14.04 containers at startup so that they cannot
finish booting.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: a3ed9b811821e2c85a11edd941af97c7e984e510
https://github.com/lxc/lxc/commit/a3ed9b811821e2c85a11edd941af97c7e984e510
Author: t00416110 <tanyifeng1 at huawei.com>
Date: 2019-01-17 (Thu, 17 Jan 2019)
Changed paths:
M src/lxc/conf.c
M src/lxc/conf.h
Log Message:
-----------
conf.c: fix memory leak and mount error
1. cleanup namespace memory
2. fix bug when ro mount not setted, mount propagation will be skipped.
Signed-off-by: t00416110 <tanyifeng1 at huawei.com>
Commit: 96a03c1f372a145bf170f38f903edadce7534ced
https://github.com/lxc/lxc/commit/96a03c1f372a145bf170f38f903edadce7534ced
Author: LiFeng <lifeng68 at huawei.com>
Date: 2019-01-17 (Thu, 17 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgroup.c
Log Message:
-----------
Fix memory leak in cgroup_exit
Add free memory pointed by struct cgroup_ops *ops
Signed-off-by: LiFeng <lifeng68 at huawei.com>
Commit: 86439b238bf43efc9e59da309c521ee231511af6
https://github.com/lxc/lxc/commit/86439b238bf43efc9e59da309c521ee231511af6
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-17 (Thu, 17 Jan 2019)
Changed paths:
M src/lxc/cgroups/cgroup.c
Log Message:
-----------
Merge pull request #2789 from lifeng68/fix_memory_leak
Fix memory leak in cgroup_exit
Commit: 8d832e7b95a87fbe65e931aa90ca540899e67b88
https://github.com/lxc/lxc/commit/8d832e7b95a87fbe65e931aa90ca540899e67b88
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-17 (Thu, 17 Jan 2019)
Changed paths:
M src/lxc/conf.c
M src/lxc/conf.h
Log Message:
-----------
Merge pull request #2788 from tanyifeng/fix_mem_leak
conf.c: fix memory leak and mount error
Commit: ecfa5693e927b9b7b79fe4011e47623b34f89fae
https://github.com/lxc/lxc/commit/ecfa5693e927b9b7b79fe4011e47623b34f89fae
Author: ondra <ondrak at localhost.localdomain>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Fixing hooks functionality Android where 'sh' is placed under /system/bin
Signed-off-by: ondra <ondrak at localhost.localdomain>
Commit: b11738d799321adfdb40f8af4cd758fe663e3805
https://github.com/lxc/lxc/commit/b11738d799321adfdb40f8af4cd758fe663e3805
Author: ondra <ondrak at localhost.localdomain>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Handle alternative loop device location on Android
Signed-off-by: ondra <ondrak at localhost.localdomain>
Commit: 6f16ac1fbd546198ef9858e55b802317ba774707
https://github.com/lxc/lxc/commit/6f16ac1fbd546198ef9858e55b802317ba774707
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Merge pull request #2791 from kubiko/handle-android-loop
Handle alternative loop device location on Android
Commit: 0a0e05aacfd66d86abed3d28e0782928fe82a359
https://github.com/lxc/lxc/commit/0a0e05aacfd66d86abed3d28e0782928fe82a359
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-18 (Fri, 18 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Merge pull request #2792 from kubiko/fix-android-hooks
Fixing hooks functionality Android where 'sh' is placed under /system
Commit: f1bcfc796e0a4a04b36284f6261afff59123b1aa
https://github.com/lxc/lxc/commit/f1bcfc796e0a4a04b36284f6261afff59123b1aa
Author: LiFeng <lifeng68 at huawei.com>
Date: 2019-01-21 (Mon, 21 Jan 2019)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: add rules for specified architecture only
If the architecture is specified in the seccomp configuration, like:
```
2
whitelist errno 1
[x86_64]
accept allow
accept4 allow
```
We shoud add rules only for amd64 instead of add rules for
x32/i386/amd64.
1. If the [arch] was not specified in seccomp config, add seccomp rules
for all all compat architectures.
2. If the [arch] specified in seccomp config irrelevant to native host
arch, the rules will be ignored.
3. If specified [all] in seccomp config, add seccomp rules for all
compat architectures.
4. If specified [arch] as same as native host arch, add seccomp rules
for the native host arch.
5. If specified [arch] was not native host arch, but compat to host
arch, add seccomp rules for the specified arch only, NOT add seccomp
rules for native arch.
Signed-off-by: LiFeng <lifeng68 at huawei.com>
Commit: b6825c4b7bd3d99a1a7a9c6943e024cde4d20fd0
https://github.com/lxc/lxc/commit/b6825c4b7bd3d99a1a7a9c6943e024cde4d20fd0
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-21 (Mon, 21 Jan 2019)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Merge pull request #2786 from lifeng68/fix_seccomp
seccomp: add rules for specified architecture only
Commit: 3e9671a15d68701b56a6722081aafb3ba0358f49
https://github.com/lxc/lxc/commit/3e9671a15d68701b56a6722081aafb3ba0358f49
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-21 (Mon, 21 Jan 2019)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Revert "seccomp: add rules for specified architecture only"
This reverts commit f1bcfc796e0a4a04b36284f6261afff59123b1aa.
The reverted branch breaks starting all seccomp confined containers. Not
even a containers with our standard seccomp profile starts correctly.
This is strong evidence that these changes have never been tested even
with a standard workload. That is unacceptable!
We are still happy to merge that feature but going forward we want tests
that verify that standard workloads and new features work correctly.
seccomp is a crucial part of our security story and I will not let the
be compromised by missing tests!
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 5283a1182eec6e7a625026bfdab8ebe4deb10ea2
https://github.com/lxc/lxc/commit/5283a1182eec6e7a625026bfdab8ebe4deb10ea2
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-01-21 (Mon, 21 Jan 2019)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Merge pull request #2794 from brauner/2019-01-21/revert_seccomp_fuckup
Revert "seccomp: add rules for specified architecture only"
Commit: 9eb9ce3e4778b257a9245d9098052e6b08b54ff6
https://github.com/lxc/lxc/commit/9eb9ce3e4778b257a9245d9098052e6b08b54ff6
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-26 (Sat, 26 Jan 2019)
Changed paths:
M src/lxc/freezer.c
Log Message:
-----------
Update freezer.c
Suppressed hard coded values for state and array's maximum index.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 2341916a0367130d5a084a89884c15c3a835a4b4
https://github.com/lxc/lxc/commit/2341916a0367130d5a084a89884c15c3a835a4b4
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-26 (Sat, 26 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Avoid double lxc-freeze/unfreeze
If we call lxc-freeze multiple times for an already frozen container, LXC
triggers useless freezing by writing into the "freezer.state" cgroup file.
This is the same when we call lxc-unfreeze multiple times.
Checking the current state with a LXC_CMD_GET_STATE
(calling c->state) would permit to check if the container is FROZEN
or not.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 81f22990c768d3c724f8fe84a3542938502580b4
https://github.com/lxc/lxc/commit/81f22990c768d3c724f8fe84a3542938502580b4
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-26 (Sat, 26 Jan 2019)
Changed paths:
M src/lxc/freezer.c
Log Message:
-----------
Merge pull request #2801 from Rachid-Koucha/patch-2
Update freezer.c
Commit: 71fc9c046816b2bae564481741658defafc01b62
https://github.com/lxc/lxc/commit/71fc9c046816b2bae564481741658defafc01b62
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
Avoid risk of "too far memory read"
As we call "lxc_add_state_client(fd, handler, (lxc_state_t *)req->data)"
which supposes that the last parameter is a table of MAX_STATE
entries when calling memcpy():
memcpy(newclient->states, states, sizeof(newclient->states))
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: f87c3a226be31ab06a96991a33e5e7845dc840be
https://github.com/lxc/lxc/commit/f87c3a226be31ab06a96991a33e5e7845dc840be
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2802 from Rachid-Koucha/patch-3
Avoid double lxc-freeze/unfreeze
Commit: 60014557dc6c7ebc545266c6dae4529b3749ec30
https://github.com/lxc/lxc/commit/60014557dc6c7ebc545266c6dae4529b3749ec30
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
Merge pull request #2803 from Rachid-Koucha/patch-4
Avoid risk of "too far memory read"
Commit: db1228b35f3ea83f668b58dbec33e12623c5c4b1
https://github.com/lxc/lxc/commit/db1228b35f3ea83f668b58dbec33e12623c5c4b1
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/freezer.c
Log Message:
-----------
Avoid hardcoded string length
Use strlen() on "state" variable instead of harcoded
value 6.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 51db00460e6db63e04e9ca3bdc62abb6c2dbe820
https://github.com/lxc/lxc/commit/51db00460e6db63e04e9ca3bdc62abb6c2dbe820
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/freezer.c
Log Message:
-----------
Merge pull request #2804 from Rachid-Koucha/patch-4
Avoid hardcoded string length
Commit: 3309e10c31b04499ceec22353162b09cbf5aa109
https://github.com/lxc/lxc/commit/3309e10c31b04499ceec22353162b09cbf5aa109
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/tools/lxc_create.c
Log Message:
-----------
Merge pull request #2744 from adamkasztenny/patch-1
Add template-options to help output
Commit: 1c9bca6b88e63f7de45ebf8af91d84e6fea57447
https://github.com/lxc/lxc/commit/1c9bca6b88e63f7de45ebf8af91d84e6fea57447
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Installation of default.script for udhcpc
The busybox template installs default.script in /usr/share/udhcpc/.
But the pathname of "default.script" may vary from one busybox
build to another. As the pathname is displayed in udhcpc's help,
grab it from it.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: adbde0cc819bcb5471d93f39338918e0589a950d
https://github.com/lxc/lxc/commit/adbde0cc819bcb5471d93f39338918e0589a950d
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Merge pull request #2809 from Rachid-Koucha/patch-6
Installation of default.script for udhcpc
Commit: 9d03d85733c2e2d7b57d731f0275aa076187ca13
https://github.com/lxc/lxc/commit/9d03d85733c2e2d7b57d731f0275aa076187ca13
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: check for successful mount entry parse
Since liblxc is completely in control of the mount entry file we should
only consider a parse successful when EOF is reached.
Closes #2798.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4765b926b137d6d8ed4f9a46df5f6e5782dca707
https://github.com/lxc/lxc/commit/4765b926b137d6d8ed4f9a46df5f6e5782dca707
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Use BUSYBOX_EXE variable in configure_busybox()
As "which busybox" is stored in BUSYBOX_EXE
global variable at startup, use it wherever it is
needed.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: accd6717078a86a4c525502d98324790cb39a663
https://github.com/lxc/lxc/commit/accd6717078a86a4c525502d98324790cb39a663
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Merge pull request #2810 from Rachid-Koucha/patch-6
Use BUSYBOX_EXE variable in configure_busybox()
Commit: c65973ad8940931ed3208fc1b5723d98023b67a0
https://github.com/lxc/lxc/commit/c65973ad8940931ed3208fc1b5723d98023b67a0
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Create /var/run
Some programs like "who" need this directory
to work (this permits the of /var/run/utmp file).
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 8f2cce180e077cc725e0d09f32e365430e023e09
https://github.com/lxc/lxc/commit/8f2cce180e077cc725e0d09f32e365430e023e09
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Merge pull request #2811 from Rachid-Koucha/patch-6
Create /var/run
Commit: dc691e340e7e1fe032dd47822e460fa86d1dba58
https://github.com/lxc/lxc/commit/dc691e340e7e1fe032dd47822e460fa86d1dba58
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: append 0 0 to nesting helpers mount entries
Otherwise musl's getmntent_r() parser will fail.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 567f8915962316dfee3b040bad404da7cdcbbe38
https://github.com/lxc/lxc/commit/567f8915962316dfee3b040bad404da7cdcbbe38
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
/etc/resolv.conf grows indefinitely
This file grows indefinitely : upon each DHCP lease renew,
the "nameserver ..dns..." line is added at the end of the file.
Make a "grep" in the file to make sure that the same line
does not already exist.
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 7c9f712dcfdeee3a99c40d9663721a5670c2ae21
https://github.com/lxc/lxc/commit/7c9f712dcfdeee3a99c40d9663721a5670c2ae21
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
Merge pull request #2812 from Rachid-Koucha/patch-7
/etc/resolv.conf grows indefinitely
Commit: 0f3a3e1a47a6570fe950089114bd4457bb7c7b62
https://github.com/lxc/lxc/commit/0f3a3e1a47a6570fe950089114bd4457bb7c7b62
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/lxc/compiler.h
Log Message:
-----------
compiler: remove deprecated and unneeded header
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: acad8485a0be5b8dfb1dd90f4bd00728bd243a64
https://github.com/lxc/lxc/commit/acad8485a0be5b8dfb1dd90f4bd00728bd243a64
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/include/prlimit.h
Log Message:
-----------
prlimit: remove deprecated and unneeded header
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: ca5a24d3341d3de7928561b12da7a09faf0a1879
https://github.com/lxc/lxc/commit/ca5a24d3341d3de7928561b12da7a09faf0a1879
Author: Serge Hallyn <serge at hallyn.com>
Date: 2019-01-27 (Sun, 27 Jan 2019)
Changed paths:
M src/include/prlimit.h
M src/lxc/compiler.h
Log Message:
-----------
Merge pull request #2813 from brauner/2019-01-27/bugfixes_2
compiler: remove deprecated and unneeded header
Commit: 7a8f46e9557efe4c04bbad932942c09ee9625669
https://github.com/lxc/lxc/commit/7a8f46e9557efe4c04bbad932942c09ee9625669
Author: KATOH Yasufumi <karma at jazz.email.ne.jp>
Date: 2019-01-28 (Mon, 28 Jan 2019)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
doc: Add lxc.seccomp.allow_nesting to Japanese lxc.container.conf(5)
Signed-off-by: KATOH Yasufumi <karma at jazz.email.ne.jp>
Commit: 91046ccd429ea679bb1e3cc81fa0bb792ee77554
https://github.com/lxc/lxc/commit/91046ccd429ea679bb1e3cc81fa0bb792ee77554
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-28 (Mon, 28 Jan 2019)
Changed paths:
M doc/ja/lxc.container.conf.sgml.in
Log Message:
-----------
Merge pull request #2814 from tenforward/japanese
doc: Add lxc.seccomp.allow_nesting to Japanese lxc.container.conf(5)
Commit: dea31fe2c5fcb2ca1ffba09587363f6bf080eb91
https://github.com/lxc/lxc/commit/dea31fe2c5fcb2ca1ffba09587363f6bf080eb91
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-01-28 (Mon, 28 Jan 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Merge pull request #2807 from brauner/2019-01-27/mount_entries
conf: check for successful mount entry parse
Commit: b275efe319f10a35659543bb2743a1806a7ede3c
https://github.com/lxc/lxc/commit/b275efe319f10a35659543bb2743a1806a7ede3c
Author: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: 2019-01-29 (Tue, 29 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
More accurate error msg for template file
When calling lxc-create, if the template exists but is not executable, we end with the following error messages which make believe that the template file does not exist when it is merely a execute access problem:
lxc-create: ctn00: utils.c: get_template_path: 918 No such file or directory - bad template: /.../lxc-busybox
lxc-create: ctn00: lxccontainer.c: do_lxcapi_create: 1786 Unknown template "/.../lxc-busybox"
lxc-create: ctn00: tools/lxc_create.c: main: 327 Failed to create container ctn00
Actually internally the errno is lost as the following code triggers a useless access to (strace output):
access("/.../lxc-busybox", X_OK) = -1 ENOENT (No such file or directory)
With the above fix, we get a more explicit error message when the template file is missing the "execute" bit:
lxc-create: bbc: utils.c: get_template_path: 917 Permission denied - Bad template pathname: /tmp/azerty
lxc-create: bbc: lxccontainer.c: do_lxcapi_create: 1816 Unknown template "/tmp/azerty"
lxc-create: bbc: tools/lxc_create.c: main: 331 Failed to create container bbc
With the above fix, we get a more explicit error message when the pathname of the template file is incorrect:
lxc-create: bbc: utils.c: get_template_path: 917 No such file or directory - Bad template pathname: /tmp/qwerty
lxc-create: bbc: lxccontainer.c: do_lxcapi_create: 1816 Unknown template "/tmp/qwerty"
lxc-create: bbc: tools/lxc_create.c: main: 331 Failed to create container bbc
Signed-off-by: Rachid Koucha <rachid.koucha at gmail.com>
Commit: 9fc6fd210786d48df4a1950c2ce45f66d70f2114
https://github.com/lxc/lxc/commit/9fc6fd210786d48df4a1950c2ce45f66d70f2114
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-29 (Tue, 29 Jan 2019)
Changed paths:
M src/lxc/utils.c
Log Message:
-----------
Merge pull request #2817 from Rachid-Koucha/patch-5
More accurate error msg for template file
Commit: 02f71d7ef0a8f2b684f5bef2728bbf506521b27f
https://github.com/lxc/lxc/commit/02f71d7ef0a8f2b684f5bef2728bbf506521b27f
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-01-31 (Thu, 31 Jan 2019)
Changed paths:
M src/lxc/freezer.c
M src/lxc/lxccontainer.c
Log Message:
-----------
freezer: non-functional changes
Fix the coding style in a few files.
Fixes: db1228b35f3e ("Avoid hardcoded string length")
Fixes: 71fc9c046816 ("Avoid risk of "too far memory read"")
Fixes: 2341916a0367 ("Avoid double lxc-freeze/unfreeze")
Fixes: 9eb9ce3e4778 ("Update freezer.c")
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 5b353da90028c10d08f4e1ece97313def4b600e4
https://github.com/lxc/lxc/commit/5b353da90028c10d08f4e1ece97313def4b600e4
Author: Christian Brauner <christian at brauner.io>
Date: 2019-01-31 (Thu, 31 Jan 2019)
Changed paths:
M src/lxc/freezer.c
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2806 from brauner/2019-01-27/bugfixes
freezer: non-functional changes
Commit: a6ca2ed8912748242e3654dcd7ec89d6c942bb09
https://github.com/lxc/lxc/commit/a6ca2ed8912748242e3654dcd7ec89d6c942bb09
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-01 (Fri, 01 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cgroups/cgroup.c
M src/lxc/cgroups/cgroup.h
Log Message:
-----------
cgroups: use of /sys/kernel/cgroup/delegate file
This file contains the files one needs to chown to successfully delegate
cgroup files to unprivileged users.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 59c66b480052c2428d1c80b6bb1427d50930c758
https://github.com/lxc/lxc/commit/59c66b480052c2428d1c80b6bb1427d50930c758
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-01 (Fri, 01 Feb 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
Merge pull request #2787 from Blub/2019-01-17/revert-sys-double-bindmount-cleanup
Revert "conf: remove extra MS_BIND with sysfs:mixed"
Commit: 9fb7aab8a8cc896ea0c5642a7af979819231e4be
https://github.com/lxc/lxc/commit/9fb7aab8a8cc896ea0c5642a7af979819231e4be
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-01 (Fri, 01 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cgroups/cgroup.c
M src/lxc/cgroups/cgroup.h
Log Message:
-----------
Merge pull request #2820 from brauner/2019-01-31/cgfsng_sys/kernel/cgroup/delegate
cgroups: use of /sys/kernel/cgroup/delegate file
Commit: a8a6c2c659a3ec399df2bbfef8ae279f417d3220
https://github.com/lxc/lxc/commit/a8a6c2c659a3ec399df2bbfef8ae279f417d3220
Author: tomponline <tomp at tomp.uk>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M lxc.spec.in
Log Message:
-----------
fix rpm packaging for bash completion directory.
Closed #1825
Signed-off-by: tomponline <tomp at tomp.uk>
Commit: 1fba6a85896c0fde9100f6c4cc17f81db4a2af7d
https://github.com/lxc/lxc/commit/1fba6a85896c0fde9100f6c4cc17f81db4a2af7d
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M lxc.spec.in
Log Message:
-----------
Merge pull request #2822 from tomponline/tp-rpmspec
fix rpm packaging for bash completion directory.
Commit: fb3b3ef484f0679534ec60764e47056102e43057
https://github.com/lxc/lxc/commit/fb3b3ef484f0679534ec60764e47056102e43057
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Wlogical-op hardening
Warn about suspicious uses of logical operators in expressions.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: cc0c3a061298b0c74377195a7b7a94671affb9cb
https://github.com/lxc/lxc/commit/cc0c3a061298b0c74377195a7b7a94671affb9cb
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
M src/tests/Makefile.am
Log Message:
-----------
compiler: -Wmissing-include-dirs hardening
Warn if a user-supplied include directory does not exist.
This already surfaced a bug that is fixed by this commit.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 11af5f2ba169c63b4da2980a6688028502c5fe7b
https://github.com/lxc/lxc/commit/11af5f2ba169c63b4da2980a6688028502c5fe7b
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Wold-style-definition hardening
Warn if an old-style function definition is used. A warning is given
even if there is a previous prototype.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f03f7b5ce566d9601b83eb52ca1221d167157192
https://github.com/lxc/lxc/commit/f03f7b5ce566d9601b83eb52ca1221d167157192
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Winit-self hardening
Warn about uninitialized variables that are initialized with themselves.
Note this option can only be used with the -Wuninitialized option.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 30462b914460df7c75b3b32b622952ef9b0cd1df
https://github.com/lxc/lxc/commit/30462b914460df7c75b3b32b622952ef9b0cd1df
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Wfloat-equal hardening
Warn if floating-point values are used in equality comparisons.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e3b4674d44ee6da22c091fd154b6ff62123d3aa2
https://github.com/lxc/lxc/commit/e3b4674d44ee6da22c091fd154b6ff62123d3aa2
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
M src/tests/state_server.c
Log Message:
-----------
compiler: -Wsuggest-attribute=noreturn hardening
Warn about functions that might be candidates for attributes pure, const
or noreturn or malloc.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 13311d70fe3061f98c3feb502a1dee787454e33d
https://github.com/lxc/lxc/commit/13311d70fe3061f98c3feb502a1dee787454e33d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Werror=return-type hardening
Warn whenever a function is defined with a return type that defaults to
int. Also warn about any return statement with no return value in a
function whose return type is not void (falling off the end of the
function body is considered returning without a value).
For C only, warn about a return statement with an expression in a
function whose return type is void, unless the expression type is also
void. As a GNU extension, the latter case is accepted without a warning
unless -Wpedantic is used.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 42a2ab35f45437d8266898633d9e09608ecd2f13
https://github.com/lxc/lxc/commit/42a2ab35f45437d8266898633d9e09608ecd2f13
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Werror=incompatible-pointer-types
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: d07545c7da57156eb9ee8f04999f9dfb9bc53380
https://github.com/lxc/lxc/commit/d07545c7da57156eb9ee8f04999f9dfb9bc53380
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
M src/lxc/criu.c
M src/lxc/log.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/storage/lvm.c
M src/lxc/string_utils.c
Log Message:
-----------
compiler: -Wformat=2 hardening
Enable -Wformat plus additional format checks. Currently equivalent to
-Wformat -Wformat-nonliteral -Wformat-security -Wformat-y2k.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 55733496733d30f53bd5b37c8e27ab1028111518
https://github.com/lxc/lxc/commit/55733496733d30f53bd5b37c8e27ab1028111518
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: set -Wimplicit-fallthrough to 5
-Wimplicit-fallthrough=5 doesn’t recognize any comments as fallthrough
comments, only attributes disable the warning.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: a7547c5c34f5a5f4d754acee7e224602dfbda966
https://github.com/lxc/lxc/commit/a7547c5c34f5a5f4d754acee7e224602dfbda966
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M src/lxc/attach.c
M src/lxc/cmd/lxc_user_nic.c
M src/lxc/conf.c
M src/lxc/criu.c
M src/lxc/log.h
M src/lxc/lxccontainer.c
M src/lxc/network.c
M src/lxc/storage/overlay.c
M src/lxc/storage/storage.c
M src/lxc/storage/zfs.c
M src/lxc/tools/lxc_info.c
M src/lxc/tools/lxc_ls.c
M src/lxc/tools/lxc_unshare.c
M src/tests/share_ns.c
M src/tests/state_server.c
Log Message:
-----------
compiler: -Wshadow hardening
Warn whenever a local variable or type declaration shadows another
variable, parameter, type, class member (in C++), or instance variable
(in Objective-C) or whenever a built-in function is shadowed.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4e950c76ed607eff0ce26d97db44e4495f558106
https://github.com/lxc/lxc/commit/4e950c76ed607eff0ce26d97db44e4495f558106
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
M src/lxc/attach.c
M src/lxc/cmd/lxc_user_nic.c
M src/lxc/conf.c
M src/lxc/criu.c
M src/lxc/log.c
M src/lxc/log.h
M src/lxc/lxccontainer.c
M src/lxc/network.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/storage/lvm.c
M src/lxc/storage/overlay.c
M src/lxc/storage/storage.c
M src/lxc/storage/zfs.c
M src/lxc/string_utils.c
M src/lxc/tools/lxc_info.c
M src/lxc/tools/lxc_ls.c
M src/lxc/tools/lxc_unshare.c
M src/tests/Makefile.am
M src/tests/share_ns.c
M src/tests/state_server.c
Log Message:
-----------
Merge pull request #2823 from brauner/2019-02-05/compiler_based_hardening
compiler: hardening
Commit: 4ccb88781399b3d3d5028ed24594b56f679a7145
https://github.com/lxc/lxc/commit/4ccb88781399b3d3d5028ed24594b56f679a7145
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Wendif-labels hardening
Do not warn whenever an #else or an #endif are followed by text.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: a703da6c84617ed49d145fba1b095f0130d3d3e0
https://github.com/lxc/lxc/commit/a703da6c84617ed49d145fba1b095f0130d3d3e0
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Werror=overflow hardening
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 64871d419de4326ce4976a2a57ed73089866c626
https://github.com/lxc/lxc/commit/64871d419de4326ce4976a2a57ed73089866c626
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -fdiagnostics-show-option
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3b5a0eebd4d2efdaa03c6fb11950abfcf081fab8
https://github.com/lxc/lxc/commit/3b5a0eebd4d2efdaa03c6fb11950abfcf081fab8
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: fix -fstack-protector-strong
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 463bee7b8d76b299c5c5c24c27830df80b9f2b84
https://github.com/lxc/lxc/commit/463bee7b8d76b299c5c5c24c27830df80b9f2b84
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Werror=shift-count-overflow hardening
Warn if shift count >= width of type.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: fcfce08abac5cf1271bc3034d4017d4a714154cc
https://github.com/lxc/lxc/commit/fcfce08abac5cf1271bc3034d4017d4a714154cc
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Werror=shift-overflow=2 hardening
Warn about left shift overflows. This warning is enabled by default in
C99 and C++11 modes (and newer).
-Wshift-overflow=2
This warning level also warns about left-shifting 1 into the sign bit,
unless C++14 mode (or newer) is active.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: a30c52acb75b4820a45412a8367ba4ebae3a7d27
https://github.com/lxc/lxc/commit/a30c52acb75b4820a45412a8367ba4ebae3a7d27
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
Log Message:
-----------
compiler: -Wdate-time hardening
Warn when macros __TIME__, __DATE__ or __TIMESTAMP__ are encountered as
they might prevent bit-wise-identical reproducible compilations.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: d0afbad9a4bb5db59de4f6fdc54e6b270b48bffa
https://github.com/lxc/lxc/commit/d0afbad9a4bb5db59de4f6fdc54e6b270b48bffa
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M configure.ac
M src/tests/lxc-test-utils.c
Log Message:
-----------
compiler: -Wnested-externs hardening
Warn if an extern declaration is encountered within a function.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 0220bddaac18bf1dc985ac5266070154c2a8a1be
https://github.com/lxc/lxc/commit/0220bddaac18bf1dc985ac5266070154c2a8a1be
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M configure.ac
M src/tests/lxc-test-utils.c
Log Message:
-----------
Merge pull request #2824 from brauner/2019-02-05/compiler_based_hardening
compiler: hardening
Commit: af1dc7cd70494c08f8edd6e2b3c176768d1ed0b0
https://github.com/lxc/lxc/commit/af1dc7cd70494c08f8edd6e2b3c176768d1ed0b0
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
A src/lxc/memory_utils.h
Log Message:
-----------
memory_utils: add memory_utils.h
The header defines a simple wrapper for free() that can be used with
gcc's and clang's __attribute__((__cleanup__(<cleanup-fun>))) macro.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 57668944d45c99f0034be546953180a485f89403
https://github.com/lxc/lxc/commit/57668944d45c99f0034be546953180a485f89403
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/include/lxcmntent.c
Log Message:
-----------
lxcmntent: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 861cb8c28a55de32561bf189c06be1d7f607ccde
https://github.com/lxc/lxc/commit/861cb8c28a55de32561bf189c06be1d7f607ccde
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgroups: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: fa4719e2c96f4e42bf9741cf3dfbb57d26487a67
https://github.com/lxc/lxc/commit/fa4719e2c96f4e42bf9741cf3dfbb57d26487a67
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/cmd/lxc_user_nic.c
Log Message:
-----------
lxc_user_nic: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 5265a60cba613d8a2c92ee3404d776022975add2
https://github.com/lxc/lxc/commit/5265a60cba613d8a2c92ee3404d776022975add2
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: fdcdb6542b2513197031f7a755044741d16713a5
https://github.com/lxc/lxc/commit/fdcdb6542b2513197031f7a755044741d16713a5
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/commands_utils.c
Log Message:
-----------
commands_utils: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2f443e88cabee7709aa203319534bf2c837d300c
https://github.com/lxc/lxc/commit/2f443e88cabee7709aa203319534bf2c837d300c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f01d035800ee04f607fe63f52ee8b1aea7a1b908
https://github.com/lxc/lxc/commit/f01d035800ee04f607fe63f52ee8b1aea7a1b908
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/confile.c
Log Message:
-----------
confile: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f5849fd76f0c0a3669bf6df47d60e75468ad440a
https://github.com/lxc/lxc/commit/f5849fd76f0c0a3669bf6df47d60e75468ad440a
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
lxccontainer: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 54b43e8f0997327b663d7fda47c21f9eaaccf55c
https://github.com/lxc/lxc/commit/54b43e8f0997327b663d7fda47c21f9eaaccf55c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/monitor.c
Log Message:
-----------
monitor: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 244f7f873471949216072a8d11544900bfe15456
https://github.com/lxc/lxc/commit/244f7f873471949216072a8d11544900bfe15456
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/namespace.c
Log Message:
-----------
namespace: remove stack allocations
Switch to a static stack instead of allocating a new one. There's really
no point in doing all of the dance to get the current pagesize.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 95ea3d1fa0981d02007920dfe13657ac75e787e7
https://github.com/lxc/lxc/commit/95ea3d1fa0981d02007920dfe13657ac75e787e7
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
network: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 6421783a266717eca422dd4cf6a5139ca95094ee
https://github.com/lxc/lxc/commit/6421783a266717eca422dd4cf6a5139ca95094ee
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/pam/pam_cgfs.c
Log Message:
-----------
pam_cgfs: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4ffeaf276693f05a609b73f8141113dce4cf6b92
https://github.com/lxc/lxc/commit/4ffeaf276693f05a609b73f8141113dce4cf6b92
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 643c9ec99462c1e33efd076fbe26d6308357c82a
https://github.com/lxc/lxc/commit/643c9ec99462c1e33efd076fbe26d6308357c82a
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/storage.c
Log Message:
-----------
storage: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 97f35ce6f8c565992a1b8abb168ada5a53948a6c
https://github.com/lxc/lxc/commit/97f35ce6f8c565992a1b8abb168ada5a53948a6c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/string_utils.c
Log Message:
-----------
string_utils: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2530ba959782d50b5e724e1f29bb402f7b6b27ab
https://github.com/lxc/lxc/commit/2530ba959782d50b5e724e1f29bb402f7b6b27ab
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/terminal.c
Log Message:
-----------
terminal: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 6b4e204c7badc264bd62169c2ec321e073df8d99
https://github.com/lxc/lxc/commit/6b4e204c7badc264bd62169c2ec321e073df8d99
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/loop.c
Log Message:
-----------
loop: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 007bb915d5192672a130c256813a99db74360d40
https://github.com/lxc/lxc/commit/007bb915d5192672a130c256813a99db74360d40
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/lvm.c
Log Message:
-----------
lvm: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 9371d3f2b6fa6b67a37616c6ac07bafcae7952b8
https://github.com/lxc/lxc/commit/9371d3f2b6fa6b67a37616c6ac07bafcae7952b8
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/nbd.c
Log Message:
-----------
nbd: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3206805085279dfff3a8f81c31c4bc1f128fd15c
https://github.com/lxc/lxc/commit/3206805085279dfff3a8f81c31c4bc1f128fd15c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/rbd.c
Log Message:
-----------
rbd: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e2c6671d178698764cf2d473e5bfba356b79ca33
https://github.com/lxc/lxc/commit/e2c6671d178698764cf2d473e5bfba356b79ca33
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/storage/overlay.c
Log Message:
-----------
overlay: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 57e2af15eddf452a177388cc2acce4e3262f050b
https://github.com/lxc/lxc/commit/57e2af15eddf452a177388cc2acce4e3262f050b
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/lxc/tools/lxc_unshare.c
Log Message:
-----------
lxc-unshare: remove stack allocations
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: d6a4505542bb5702c293033ee1f5b6dc842420bc
https://github.com/lxc/lxc/commit/d6a4505542bb5702c293033ee1f5b6dc842420bc
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M src/include/lxcmntent.c
M src/lxc/Makefile.am
M src/lxc/cgroups/cgfsng.c
M src/lxc/cmd/lxc_user_nic.c
M src/lxc/commands.c
M src/lxc/commands_utils.c
M src/lxc/conf.c
M src/lxc/confile.c
M src/lxc/lxccontainer.c
A src/lxc/memory_utils.h
M src/lxc/monitor.c
M src/lxc/namespace.c
M src/lxc/network.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/start.c
M src/lxc/storage/loop.c
M src/lxc/storage/lvm.c
M src/lxc/storage/nbd.c
M src/lxc/storage/overlay.c
M src/lxc/storage/rbd.c
M src/lxc/storage/storage.c
M src/lxc/string_utils.c
M src/lxc/terminal.c
M src/lxc/tools/lxc_unshare.c
Log Message:
-----------
Merge pull request #2821 from brauner/2019-02-05/remove_stack_allocation
tree-wide: wipe alloca() from the codebase
Commit: a62cf72a8b22bbcbe8cdd8c83efc1b98980bf809
https://github.com/lxc/lxc/commit/a62cf72a8b22bbcbe8cdd8c83efc1b98980bf809
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M README.md
Log Message:
-----------
README: add LGTM
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 42bd57bdbdb103eeb2ca67027983af5b8c6fa4b7
https://github.com/lxc/lxc/commit/42bd57bdbdb103eeb2ca67027983af5b8c6fa4b7
Author: Christian Brauner <christian at brauner.io>
Date: 2019-02-06 (Wed, 06 Feb 2019)
Changed paths:
M README.md
Log Message:
-----------
Merge pull request #2825 from brauner/lxc/master
README: add LGTM
Commit: d97919abf22914ef3c2ef7cab64695515cb8b835
https://github.com/lxc/lxc/commit/d97919abf22914ef3c2ef7cab64695515cb8b835
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-08 (Fri, 08 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/memory_utils.h
Log Message:
-----------
cgroups: partially switch to cleanup macros
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: df9bf8ca39fe1c0866f5aa4c53004afd2e14f46b
https://github.com/lxc/lxc/commit/df9bf8ca39fe1c0866f5aa4c53004afd2e14f46b
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-08 (Fri, 08 Feb 2019)
Changed paths:
M src/lxc/caps.c
Log Message:
-----------
caps: check uid and euid
When we are running inside of a user namespace getuid() will return a
non-zero uid. So let's check euid as well to make sure we correctly drop
capabilities
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 884b37d09105cbded88a40030a76afa2d3635c38
https://github.com/lxc/lxc/commit/884b37d09105cbded88a40030a76afa2d3635c38
Author: Serge Hallyn <serge at hallyn.com>
Date: 2019-02-08 (Fri, 08 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/memory_utils.h
Log Message:
-----------
Merge pull request #2827 from brauner/2019-02-07/auto_cleanup
cgroups: partially switch to cleanup macros
Commit: 6403a6671cf2b13e54834c8ad3796e16a56447c8
https://github.com/lxc/lxc/commit/6403a6671cf2b13e54834c8ad3796e16a56447c8
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: remove unnecessary check
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 0dbdb99e3bf6a1cf1ea0ac9db60b6decf97b1f0d
https://github.com/lxc/lxc/commit/0dbdb99e3bf6a1cf1ea0ac9db60b6decf97b1f0d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgfsng: remove unnecessary check
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f7a0c6ee2abdb1fa080e063dceb1dec3bda97e98
https://github.com/lxc/lxc/commit/f7a0c6ee2abdb1fa080e063dceb1dec3bda97e98
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: prevent signed-issues
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 6425271d041b36e0f66fb0df19e43953cd836106
https://github.com/lxc/lxc/commit/6425271d041b36e0f66fb0df19e43953cd836106
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/cmd/lxc_init.c
Log Message:
-----------
lxc-init: exit with error on wait failure
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: f57860aca9153c45e8a749cdb2cd522bd2778fef
https://github.com/lxc/lxc/commit/f57860aca9153c45e8a749cdb2cd522bd2778fef
Author: Christian Brauner <christian at brauner.io>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/cmd/lxc_init.c
M src/lxc/commands.c
M src/lxc/start.c
Log Message:
-----------
Merge pull request #2833 from brauner/2019-02-09/bugfixes
bugfixes
Commit: 99dc3a338d0e7f83fae59593c9f38c6b7fec9cac
https://github.com/lxc/lxc/commit/99dc3a338d0e7f83fae59593c9f38c6b7fec9cac
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
A coccinelle/run-coccinelle.sh
Log Message:
-----------
coccinelle: add coccinelle support
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 51a8a74c070e4a4cdc2dce07d92f37b531a610e3
https://github.com/lxc/lxc/commit/51a8a74c070e4a4cdc2dce07d92f37b531a610e3
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
A coccinelle/while-true.cocci
M src/lxc/cmd/lxc_init.c
M src/lxc/lxccontainer.c
M src/lxc/network.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/storage/btrfs.c
M src/lxc/storage/nbd.c
M src/lxc/string_utils.c
M src/lxc/tools/arguments.c
M src/lxc/utils.c
Log Message:
-----------
coccinelle: s/while({1,true})/for(;;)/
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 5701771461ae33a0e2f37cdc9afb3020cbab1728
https://github.com/lxc/lxc/commit/5701771461ae33a0e2f37cdc9afb3020cbab1728
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
A coccinelle/exit.cocci
M src/lxc/attach.c
M src/lxc/cmd/lxc_init.c
M src/lxc/storage/nbd.c
M src/lxc/tools/arguments.c
M src/lxc/tools/lxc_autostart.c
M src/tests/aa.c
M src/tests/cgpath.c
M src/tests/list.c
M src/tests/locktests.c
M src/tests/may_control.c
M src/tests/snapshot.c
M src/tests/startone.c
Log Message:
-----------
coccinelle: use standard exit identifiers
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3e0aac16db5f7ff310316a3a2ea000503a31b2fb
https://github.com/lxc/lxc/commit/3e0aac16db5f7ff310316a3a2ea000503a31b2fb
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
M src/lxc/caps.c
Log Message:
-----------
Merge pull request #2829 from brauner/2019-02-08/capabilities
caps: check uid and euid
Commit: 41f808b29a58773664d17ef289c798f332c8ae54
https://github.com/lxc/lxc/commit/41f808b29a58773664d17ef289c798f332c8ae54
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-09 (Sat, 09 Feb 2019)
Changed paths:
A coccinelle/exit.cocci
A coccinelle/run-coccinelle.sh
A coccinelle/while-true.cocci
M src/lxc/attach.c
M src/lxc/cmd/lxc_init.c
M src/lxc/lxccontainer.c
M src/lxc/network.c
M src/lxc/pam/pam_cgfs.c
M src/lxc/storage/btrfs.c
M src/lxc/storage/nbd.c
M src/lxc/string_utils.c
M src/lxc/tools/arguments.c
M src/lxc/tools/lxc_autostart.c
M src/lxc/utils.c
M src/tests/aa.c
M src/tests/cgpath.c
M src/tests/list.c
M src/tests/locktests.c
M src/tests/may_control.c
M src/tests/snapshot.c
M src/tests/startone.c
Log Message:
-----------
Merge pull request #2832 from brauner/2019-02-08/add_coccinelle
coccinelle support
Commit: f2668eea509deccb77a90dac8a12f43bfcb6178f
https://github.com/lxc/lxc/commit/f2668eea509deccb77a90dac8a12f43bfcb6178f
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgfsng: coding style for cgfsng_monitor_create()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: d99d5c935a9ee2eb66ba9e55e85bd707d4c1647b
https://github.com/lxc/lxc/commit/d99d5c935a9ee2eb66ba9e55e85bd707d4c1647b
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
Log Message:
-----------
cgfsng: coding style for cgfsng_payload_create()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: c74da4abd20ede6a30c358dc275ba43b1d12e8d5
https://github.com/lxc/lxc/commit/c74da4abd20ede6a30c358dc275ba43b1d12e8d5
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/macro.h
Log Message:
-----------
cgfsng: fix cgroup creation
When cgroup creation failed we reset container_cgroup to NULL to avoid
issues with __cleanup__. Fix that logic:
- add steal_ptr() based on take_ptr()
- move stealing the pointer out of the loop
lxc ctImport 20190210050705.858 DEBUG network - network.c:instantiate_veth:202 - Instantiated veth "vethGQMH7I/vethSPXNL3", index is "272"
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1262 - File exists - Failed to create directory "/sys/fs/cgroup/unified//lxc.payload/ctImport-0"
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:container_create_path_for_hierarchy:1302 - Failed to create cgroup "/sys/fs/cgroup/unified//lxc.payload/ctImport-0"
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1431 - Failed to create cgroup "/sys/fs/cgroup/unified//lxc.payload/ctImport-0"
lxc ctImport 20190210050705.858 INFO cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1441 - The container uses "lxc.payload/ctImport-0" as cgroup
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:mkdir_eexist_on_last:1262 - File exists - Failed to create directory "/sys/fs/cgroup/unified/"
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:container_create_path_for_hierarchy:1302 - Failed to create cgroup "/sys/fs/cgroup/unified/"
lxc ctImport 20190210050705.858 ERROR cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1431 - Failed to create cgroup "/sys/fs/cgroup/unified/"
lxc ctImport 20190210050705.858 INFO cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1441 - The container uses "(null)" as cgroup
Fixes: d97919abf22 ("cgroups: partially switch to cleanup macros")
Reported-by: Stéphane Graber <stgraber at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: b49c4e2de47e1c9dd7526427e809cb750c4edada
https://github.com/lxc/lxc/commit/b49c4e2de47e1c9dd7526427e809cb750c4edada
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/macro.h
Log Message:
-----------
Merge pull request #2836 from brauner/2019-02-10/fix_cgfsng_driver
cgroup: bugfixes
Commit: 8336d7be2929fcae0d6ee8a27f60930d086f6185
https://github.com/lxc/lxc/commit/8336d7be2929fcae0d6ee8a27f60930d086f6185
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/parse.c
Log Message:
-----------
parse: handle \r
Closes #2838.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 9913ac1b42a63429ea74e64dd24b6a711e84ab57
https://github.com/lxc/lxc/commit/9913ac1b42a63429ea74e64dd24b6a711e84ab57
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-10 (Sun, 10 Feb 2019)
Changed paths:
M src/lxc/parse.c
Log Message:
-----------
Merge pull request #2839 from brauner/2019-02-10/handle_carriage_return
parse: handle \r
Commit: 6400238d08cdf1ca20d49bafb85f4e224348bf9d
https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M configure.ac
M src/lxc/Makefile.am
M src/lxc/file_utils.c
M src/lxc/file_utils.h
A src/lxc/rexec.c
M src/lxc/syscall_wrappers.h
Log Message:
-----------
CVE-2019-5736 (runC): rexec callers as memfd
Adam Iwaniuk and Borys Popławski discovered that an attacker can compromise the
runC host binary from inside a privileged runC container. As a result, this
could be exploited to gain root access on the host. runC is used as the default
runtime for containers with Docker, containerd, Podman, and CRI-O.
The attack can be made when attaching to a running container or when starting a
container running a specially crafted image. For example, when runC attaches
to a container the attacker can trick it into executing itself. This could be
done by replacing the target binary inside the container with a custom binary
pointing back at the runC binary itself. As an example, if the target binary
was /bin/bash, this could be replaced with an executable script specifying the
interpreter path #!/proc/self/exe (/proc/self/exec is a symbolic link created
by the kernel for every process which points to the binary that was executed
for that process). As such when /bin/bash is executed inside the container,
instead the target of /proc/self/exe will be executed - which will point to the
runc binary on the host. The attacker can then proceed to write to the target
of /proc/self/exe to try and overwrite the runC binary on the host. However in
general, this will not succeed as the kernel will not permit it to be
overwritten whilst runC is executing. To overcome this, the attacker can
instead open a file descriptor to /proc/self/exe using the O_PATH flag and then
proceed to reopen the binary as O_WRONLY through /proc/self/fd/<nr> and try to
write to it in a busy loop from a separate process. Ultimately it will succeed
when the runC binary exits. After this the runC binary is compromised and can
be used to attack other containers or the host itself.
This attack is only possible with privileged containers since it requires root
privilege on the host to overwrite the runC binary. Unprivileged containers
with a non-identity ID mapping do not have the permission to write to the host
binary and therefore are unaffected by this attack.
LXC is also impacted in a similar manner by this vulnerability, however as the
LXC project considers privileged containers to be unsafe no CVE has been
assigned for this issue for LXC. Quoting from the
https://linuxcontainers.org/lxc/security/ project's Security information page:
"As privileged containers are considered unsafe, we typically will not consider
new container escape exploits to be security issues worthy of a CVE and quick
fix. We will however try to mitigate those issues so that accidental damage to
the host is prevented."
To prevent this attack, LXC has been patched to create a temporary copy of the
calling binary itself when it starts or attaches to containers. To do this LXC
creates an anonymous, in-memory file using the memfd_create() system call and
copies itself into the temporary in-memory file, which is then sealed to
prevent further modifications. LXC then executes this sealed, in-memory file
instead of the original on-disk binary. Any compromising write operations from
a privileged container to the host LXC binary will then write to the temporary
in-memory binary and not to the host binary on-disk, preserving the integrity
of the host LXC binary. Also as the temporary, in-memory LXC binary is sealed,
writes to this will also fail.
Note: memfd_create() was added to the Linux kernel in the 3.17 release.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Co-Developed-by: Alesa Sarai <asarai at suse.de>
Acked-by: Serge Hallyn <serge at hallyn.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 9d361e0fd485941ddf098f9d6696bbd58e7e2d3a
https://github.com/lxc/lxc/commit/9d361e0fd485941ddf098f9d6696bbd58e7e2d3a
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
A src/include/fexecve.c
A src/include/fexecve.h
M src/lxc/Makefile.am
M src/lxc/rexec.c
Log Message:
-----------
include: add fexecve() for Android's Bionic
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 9c63d38cec293f281cbbce0fc505d3aece6e4d09
https://github.com/lxc/lxc/commit/9c63d38cec293f281cbbce0fc505d3aece6e4d09
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
A src/include/fexecve.c
A src/include/fexecve.h
M src/lxc/Makefile.am
M src/lxc/rexec.c
Log Message:
-----------
Merge pull request #2841 from brauner/2019-02-11/fix_android
include: add fexecve() for Android's Bionic
Commit: 7fd02ed74da7d495a8a4bf5c797762d8ecab290c
https://github.com/lxc/lxc/commit/7fd02ed74da7d495a8a4bf5c797762d8ecab290c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/api_extensions.h
Log Message:
-----------
api_extensions: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: b80e01bda3f16b64b2fc42faada30577e88c629d
https://github.com/lxc/lxc/commit/b80e01bda3f16b64b2fc42faada30577e88c629d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/compiler.h
Log Message:
-----------
compiler: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 6aae19f7c8cc3ab036e078172c735cf058054dcf
https://github.com/lxc/lxc/commit/6aae19f7c8cc3ab036e078172c735cf058054dcf
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/file_utils.h
Log Message:
-----------
file_utils.h: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3877934c7af1edd982c5a01174ca2bdbb6f85d69
https://github.com/lxc/lxc/commit/3877934c7af1edd982c5a01174ca2bdbb6f85d69
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/macro.h
Log Message:
-----------
api_extensions: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2b3153a88274c70584d97758b6d487169217fcac
https://github.com/lxc/lxc/commit/2b3153a88274c70584d97758b6d487169217fcac
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/rexec.c
Log Message:
-----------
rexec: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Aleksa Sarai <asarai at suse.de>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Acked-by: Aleksa Sarai <cyphar at cyphar.com>
Commit: cd4a865dd697ecb245b3e58e54d053af89730a75
https://github.com/lxc/lxc/commit/cd4a865dd697ecb245b3e58e54d053af89730a75
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/memory_utils.h
Log Message:
-----------
memory_utils: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: c423a0a7d88520b3253d07d4c3534ede3629b302
https://github.com/lxc/lxc/commit/c423a0a7d88520b3253d07d4c3534ede3629b302
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/ringbuf.h
Log Message:
-----------
ringbuf.h: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 7043a15df390df43533eb1ff6fc8571e8a857206
https://github.com/lxc/lxc/commit/7043a15df390df43533eb1ff6fc8571e8a857206
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/syscall_wrappers.h
Log Message:
-----------
syscall_wrappers: fix wrong licensing
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Aleksa Sarai <cyphar at cyphar.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 9581e69761283aef300dbab37030846e0f7a5a28
https://github.com/lxc/lxc/commit/9581e69761283aef300dbab37030846e0f7a5a28
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/api_extensions.h
M src/lxc/compiler.h
M src/lxc/file_utils.h
M src/lxc/macro.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
M src/lxc/ringbuf.h
M src/lxc/syscall_wrappers.h
Log Message:
-----------
Merge pull request #2843 from brauner/2019-02-11/fix_licensing_brauner
fix licensing headers
Commit: 84fa5acacc78003ff61eb5be5026d659177b8e8f
https://github.com/lxc/lxc/commit/84fa5acacc78003ff61eb5be5026d659177b8e8f
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/string_utils.h
Log Message:
-----------
string_utils.h: fix wrong licensing
liblxc has always been meant to be LGPLv2.1+ as reflected by the many
downstreams projects and bindings which are themselves under LGPLv2.1+ or other
licenses which would be incompatible with linking against a GPLv2+ library.
It's pretty normal for a library to be LGPL while binaries are GPL as a GPL
library would only ever be usable by other GPL-only projects, which isn't the
case for very many of the liblxc downstreams.
The issue here is really carelessness. None of those GPL headers were put there
intentionally, instead being wrongly copy/pasted from other parts of the
codebase which is indeed intended to be GPLv2+. This is also made clear in our
CONTRIBUTING file in this repository:
Licensing for new files:
------------------------
LXC is made of files shipped under a few different licenses.
Anything that ends up being part of the LXC library needs to be released
under LGPLv2.1+ or a license compatible with it (though the latter will
only be accepted for cases where the code originated elsewhere and was
imported into LXC).
Language bindings for the libraries need to be released under LGPLv2.1+.
Anything else (non-libraries) needs to be Free Software and needs to be
allowed to link with LGPLv2.1+ code (if needed). LXC upstream prefers
LGPLv2.1+ or GPLv2 for those.
When introducing a new file into the project, please make sure it has a
copyright header making clear under which license it's being released
and if it doesn't match the criteria described above, please explain
your decision on the lxc-devel mailing-list when submitting your patch.
This is intended to switch over files to LGPLv2.1+ to which end we have
collected ACKs from relevant people.
/* Affected People */
Christian Brauner <christian.brauner at ubuntu.com>
Fabrice Fontaine <fontaine.fabrice at gmail.com>
Josh Soref <jsoref at gmail.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Acked-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Acked-by: Josh Soref <jsoref at gmail.com>
Commit: b88ccedc1e059e5115292b40e9a4bd1c2881d3e6
https://github.com/lxc/lxc/commit/b88ccedc1e059e5115292b40e9a4bd1c2881d3e6
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-11 (Mon, 11 Feb 2019)
Changed paths:
M src/lxc/string_utils.h
Log Message:
-----------
Merge pull request #2844 from brauner/2019-02-11/licensing+
string_utils.h: fix wrong licensing
Commit: d3a9befc86113228f77c89030336faa84a5557c0
https://github.com/lxc/lxc/commit/d3a9befc86113228f77c89030336faa84a5557c0
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/rexec.c
A src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
rexec: make rexecution opt-in for library callers
We cannot rexecute the liblxc shared library unconditionally as this would
break most of our downstreams. Here are some scenarios:
- anyone performing a dlopen() on the shared library (e.g. users of the LXC
Python bindings)
- LXD as it needs to know the absolute path to its own executable based on
/proc/self/exe etc.
This commit makes the rexecution of liblxc conditional on whether the
LXC_MEMFD_REXEC environment variable is set or not. If it is then liblxc is
unconditionally rexecuted.
The only relevant attack vector exists for lxc-attach which we simply reexecute
unconditionally.
Reported-by: Stéphane Graber <stgraber at ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: b091c341d5131e54ed4152855439b7a188d371dc
https://github.com/lxc/lxc/commit/b091c341d5131e54ed4152855439b7a188d371dc
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/rexec.c
A src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Merge pull request #2846 from brauner/2019-02-12/CVE-2019-5736
rexec: make rexecution opt-in for library callers
Commit: c70de0eabbba570a89df1e7b97243a9c1fa1ef1a
https://github.com/lxc/lxc/commit/c70de0eabbba570a89df1e7b97243a9c1fa1ef1a
Author: Hervé Beraud <hberaud at redhat.com>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M .travis.yml
M config/apparmor/lxc-generate-aa-rules.py
Log Message:
-----------
apparmor: catch config file opening error
Improve config file error opening management
and improve main code block.
Execute this python script during CI to avoid
regressions
Signed-off-by: Hervé Beraud <hberaud at redhat.com>
Commit: 1530ced383738a1a44e7d56d35b79cc786942767
https://github.com/lxc/lxc/commit/1530ced383738a1a44e7d56d35b79cc786942767
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M .travis.yml
M config/apparmor/lxc-generate-aa-rules.py
Log Message:
-----------
Merge pull request #2847 from 4383/improve-lxc-generator
apparmor: catch config file opening error
Commit: 069d8e86c1781cb2b39fd19627b8ffc8e2ee7a69
https://github.com/lxc/lxc/commit/069d8e86c1781cb2b39fd19627b8ffc8e2ee7a69
Author: Hervé Beraud <hberaud at redhat.com>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M .travis.yml
Log Message:
-----------
apparmor: Improve testing on apparmor python script
Compare command output to already existing container-rules file
Signed-off-by: Hervé Beraud <hberaud at redhat.com>
Commit: 33257e97929ecb8bb356a3e5f10fcbc378d55f35
https://github.com/lxc/lxc/commit/33257e97929ecb8bb356a3e5f10fcbc378d55f35
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M .travis.yml
Log Message:
-----------
Merge pull request #2848 from 4383/improve-testing
apparmore: Improve testing on apparmor python script
Commit: 0c816b346788afa9d601766e31544fdcce67d780
https://github.com/lxc/lxc/commit/0c816b346788afa9d601766e31544fdcce67d780
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M src/lxc/rexec.c
M src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
rexec: remove needless /proc/cmdline parsing
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 257e396bed4da40af23120c8717d3294511141fd
https://github.com/lxc/lxc/commit/257e396bed4da40af23120c8717d3294511141fd
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M src/lxc/rexec.c
M src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Merge pull request #2850 from brauner/2019-02-13/simplify_argv_parsing
rexec: remove needless /proc/cmdline parsing
Commit: 7a80606d7b3e31516d3cb223c899be25e67cbc0d
https://github.com/lxc/lxc/commit/7a80606d7b3e31516d3cb223c899be25e67cbc0d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M src/lxc/rexec.c
M src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Revert "rexec: remove needless /proc/cmdline parsing"
The ELF binary spec does specify in [1]:
SHT_INIT_ARRAY
This section contains an array of pointers to initialization functions,
as described in ``Initialization and Termination Functions'' in Chapter
5. Each pointer in the array is taken as a parameterless procedure with
a void return.
which means libcs other than glibc might not pass down argc and argv to
constructors.
This reverts commit 0c816b346788afa9d601766e31544fdcce67d780.
[1]: http://www.sco.com/developers/gabi/latest/ch4.sheader.html#init_array
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: cee55b59cd0f7446bae25d02bcd23805ce43aaa4
https://github.com/lxc/lxc/commit/cee55b59cd0f7446bae25d02bcd23805ce43aaa4
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M src/lxc/rexec.c
Log Message:
-----------
rexec: remove envp parsing in favour of environ
My first attempt to simplify this and make it less costly focussed on
the way constructors are called. I was under the impression that the ELF
specification mandated that arg, argv, and actually even envp need to be
passed to functions located in the .init_array section (aka
"constructors"). Actually, the specifications is (cf. [2]):
SHT_INIT_ARRAY
This section contains an array of pointers to initialization functions,
as described in ``Initialization and Termination Functions'' in Chapter
5. Each pointer in the array is taken as a parameterless procedure with
a void return.
which means that this becomes a libc specific decision. Glibc passes
down those args, musl doesn't. So this approach can't work. However, we
can at least remove the environment parsing part based on POSIX since
[1] mandates that there should be an environ variable defined in
unistd.h which provides access to the environment. See also the relevant
Open Group specification [1].
[1]: http://pubs.opengroup.org/onlinepubs/9699919799/
[2]: http://www.sco.com/developers/gabi/latest/ch4.sheader.html#init_array
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2cd64122513b73d84e67dd20566e39525ec7f0cf
https://github.com/lxc/lxc/commit/2cd64122513b73d84e67dd20566e39525ec7f0cf
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M src/lxc/rexec.c
M src/lxc/rexec.h
M src/lxc/tools/lxc_attach.c
Log Message:
-----------
Merge pull request #2852 from brauner/2019-02-14/revert_simplify_argv_parsing
rexec: cmdline and environ parsing improvements
Commit: 29a7b484ffa86e8b552bd90dc26d9ea5f577eed2
https://github.com/lxc/lxc/commit/29a7b484ffa86e8b552bd90dc26d9ea5f577eed2
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-15 (Fri, 15 Feb 2019)
Changed paths:
M src/lxc/conf.c
Log Message:
-----------
conf: do not log devpts umount2() failure
We're not acting based on the return value so don't log anything.
Fixes: https://discuss.linuxcontainers.org/t/warning-in-the-container-log/4072/2
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 24548539af7fa95cd9ca7b971eb9f301065492e0
https://github.com/lxc/lxc/commit/24548539af7fa95cd9ca7b971eb9f301065492e0
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-15 (Fri, 15 Feb 2019)
Changed paths:
M src/lxc/network.c
Log Message:
-----------
network: do not log false friends
The netlink functions just return -1 and not specific negative errno values so
logging them doesn't make any sense.
Fixes: https://discuss.linuxcontainers.org/t/warning-in-the-container-log/4072/2
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4d3d037a98cf5e4c5038ad7cecf3b20028963e8a
https://github.com/lxc/lxc/commit/4d3d037a98cf5e4c5038ad7cecf3b20028963e8a
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-15 (Fri, 15 Feb 2019)
Changed paths:
M src/lxc/conf.c
M src/lxc/network.c
Log Message:
-----------
Merge pull request #2857 from brauner/2019-02-15/tweak_log
log: fixes
Commit: c00d0e3b2a06b34ebe25c27208ab38075bbf33d2
https://github.com/lxc/lxc/commit/c00d0e3b2a06b34ebe25c27208ab38075bbf33d2
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2019-02-15 (Fri, 15 Feb 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
mount: Allow over-mounting
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: eba282e4d8c4f911513193683a48d80e62e7f73a
https://github.com/lxc/lxc/commit/eba282e4d8c4f911513193683a48d80e62e7f73a
Author: Christian Brauner <christian at brauner.io>
Date: 2019-02-16 (Sat, 16 Feb 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2859 from stgraber/master
mount: Allow over-mounting
Commit: 71521317b2a4432fb5aa1878a7933d563b7020cb
https://github.com/lxc/lxc/commit/71521317b2a4432fb5aa1878a7933d563b7020cb
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2019-02-15 (Fri, 15 Feb 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
mount: Cleanup allow over-mounting
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 7a8959d5723bc23be3505a859f7d371d71978829
https://github.com/lxc/lxc/commit/7a8959d5723bc23be3505a859f7d371d71978829
Author: Christian Brauner <christian at brauner.io>
Date: 2019-02-16 (Sat, 16 Feb 2019)
Changed paths:
M src/lxc/lxccontainer.c
Log Message:
-----------
Merge pull request #2860 from stgraber/master
mount: Allow over-mounting
Commit: d85617bc6760745047745b6ea6f268bedde123ef
https://github.com/lxc/lxc/commit/d85617bc6760745047745b6ea6f268bedde123ef
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/start.c
Log Message:
-----------
start: move variable into tighter scope
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 83c11f1d041027d66fd72498f282f8989dc0e4d2
https://github.com/lxc/lxc/commit/83c11f1d041027d66fd72498f282f8989dc0e4d2
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/af_unix.c
Log Message:
-----------
af_unix: use __do_free
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: cd8f5663ab6b5c8712305b4f8321bec8e0ac7565
https://github.com/lxc/lxc/commit/cd8f5663ab6b5c8712305b4f8321bec8e0ac7565
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/attach.c
Log Message:
-----------
attach: use __do_free
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 57e7625005f17ab39836b3ef9908d8e0de306550
https://github.com/lxc/lxc/commit/57e7625005f17ab39836b3ef9908d8e0de306550
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/cgroups/cgroup_utils.c
Log Message:
-----------
cgroup_utils: use __do_free
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 3cf7d8c2b80b6264e1830d41cc9fe84336641688
https://github.com/lxc/lxc/commit/3cf7d8c2b80b6264e1830d41cc9fe84336641688
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/cmd/lxc_init.c
Log Message:
-----------
lxc-init: use cleanup macros
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 5c8d235259fa89cd6e4391c4c545ba36964861ec
https://github.com/lxc/lxc/commit/5c8d235259fa89cd6e4391c4c545ba36964861ec
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/cmd/lxc_user_nic.c
Log Message:
-----------
lxc-user-nic: use cleanup macros
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e8cc83897a0f35436f95637181cfa61902eed91f
https://github.com/lxc/lxc/commit/e8cc83897a0f35436f95637181cfa61902eed91f
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/cmd/lxc_usernsexec.c
Log Message:
-----------
lxc-usernsexec: use cleanup macros
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2ebc7bde97503c30671f1f8892171094a7fe6101
https://github.com/lxc/lxc/commit/2ebc7bde97503c30671f1f8892171094a7fe6101
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-17 (Sun, 17 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: move declaration into tighter scope
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 8259d86d97510fffbb4192eb9a58af5b0e9cebc7
https://github.com/lxc/lxc/commit/8259d86d97510fffbb4192eb9a58af5b0e9cebc7
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros in lxc_cmd_console()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4101805bb23d3d9567050720fa2f7e8b85cf7774
https://github.com/lxc/lxc/commit/4101805bb23d3d9567050720fa2f7e8b85cf7774
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/macro.h
Log Message:
-----------
macro: introduce steal_fd()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e236fe05d1e7a615c6a198a5fd0b5db0631484d4
https://github.com/lxc/lxc/commit/e236fe05d1e7a615c6a198a5fd0b5db0631484d4
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/memory_utils.h
Log Message:
-----------
memory_utils: introduce __do_close_prot_errno
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: e96f929188abd51b136e312716b3a4006a579786
https://github.com/lxc/lxc/commit/e96f929188abd51b136e312716b3a4006a579786
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: use __do_close_prot_errno
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: c34ff11978d8f1280e47edeeb2f16d9c8012b27e
https://github.com/lxc/lxc/commit/c34ff11978d8f1280e47edeeb2f16d9c8012b27e
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros lxc_cmd()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: cd889e57a4982b76adeb3d1541419e15f4c93cde
https://github.com/lxc/lxc/commit/cd889e57a4982b76adeb3d1541419e15f4c93cde
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros lxc_cmd_add_state_client
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4c2effceb430d90db5bd4c1883ccfa8b415816eb
https://github.com/lxc/lxc/commit/4c2effceb430d90db5bd4c1883ccfa8b415816eb
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros lxc_cmd_accept()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: c13e7111196c89ffaac91eb89eccfff3bb118b97
https://github.com/lxc/lxc/commit/c13e7111196c89ffaac91eb89eccfff3bb118b97
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros lxc_cmd_init
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 2a30bdea60328d03a6f2ed8736be56c460d40721
https://github.com/lxc/lxc/commit/2a30bdea60328d03a6f2ed8736be56c460d40721
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/commands.c
Log Message:
-----------
commands: cleanup macros lxc_cmd_init()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 8f350e637c0e8001398602a6b2f536de3905787d
https://github.com/lxc/lxc/commit/8f350e637c0e8001398602a6b2f536de3905787d
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/file_utils.c
M src/lxc/file_utils.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
Log Message:
-----------
rexec: handle legacy kernels
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: fed8112d04bea7d60c819e579c76b38fb440fc41
https://github.com/lxc/lxc/commit/fed8112d04bea7d60c819e579c76b38fb440fc41
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/rexec.c
Log Message:
-----------
rexec: use __do_close_prot_errno
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 4d8a34c31ce9ca9e4608b0a36726f66653ed57ca
https://github.com/lxc/lxc/commit/4d8a34c31ce9ca9e4608b0a36726f66653ed57ca
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/Makefile.am
M src/lxc/af_unix.c
M src/lxc/attach.c
M src/lxc/cgroups/cgroup_utils.c
M src/lxc/cmd/lxc_init.c
M src/lxc/cmd/lxc_user_nic.c
M src/lxc/cmd/lxc_usernsexec.c
M src/lxc/commands.c
M src/lxc/file_utils.c
M src/lxc/file_utils.h
M src/lxc/macro.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
M src/lxc/start.c
Log Message:
-----------
Merge pull request #2862 from brauner/2019-02-17/save_rexec
cleanup macros and rexec fixes
Commit: 7cf89ee88db9d8f6d7bad81ccb6742501091ddc7
https://github.com/lxc/lxc/commit/7cf89ee88db9d8f6d7bad81ccb6742501091ddc7
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/file_utils.c
M src/lxc/file_utils.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
Log Message:
-----------
Revert "rexec: handle legacy kernels"
Broke Android
This reverts commit 8f350e637c0e8001398602a6b2f536de3905787d.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Commit: 4aa90f60123ef6c926218f893f40d8c40c0ec566
https://github.com/lxc/lxc/commit/4aa90f60123ef6c926218f893f40d8c40c0ec566
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/file_utils.c
M src/lxc/file_utils.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
Log Message:
-----------
[V2] rexec: handle legacy kernels
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
Commit: 005f822b22e506d19b7cc39410791b1847382326
https://github.com/lxc/lxc/commit/005f822b22e506d19b7cc39410791b1847382326
Author: Stéphane Graber <stgraber at stgraber.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M src/lxc/file_utils.c
M src/lxc/file_utils.h
M src/lxc/memory_utils.h
M src/lxc/rexec.c
Log Message:
-----------
Merge pull request #2863 from brauner/2019-02-17/save_rexec
rexec: handle legacy kernels
Compare: https://github.com/lxc/lxc/compare/e814299f2d98...005f822b22e5
More information about the lxc-devel
mailing list