[lxc-devel] [lxd/master] storage: Use HostPath for dir/btrfs
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4073
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
dir and btrfs allow the bind-mounting of an existing fs path, as this
can be outside of the snap's mount namespace, we need to wrap those
paths using shared.HostPath.
Signed-off-by: Stéphane Graber
From 215e8425299923da9ae1712ff70039d81cad97cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?=
Date: Tue, 5 Dec 2017 01:20:12 -0500
Subject: [PATCH] storage: Use HostPath for dir/btrfs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
dir and btrfs allow the bind-mounting of an existing fs path, as this
can be outside of the snap's mount namespace, we need to wrap those
paths using shared.HostPath.
Signed-off-by: Stéphane Graber
---
lxd/storage_btrfs.go | 6 +++---
lxd/storage_dir.go | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go
index 4b4bf37b8..20a2dd45b 100644
--- a/lxd/storage_btrfs.go
+++ b/lxd/storage_btrfs.go
@@ -108,7 +108,7 @@ func (s *storageBtrfs) StoragePoolCreate() error {
s.pool.Config["volatile.initial_source"] = s.pool.Config["source"]
isBlockDev := false
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
source = filepath.Join(shared.VarPath("disks"),
fmt.Sprintf("%s.img", s.pool.Name))
s.pool.Config["source"] = source
@@ -259,7 +259,7 @@ func (s *storageBtrfs) StoragePoolCreate() error {
func (s *storageBtrfs) StoragePoolDelete() error {
logger.Infof("Deleting BTRFS storage pool \"%s\".", s.pool.Name)
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
return fmt.Errorf("no \"source\" property found for the storage
pool")
}
@@ -324,7 +324,7 @@ func (s *storageBtrfs) StoragePoolDelete() error {
func (s *storageBtrfs) StoragePoolMount() (bool, error) {
logger.Debugf("Mounting BTRFS storage pool \"%s\".", s.pool.Name)
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
return false, fmt.Errorf("no \"source\" property found for the
storage pool")
}
diff --git a/lxd/storage_dir.go b/lxd/storage_dir.go
index 3f59d3ec0..78e562fa7 100644
--- a/lxd/storage_dir.go
+++ b/lxd/storage_dir.go
@@ -56,7 +56,7 @@ func (s *storageDir) StoragePoolCreate() error {
poolMntPoint := getStoragePoolMountPoint(s.pool.Name)
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
source = filepath.Join(shared.VarPath("storage-pools"),
s.pool.Name)
s.pool.Config["source"] = source
@@ -128,7 +128,7 @@ func (s *storageDir) StoragePoolCreate() error {
func (s *storageDir) StoragePoolDelete() error {
logger.Infof("Deleting DIR storage pool \"%s\".", s.pool.Name)
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
return fmt.Errorf("no \"source\" property found for the storage
pool")
}
@@ -163,7 +163,7 @@ func (s *storageDir) StoragePoolDelete() error {
}
func (s *storageDir) StoragePoolMount() (bool, error) {
- source := s.pool.Config["source"]
+ source := shared.HostPath(s.pool.Config["source"])
if source == "" {
return false, fmt.Errorf("no \"source\" property found for the
storage pool")
}
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/lxc] 3c4915: confile:add lxc.init.cwd
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 3c4915534d16c6c32becfb7252997cb551a194eb https://github.com/lxc/lxc/commit/3c4915534d16c6c32becfb7252997cb551a194eb Author: LiFeng Date: 2017-12-05 (Tue, 05 Dec 2017) Changed paths: M doc/lxc.container.conf.sgml.in M src/lxc/conf.c M src/lxc/conf.h M src/lxc/confile.c M src/lxc/start.c Log Message: --- confile:add lxc.init.cwd Signed-off-by: LiFeng Commit: 2f216e734142cc3a957a4cd2f6b512df99a88908 https://github.com/lxc/lxc/commit/2f216e734142cc3a957a4cd2f6b512df99a88908 Author: Christian Brauner Date: 2017-12-05 (Tue, 05 Dec 2017) Changed paths: M doc/lxc.container.conf.sgml.in M src/lxc/conf.c M src/lxc/conf.h M src/lxc/confile.c M src/lxc/start.c Log Message: --- Merge pull request #1992 from lifeng68/add_init_cwd confile:add lxc.init.cwd Compare: https://github.com/lxc/lxc/compare/4fe9a9b7109c...2f216e734142___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/lxc] 858faf: lxc_execute: properly figure out number of needed ...
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 858faf70ab8d73232a07d49131a442cf954a4e00 https://github.com/lxc/lxc/commit/858faf70ab8d73232a07d49131a442cf954a4e00 Author: Serge Hallyn Date: 2017-12-04 (Mon, 04 Dec 2017) Changed paths: M src/lxc/execute.c Log Message: --- lxc_execute: properly figure out number of needed arguments The lxc_log args have noghing to do with lxc.rootfs.path, and we need room for a NULL at end of arguments. How this bug was hidden for so long I don't know - I can only trigger it on certain systems under certain conditions, but it's definately wrong as is. Signed-off-by: Serge Hallyn Commit: 4fe9a9b7109c9a08ba97a5c6ac74e8d4051b5762 https://github.com/lxc/lxc/commit/4fe9a9b7109c9a08ba97a5c6ac74e8d4051b5762 Author: Christian Brauner Date: 2017-12-05 (Tue, 05 Dec 2017) Changed paths: M src/lxc/execute.c Log Message: --- Merge pull request #2000 from hallyn/2017-12-04/execargs lxc_execute: properly figure out number of needed arguments Compare: https://github.com/lxc/lxc/compare/682f479c...4fe9a9b7109c___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] Moved arguments.{c, h} to tools/ and updated Makefile
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2001
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
@brauner
So, I decided to keep it simple in this pull request and will eventually make more as Yoshi and I keep removing dependencies from more tools. For now, I simply moved `arguments.{c,h}` to the `tools/` subfolder and updated `Makefile.am` to reflect this file movements (i.e. remove `arguments.{c,h}` from the liblxc sources and add it to the sources of each tool).
Regarding the argument parser for `lxc_init.c`, I think I was completely misunderstanding what we are supposed to do. The argument parser for `lxc_init.c` will basically be a subset of the parser in `arguments.c` (i.e. it will only parse the arguments that are required for `lxc_init.c` to work), right?
Or am I still getting it wrong? If so, please enlighten me since I would really like to contribute to this project and help you out to get rid of dependencies in the tools. :)
Thanks!
From ca5e87c39d10834a01bc6cde22be6d6dfd03eef5 Mon Sep 17 00:00:00 2001
From: RicardoSanchezA
Date: Mon, 4 Dec 2017 22:03:52 -0600
Subject: [PATCH 1/2] src/lxc/arguments: moved arguments.{c,h} to tools/
subfolder
Signed-off-by: RicardoSanchezA
---
src/lxc/{ => tools}/arguments.c | 0
src/lxc/{ => tools}/arguments.h | 0
2 files changed, 0 insertions(+), 0 deletions(-)
rename src/lxc/{ => tools}/arguments.c (100%)
rename src/lxc/{ => tools}/arguments.h (100%)
diff --git a/src/lxc/arguments.c b/src/lxc/tools/arguments.c
similarity index 100%
rename from src/lxc/arguments.c
rename to src/lxc/tools/arguments.c
diff --git a/src/lxc/arguments.h b/src/lxc/tools/arguments.h
similarity index 100%
rename from src/lxc/arguments.h
rename to src/lxc/tools/arguments.h
From 84ba892916a05e277446f3ded6a637e600b0ed23 Mon Sep 17 00:00:00 2001
From: RicardoSanchezA
Date: Mon, 4 Dec 2017 22:05:41 -0600
Subject: [PATCH 2/2] lxc/Makefile.am: update tools dependencies
lxc/Makefile.am: reflect the movement of arguments.{c,h} from src/lxc/ to
src/lxc/tools/
Signed-off-by: RicardoSanchezA
---
src/lxc/Makefile.am | 59 ++---
1 file changed, 29 insertions(+), 30 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 8f0c11eca..5c946c12e 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -4,7 +4,7 @@ pkginclude_HEADERS = \
version.h
noinst_HEADERS = \
- arguments.h \
+ tools/arguments.h \
attach.h \
storage/storage.h \
storage/aufs.h \
@@ -79,7 +79,6 @@ endif
lib_LTLIBRARIES = liblxc.la
liblxc_la_SOURCES = \
- arguments.c arguments.h \
storage/storage.c storage/storage.h \
storage/aufs.c storage/aufs.h \
storage/btrfs.c storage/btrfs.h \
@@ -267,35 +266,35 @@ AM_LDFLAGS += -Wl,-rpath -Wl,$(libdir)
endif
LDADD=liblxc.la @CAP_LIBS@ @APPARMOR_LIBS@ @SELINUX_LIBS@ @SECCOMP_LIBS@
-lxc_attach_SOURCES = tools/lxc_attach.c
-lxc_autostart_SOURCES = tools/lxc_autostart.c
-lxc_cgroup_SOURCES = tools/lxc_cgroup.c
-lxc_config_SOURCES = tools/lxc_config.c
-lxc_console_SOURCES = tools/lxc_console.c
-lxc_destroy_SOURCES = tools/lxc_destroy.c
-lxc_device_SOURCES = tools/lxc_device.c
-lxc_execute_SOURCES = tools/lxc_execute.c
-lxc_freeze_SOURCES = tools/lxc_freeze.c
-lxc_info_SOURCES = tools/lxc_info.c
-init_lxc_SOURCES = tools/lxc_init.c
-lxc_monitor_SOURCES = tools/lxc_monitor.c
-lxc_ls_SOURCES = tools/lxc_ls.c
-lxc_copy_SOURCES = tools/lxc_copy.c
-lxc_start_SOURCES = tools/lxc_start.c
-lxc_stop_SOURCES = tools/lxc_stop.c
-lxc_top_SOURCES = tools/lxc_top.c
-lxc_unfreeze_SOURCES = tools/lxc_unfreeze.c
-lxc_unshare_SOURCES = tools/lxc_unshare.c
-lxc_wait_SOURCES = tools/lxc_wait.c
-lxc_create_SOURCES = tools/lxc_create.c
-lxc_snapshot_SOURCES = tools/lxc_snapshot.c
-lxc_usernsexec_SOURCES = tools/lxc_usernsexec.c
-lxc_checkpoint_SOURCES = tools/lxc_checkpoint.c
-lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h
-lxc_monitord_SOURCES = lxc_monitord.c
+lxc_attach_SOURCES = tools/lxc_attach.c tools/arguments.c
+lxc_autostart_SOURCES = tools/lxc_autostart.c tools/arguments.c
+lxc_cgroup_SOURCES = tools/lxc_cgroup.c tools/arguments.c
+lxc_config_SOURCES = tools/lxc_config.c tools/arguments.c
+lxc_console_SOURCES = tools/lxc_console.c tools/arguments.c
+lxc_destroy_SOURCES = tools/lxc_destroy.c tools/arguments.c
+lxc_device_SOURCES = tools/lxc_device.c tools/arguments.c
+lxc_execute_SOURCES = tools/lxc_execute.c tools/arguments.c
+lxc_freeze_SOURCES = tools/lxc_freeze.c tools/arguments.c
+lxc_info_SOURCES = tools/lxc_info.c tools/arguments.c
+init_lxc_SOURCES = tools/lxc_init.c tools/arguments.c
+lxc_monitor_SOURCES = tools/lxc_monitor.c tools/arguments.c
+lxc_ls_SOURCES = tools/lxc_ls.c tools/arguments.c
+lxc_copy_SOURCES = tools/lxc
[lxc-devel] [lxc/master] lxc_execute: properly figure out number of needed arguments
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2000
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
The lxc_log args have noghing to do with lxc.rootfs.path, and
we need room for a NULL at end of arguments.
How this bug was hidden for so long I don't know - I can only
trigger it on certain systems under certain conditions, but it's
definately wrong as is.
Signed-off-by: Serge Hallyn
From 858faf70ab8d73232a07d49131a442cf954a4e00 Mon Sep 17 00:00:00 2001
From: Serge Hallyn
Date: Mon, 4 Dec 2017 22:30:26 -0600
Subject: [PATCH] lxc_execute: properly figure out number of needed arguments
The lxc_log args have noghing to do with lxc.rootfs.path, and
we need room for a NULL at end of arguments.
How this bug was hidden for so long I don't know - I can only
trigger it on certain systems under certain conditions, but it's
definately wrong as is.
Signed-off-by: Serge Hallyn
---
src/lxc/execute.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/lxc/execute.c b/src/lxc/execute.c
index 2f7f13747..1b142aeca 100644
--- a/src/lxc/execute.c
+++ b/src/lxc/execute.c
@@ -49,14 +49,14 @@ static int execute_start(struct lxc_handler *handler, void*
data)
while (my_args->argv[argc++]);
- argc_add = 4;
+ /* lxc-init -n name -- [argc] NULL -> 5 */
+ argc_add = 5;
if (my_args->quiet)
argc_add++;
- if (!handler->conf->rootfs.path) {
- argc_add += 4;
- if (lxc_log_has_valid_level())
- argc_add += 2;
- }
+ if (!handler->conf->rootfs.path)
+ argc_add += 2;
+ if (lxc_log_has_valid_level())
+ argc_add += 2;
argv = malloc((argc + argc_add) * sizeof(*argv));
if (!argv)
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [linuxcontainers.org/master] Update the Vanilla dependency to v.1.6.3
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/linuxcontainers.org/pull/296
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Update the Vanilla dependency to v.1.6.3 with hot fix a known issue until it lands upstream.
From 50848ce03a887277e10b6e759aa9ed946f2edbef Mon Sep 17 00:00:00 2001
From: Anthony Dillon
Date: Mon, 4 Dec 2017 23:33:59 +
Subject: [PATCH] Update the Vanilla dependency to v.1.6.3
---
static/css/local.css | 21 +
templates/common/base.tpl.html | 2 +-
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/static/css/local.css b/static/css/local.css
index 732f39d..0fe42b7 100644
--- a/static/css/local.css
+++ b/static/css/local.css
@@ -716,3 +716,24 @@ pre {
#tryit_feedback .js-collapsable.is-hidden ~ .panel-body {
display: none;
}
+
+/*
+XXX Ant: 04.12.17 This can be removed when this is fixed
+https://github.com/vanilla-framework/vanilla-framework/issues/1478
+*/
+.u-align--center h1,
+.u-align--center h2,
+.u-align--center h3,
+.u-align--center h4,
+.u-align--center h5,
+.u-align--center h6,
+.u-align--center p,
+h1.u-align--center,
+h2.u-align--center,
+h3.u-align--center,
+h4.u-align--center,
+h5.u-align--center,
+h6.u-align--center,
+p.u-align--center {
+ max-width: none;
+}
diff --git a/templates/common/base.tpl.html b/templates/common/base.tpl.html
index 4b052e2..a0d85c9 100644
--- a/templates/common/base.tpl.html
+++ b/templates/common/base.tpl.html
@@ -11,7 +11,7 @@
{% else %}
Linux Containers
{% endif %}
-https://assets.ubuntu.com/v1/vanilla-framework-version-1.6.1.min.css"; />
+https://assets.ubuntu.com/v1/vanilla-framework-version-1.6.3.min.css"; />
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] skeleton for error handling #723
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1997
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Requesting review for skeleton error handling for https://github.com/lxc/lxc/issues/723
THIS IS NOT READY TO BE MERGED.
The following is copied from lxc_error.h for ease of access
/* Overview
*
* 1. Error codes defined based on grepping for "error" in tools/
*
* 2. lxc_error_dump() has intelligence to know when/if to dump errors and concat,
*or just concatenate, thus only needing to add one lxc_error_dump call per
*error to capture, and all that needs to be known is what type of error it is.
*
* 3. lxc_error_concat() is called by lxc_error_dump and has logic for appropriately
*concatenating past/new error strings. Used '~' as delimiter since it's the least
*used ASCII character, reduces need for escaping. If not sufficient can use, "~~" :)
*
* 4. lxc_error_handle() can be called to look at the most recent error_num and run
*some code to "handle" it in some way, then return success/failure
*
* 5. main() and test_dump() are only there for testing at this point, it will be removed
*
* Example:
* if (something_did_not_work) {
* char *lxc_error = "";
* SYSERROR("%s", lxc_error);
* lxc_error_dump(c, lxc_error, );
* }
*
* Issues:
* 1. Can only store errors where a struct lxc_container *c is accessible, this
*means lots of liblxc files cannot use this. How to resolve this/is this a
*problem? Shouldn't the container try to handle errors from functions it can't
*see inside of?
*
* 2. Would like to be able to identify which file the error occurred in. i.e.
*"lxc_attach: Out of memory", but not sure how to do it (aside from manually).
*Trying to figure out a way to use my_args.progname, but any other suggestions
*welcome.
*
* 3. Need a better ordering for macros, and way to determine which are considered
*leaf vs non-leaf
*
* 4. Need to figure out how/which errors should/can be handled/ignored.
*
* 5. Incorporate into Makefile and build, handle dependencies and decide #includes
*
* 6. 3 memory leaks from lxc_error_concat
*
*/
From e395e4f5e8f8b25fb1217e04543fe446604180f3 Mon Sep 17 00:00:00 2001
From: Yasmine Zakout
Date: Wed, 29 Nov 2017 13:52:30 -0600
Subject: [PATCH 1/6] Added notes for macros in the tools dir. lxc_error.h
contains the macros and the line numbers they should be replacing, error.txt
contains all the results from my grep.
---
src/lxc/tools/error.txt | 84 +++
src/lxc/tools/lxc_error.h | 61 ++
2 files changed, 145 insertions(+)
create mode 100644 src/lxc/tools/error.txt
create mode 100644 src/lxc/tools/lxc_error.h
diff --git a/src/lxc/tools/error.txt b/src/lxc/tools/error.txt
new file mode 100644
index 0..92e3fdba9
--- /dev/null
+++ b/src/lxc/tools/error.txt
@@ -0,0 +1,84 @@
+lxc_copy.c:518:ERROR("Error: Renaming container %s to %s
failed\n", c->name, newname);
+lxc_copy.c:866:SYSERROR("Failed to set close-on-exec on file
descriptor.");
+lxc_create.c:127: ERROR("Error executing %s -h", path);
+lxc_create.c:329: ERROR("Error creating container %s", c->name);
+lxc_destroy.c:236: SYSERROR("failed to allocate memory");
+lxc_destroy.c:243: ERROR("could not read %s", path);
+lxc_device.c:68: SYSERROR("failed to fork task.");
+lxc_device.c:76: ERROR("failed to enter netns of
container.");
+lxc_device.c:82: ERROR("failed to get interfaces list");
+lxc_device.c:109: ERROR("%s must be run as root", argv[0]);
+lxc_device.c:135: ERROR("%s doesn't exist", my_args.name);
+lxc_device.c:142: ERROR("Failed to load rcfile");
+lxc_device.c:147: ERROR("Out of memory setting new config
filename");
+lxc_device.c:153: ERROR("Container %s is not running.", c->name);
+lxc_device.c:158: ERROR("Error: no command given (Please see
--help output)");
+lxc_device.c:176: ERROR("Failed to add %s to %s.",
dev_name, c->name);
+lxc_device.c:187: ERROR("Failed to del %s from %s.",
dev_name, c->name);
+lxc_device.c:192: ERROR("Error: Please use add or del (Please see
--help output)");
+lxc_execute.c:149: ERROR("Failed to create lxc_container");
+lxc_execute.c:156: ERROR("Failed to load rcfile");
+lxc_execute.c:162: ERROR("Out of memory setting new config
filename");
+lxc_execute.c:170: ERROR("missing command to execute!");
+lxc_execute.c:193: ERROR("Failed
[lxc-devel] [lxc/master] [WIP]: test Coverity scan integration
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1996 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Christian Brauner From a869f94b399098c147e04118423d652ddedcd4ea Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 4 Dec 2017 23:41:45 +0100 Subject: [PATCH] [WIP]: test Coverity scan integration Signed-off-by: Christian Brauner --- .travis.yml | 13 + 1 file changed, 13 insertions(+) diff --git a/.travis.yml b/.travis.yml index 758f2ea3a..28d6029ce 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,11 @@ language: c compiler: - gcc - clang +env: + global: + - secure: "HRhoQBAke8QGGm8C8qH8cJ/vOB8x+ouDcKVL7iw6K6gLFBqSNF0Ikr/71lxof1nI2T3dk8shH5vv1i0OFhT2obHSQSYjs0fdO/B+4K/PXsj2BCmVtSketFK0xljU7RXzL+kS9V2A4R0SERygs2XahmbU0peePS2G+DbLTkWoxS8=" before_install: + - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca- - sudo add-apt-repository ppa:ubuntu-lxc/daily -y - sudo apt-get update -qq - sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev python3-dev python3-setuptools docbook2x libgnutls-dev liblua5.2-dev libselinux1-dev libcgmanager-dev @@ -18,3 +22,12 @@ notifications: recipients: - lxc-devel@lists.linuxcontainers.org webhooks: https://linuxcontainers.org/webhook-lxcbot/ +addons: + coverity_scan: +project: + name: "lxc/lxc" + description: "LXC - Linux Containers https://linuxcontainers.org/lxc"; +notification_email: lxc-devel@lists.linuxcontainers.org +build_command_prepend: "./autogen.sh && mkdir build && cd build && ../configure --enable-tests --with-distro=unknown" +build_command: "make -j4" +branch_pattern: coverity_scan ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [go-lxc/v2] Fix execute check
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/go-lxc/pull/96
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
see patch notes for details
From 9d2976b398263e72e96ebc88c2ae325102300c75 Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Mon, 4 Dec 2017 15:02:57 -0700
Subject: [PATCH 1/2] fix execute defined check
Execute() really just does exec("lxc-execute", "-P", c.configPath()); the
problem here is that if c is undefined, then it doesn't have an on-disk
config path, and this lxc-execute invocation won't work.
I think there's a think-o here, and we really mean "is this container
defined", since it will thusly have a config and this little hack will
work.
Signed-off-by: Tycho Andersen
---
container.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/container.go b/container.go
index 8e9ba73..690988b 100644
--- a/container.go
+++ b/container.go
@@ -495,7 +495,7 @@ func (c *Container) Execute(args ...string) ([]byte, error)
{
c.mu.Lock()
defer c.mu.Unlock()
- if err := c.makeSure(isNotDefined); err != nil {
+ if err := c.makeSure(isDefined); err != nil {
return nil, err
}
From 67d98dfe09e9e6dde9cd48cf48a6b1d997418e73 Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Mon, 4 Dec 2017 15:04:29 -0700
Subject: [PATCH 2/2] remove some commented out code
With the immanent arrival of StartExecute(), Execute() is probably going to
be enshrined in hackery-whackery for the rest of time. So let's get rid of
this commented out code.
Signed-off-by: Tycho Andersen
---
container.go | 12
1 file changed, 12 deletions(-)
diff --git a/container.go b/container.go
index 690988b..09cbe15 100644
--- a/container.go
+++ b/container.go
@@ -517,18 +517,6 @@ func (c *Container) Execute(args ...string) ([]byte,
error) {
}
return output, nil
- /*
- cargs := makeNullTerminatedArgs(args)
- if cargs == nil {
- return ErrAllocationFailed
- }
- defer freeNullTerminatedArgs(cargs, len(args))
-
- if !bool(C.go_lxc_start(c.container, 1, cargs)) {
- return ErrExecuteFailed
- }
- return nil
- */
}
// Stop stops the container.
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxcfs/master] Change MemAvailable figure in /proc/meminfo to include cache memory -- Fixes #175 I think.
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxcfs/pull/228
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
Anyway, since the kernel calculation itself is just an estimation,
it doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
For a more detailed understanding of how MemAvailable comes about one
should look at 34e431b0ae398fc54ea69ff85ec700722c9da773 in the Linux
kernel tree.
Signed-off-by: Aaron Sokoloski
From ad19b86d22ef75e1dac0ae9cc564089102ec043a Mon Sep 17 00:00:00 2001
From: Aaron Sokoloski
Date: Mon, 4 Dec 2017 12:30:37 -0600
Subject: [PATCH] Change MemAvailable figure in /proc/meminfo to include cache
memory -- Fixes #175 I think.
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
Anyway, since the kernel calculation itself is just an estimation, it
doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
For a more detailed understanding of how MemAvailable comes about one
should look at 34e431b0ae398fc54ea69ff85ec700722c9da773 in the Linux
kernel tree.
Signed-off-by: Aaron Sokoloski
---
bindings.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bindings.c b/bindings.c
index 658da41..9657160 100644
--- a/bindings.c
+++ b/bindings.c
@@ -3167,7 +3167,7 @@ static int proc_meminfo_read(char *buf, size_t size,
off_t offset,
snprintf(lbuf, 100, "MemFree:%8lu kB\n",
memlimit - memusage);
printme = lbuf;
} else if (startswith(line, "MemAvailable:")) {
- snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage);
+ snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage + cached);
printme = lbuf;
} else if (startswith(line, "SwapTotal:") && memswlimit > 0) {
sscanf(line+sizeof("SwapTotal:")-1, "%lu",
&hostswtotal);
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxcfs/master] Change MemAvailable figure in /proc/meminfo to include cache memory -- Fixes #175 I think
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxcfs/pull/227
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
But anyway, since the kernel calculation itself is just an estimation,
it doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
From 02d4cedc1efe45c67eb6b10f4ecfd2d4e3084801 Mon Sep 17 00:00:00 2001
From: Aaron Sokoloski
Date: Mon, 4 Dec 2017 12:30:37 -0600
Subject: [PATCH] Change MemAvailable figure in /proc/meminfo to include cache
memory -- Fixes #175 I think.
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
But anyway, since the kernel calculation itself is just an estimation,
it doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
Signed-off-by: Aaron Sokoloski
---
bindings.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bindings.c b/bindings.c
index 658da41..9657160 100644
--- a/bindings.c
+++ b/bindings.c
@@ -3167,7 +3167,7 @@ static int proc_meminfo_read(char *buf, size_t size,
off_t offset,
snprintf(lbuf, 100, "MemFree:%8lu kB\n",
memlimit - memusage);
printme = lbuf;
} else if (startswith(line, "MemAvailable:")) {
- snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage);
+ snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage + cached);
printme = lbuf;
} else if (startswith(line, "SwapTotal:") && memswlimit > 0) {
sscanf(line+sizeof("SwapTotal:")-1, "%lu",
&hostswtotal);
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxcfs/master] Change MemAvailable figure in /proc/meminfo to include cache memory -- Fixes #175 I think.
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxcfs/pull/226
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
But anyway, since the kernel calculation itself is just an estimation,
it doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
From d5116ce57a31e8ba6d325602c246f7aa6c962392 Mon Sep 17 00:00:00 2001
From: Aaron Sokoloski
Date: Mon, 4 Dec 2017 12:30:37 -0600
Subject: [PATCH] Change MemAvailable figure in /proc/meminfo to include cache
memory -- Fixes #175 I think.
MemAvailable represents roughly how much more memory we can use before
we start swapping. Page cache memory can be reclaimed if it's needed
for something else, so it should count as available memory. This
change should also fix the "available" column of the "free" command,
as well as the "avail Mem" value in "top", both of which come from
MemAvailable.
Note that this isn't perfectly accurate. On a physical machine, the
value for MemAvailable is the result of a calculation that takes into
account that when memory gets low (but before it's completely
exhausted), kswapd wakes up and starts paging things out. See:
https://github.com/torvalds/linux/blob/a0908a1b7d68706ee52ed4a039756e70c8e956e9/mm/page_alloc.c#L4553
(si_mem_available function)
I tried to think of a way to be more exact, but this calculation
includes figures that we don't have available for a given cgroup
hierarchy, such as reclaimable slab memory and the low watermark for
zones. So it's not really feasible to reproduce it exactly.
But anyway, since the kernel calculation itself is just an estimation,
it doesn't seem too bad that we're a little bit off. Adding in the
amount of memory used for page cache seems much better than what we
were doing before (just copying the free memory figure), because that
can be wrong by gigabytes.
---
bindings.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bindings.c b/bindings.c
index 658da41..9657160 100644
--- a/bindings.c
+++ b/bindings.c
@@ -3167,7 +3167,7 @@ static int proc_meminfo_read(char *buf, size_t size,
off_t offset,
snprintf(lbuf, 100, "MemFree:%8lu kB\n",
memlimit - memusage);
printme = lbuf;
} else if (startswith(line, "MemAvailable:")) {
- snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage);
+ snprintf(lbuf, 100, "MemAvailable: %8lu kB\n",
memlimit - memusage + cached);
printme = lbuf;
} else if (startswith(line, "SwapTotal:") && memswlimit > 0) {
sscanf(line+sizeof("SwapTotal:")-1, "%lu",
&hostswtotal);
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Add pre-copy migration support to LXD
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4072
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
These patches add pre-copy migration support to LXD. These patches are using the existing pre-copy migration support in LXC (LXC needs the following patches https://github.com/lxc/lxc/pull/1950).
Pre-copy migration is based on CRIU and CRIU uses the kernel's dirty memory tracking support:
https://www.kernel.org/doc/Documentation/vm/soft-dirty.txt
https://criu.org/Memory_changes_tracking
The pre-copy migration support defaults to off for now as there is no way to query LXC if the architecture/kernel/criu combination support dirty memory tracking. There have been discussion in adding the necessary feature checking to LXC but it is not yet implemented.
If pre-copy migration should be used it is necessary to set 'migration.pre_copy.enabled' to 'true'.
LXD will query if the destination supports pre-copy migration and only then it will start to do multiple pre-copy migration steps. The number of pre-copy iterations can be controlled with 'migration.pre_copy.max' and defaults to 10.
To avoid to do unnecessary pre-copy iterations one more parameter was introduced. With 'migration.pre_copy.pre_migrated_pages' the percentage (defaults to 70%) of pre-copied pages can be controlled if more than 'migration.pre_copy.pre_migrated_pages' have been transferred by the last pre-dump, pre-dumping will stop earlier even if 'migration.pre_copy.max' has not been reached.
This provides the user with two options to control the number of pre-copy migration steps.
From 1ffcbfaa69eb7b8c91fea4ab026639a7359db3c8 Mon Sep 17 00:00:00 2001
From: Adrian Reber
Date: Wed, 29 Nov 2017 08:56:18 +0100
Subject: [PATCH 1/9] migrate: prepare for pre-copy migration
The upcoming pre-copy migration support needs additional parameters to
the Migrate() function. In order to have a cleaner interface this patch
modifies the Migrate() function to use one struct as parameter instead
of currently five (and more in the future).
Signed-off-by: Adrian Reber
Signed-off-by: Christian Brauner
---
lxd/container.go | 12 +++--
lxd/container_lxc.go | 74 ++--
lxd/migrate.go | 30 ++---
3 files changed, 91 insertions(+), 25 deletions(-)
diff --git a/lxd/container.go b/lxd/container.go
index 4515d9c3a..ef577e6d2 100644
--- a/lxd/container.go
+++ b/lxd/container.go
@@ -416,7 +416,7 @@ type container interface {
/* actionScript here is a script called action.sh in the stateDir, to
* be passed to CRIU as --action-script
*/
- Migrate(cmd uint, stateDir string, function string, stop bool,
actionScript bool) error
+ Migrate(args *CriuMigrationArgs) error
Snapshots() ([]container, error)
// Config handling
@@ -696,7 +696,15 @@ func containerCreateAsSnapshot(s *state.State, args
db.ContainerArgs, sourceCont
* after snapshotting will fail.
*/
- err = sourceContainer.Migrate(lxc.MIGRATE_DUMP, stateDir,
"snapshot", false, false)
+ criuMigrationArgs := CriuMigrationArgs{
+ cmd: lxc.MIGRATE_DUMP,
+ stateDir: stateDir,
+ function: "snapshot",
+ stop: false,
+ actionScript: false,
+ }
+
+ err = sourceContainer.Migrate(&criuMigrationArgs)
if err != nil {
os.RemoveAll(sourceContainer.StatePath())
return nil, err
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 5f58821e4..da1d2c492 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -2153,7 +2153,15 @@ func (c *containerLXC) Start(stateful bool) error {
return fmt.Errorf("Container has no existing state to
restore.")
}
- err := c.Migrate(lxc.MIGRATE_RESTORE, c.StatePath(),
"snapshot", false, false)
+ criuMigrationArgs := CriuMigrationArgs{
+ cmd: lxc.MIGRATE_RESTORE,
+ stateDir: c.StatePath(),
+ function: "snapshot",
+ stop: false,
+ actionScript: false,
+ }
+
+ err := c.Migrate(&criuMigrationArgs)
if err != nil && !c.IsRunning() {
return err
}
@@ -2370,8 +2378,16 @@ func (c *containerLXC) Stop(stateful bool) error {
return err
}
+ criuMigrationArgs := CriuMigrationArgs{
+ cmd: lxc.MIGRATE_DUMP,
+
[lxc-devel] [lxc/master] attach: do not fail on non-existing namespaces
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1994
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Closes #1993.
Signed-off-by: Christian Brauner
From 0103eb53defb5864b56131f00f05ff2e69ad369e Mon Sep 17 00:00:00 2001
From: Christian Brauner
Date: Mon, 4 Dec 2017 01:34:50 +0100
Subject: [PATCH 1/6] conf: prevent null pointer dereference
Signed-off-by: Christian Brauner
---
src/lxc/conf.c | 20 +++-
src/lxc/utils.c | 2 +-
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ae30b5b87..a86a6d752 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1741,11 +1741,12 @@ static int mount_entry(const char *fsname, const char
*target,
if (ret < 0) {
if (optional) {
INFO("Failed to mount \"%s\" on \"%s\" (optional): %s",
-fsname, target, strerror(errno));
+fsname ? fsname : "(null)", target,
strerror(errno));
return 0;
}
- SYSERROR("Failed to mount \"%s\" on \"%s\"", fsname, target);
+ SYSERROR("Failed to mount \"%s\" on \"%s\"",
+fsname ? fsname : "(null)", target);
return -1;
}
@@ -1753,13 +1754,12 @@ static int mount_entry(const char *fsname, const char
*target,
unsigned long rqd_flags = 0;
DEBUG("Remounting \"%s\" on \"%s\" to respect bind or remount "
- "options",
- fsname ? fsname : "(none)", target ? target : "(none)");
+ "options", fsname ? fsname : "(none)", target ? target :
"(none)");
if (mountflags & MS_RDONLY)
rqd_flags |= MS_RDONLY;
#ifdef HAVE_STATVFS
- if (statvfs(fsname, &sb) == 0) {
+ if (fsname && statvfs(fsname, &sb) == 0) {
unsigned long required_flags = rqd_flags;
if (sb.f_flag & MS_NOSUID)
@@ -1798,12 +1798,14 @@ static int mount_entry(const char *fsname, const char
*target,
if (ret < 0) {
if (optional) {
INFO("Failed to mount \"%s\" on \"%s\" "
-"(optional): %s", fsname, target,
+"(optional): %s",
+fsname ? fsname : "(null)", target,
strerror(errno));
return 0;
}
- SYSERROR("Failed to mount \"%s\" on \"%s\"", fsname,
target);
+ SYSERROR("Failed to mount \"%s\" on \"%s\"",
+fsname ? fsname : "(null)", target);
return -1;
}
}
@@ -1811,8 +1813,8 @@ static int mount_entry(const char *fsname, const char
*target,
#ifdef HAVE_STATVFS
skipremount:
#endif
- DEBUG("Mounted \"%s\" on \"%s\" with filesystem type \"%s\"", fsname,
- target, fstype);
+ DEBUG("Mounted \"%s\" on \"%s\" with filesystem type \"%s\"",
+ fsname ? fsname : "(null)", target, fstype);
return 0;
}
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 19e6c2ee6..67c475e78 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -1644,7 +1644,7 @@ int safe_mount(const char *src, const char *dest, const
char *fstype,
close(destfd);
if (ret < 0) {
errno = saved_errno;
- SYSERROR("Failed to mount %s onto %s", src, dest);
+ SYSERROR("Failed to mount %s onto %s", src ? src : "(null)",
dest);
return ret;
}
From f39bcb70cf588386d96a93061a0b5ed9a6c39b2c Mon Sep 17 00:00:00 2001
From: Christian Brauner
Date: Mon, 4 Dec 2017 01:38:01 +0100
Subject: [PATCH 2/6] confile_legacy: prevent null pointer deref
Signed-off-by: Christian Brauner
---
src/lxc/confile_legacy.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/confile_legacy.c b/src/lxc/confile_legacy.c
index eb956dd40..9fc2c06c9 100644
--- a/src/lxc/confile_legacy.c
+++ b/src/lxc/confile_legacy.c
@@ -969,7 +969,7 @@ static int lxc_clear_nic(struct lxc_conf *c, const char
*key)
p1 = strchr(key, '.');
if (!p1 || *(p1+1) == '\0')
- p1 = NULL;
+ return -1;
if (!p1 && it) {
lxc_remove_nic(it);
@@ -987,8 +987,9 @@ static int lxc_clear_nic(struct lxc_conf *c, const char
*key)
free(it2->elem);
free(it2);
}
+ } else {
+ return -1;
}
- else return -1;
return
[lxc-devel] [lxc/lxc] 344c9d: lxc_unshare: Add uid_mapping when creating userns
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 344c9d813cf9602fc831483b6407ed276c8f58e9 https://github.com/lxc/lxc/commit/344c9d813cf9602fc831483b6407ed276c8f58e9 Author: Marcos Paulo de Souza Date: 2017-12-01 (Fri, 01 Dec 2017) Changed paths: M src/lxc/conf.c M src/lxc/conf.h M src/lxc/tools/lxc_unshare.c Log Message: --- lxc_unshare: Add uid_mapping when creating userns Change conf.c to export function write_id_mapping, which will now be called inside main function of lxc_unshare.c. This is required because setuid syscalls only permits a new userns to set a new uid if the uid of parameter is mapped inside the ns using uid_map file[1]. So, just after the clone invocation, map the uid passed as parameter into the newly created user namespace, and put the current uid as the ID-outside-ns. After the mapping is done, setuid call succeeds. Closes: #494 [1] https://elixir.free-electrons.com/linux/latest/source/kernel/user_namespace.c#L286 Signed-off-by: Marcos Paulo de Souza Commit: 682f479ca62cb7e92dd1109a87d67354 https://github.com/lxc/lxc/commit/682f479ca62cb7e92dd1109a87d67354 Author: Christian Brauner Date: 2017-12-04 (Mon, 04 Dec 2017) Changed paths: M src/lxc/conf.c M src/lxc/conf.h M src/lxc/tools/lxc_unshare.c Log Message: --- Merge pull request #1979 from marcosps/issue_494 lxc_unshare: Add uid_mapping when creating userns Compare: https://github.com/lxc/lxc/compare/7ded3c18782c...682f479c___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] confile:add lxc.init.cwd
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1992
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Add the `lxc.init.cwd` config to set the current working directory. The value MUST be an absolute path in the container.
Signed-off-by: LiFeng
From 680121ab584eb133e64f24f87ce9583ccdb73fc1 Mon Sep 17 00:00:00 2001
From: LiFeng
Date: Mon, 4 Dec 2017 12:12:40 -0500
Subject: [PATCH] confile:add lxc.init.cwd
Signed-off-by: LiFeng
---
doc/lxc.container.conf.sgml.in | 19 +++
src/lxc/conf.c | 1 +
src/lxc/conf.h | 4
src/lxc/confile.c | 22 ++
src/lxc/start.c| 5 +
5 files changed, 51 insertions(+)
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 51b1a7035..f8b50077c 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -284,6 +284,25 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
MA 02110-1301 USA
+
+ Init working directory
+
+Sets the absolute path inside the container as the working directory
for the containers.
+
+
+
+
+lxc.init.cwd
+
+
+
+ Absolute path inside the container to run as the working
directory.
+
+
+
+
+
+
Init ID
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index ae30b5b87..8234279f9 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3432,6 +3432,7 @@ void lxc_conf_free(struct lxc_conf *conf)
free(conf->rcfile);
free(conf->execute_cmd);
free(conf->init_cmd);
+ free(conf->init_cwd);
free(conf->unexpanded_config);
free(conf->pty_names);
free(conf->syslog);
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 58302cf30..fa10a41bf 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -359,6 +359,10 @@ struct lxc_conf {
struct lxc_cgroup cgroup_meta;
char *inherit_ns[LXC_NS_MAX];
+
+ /* init working directory */
+ char* init_cwd;
+
};
#ifdef HAVE_TLS
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a2e5ba7c1..6bd71a0dd 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -95,6 +95,7 @@ lxc_config_define(hooks);
lxc_config_define(idmaps);
lxc_config_define(includefiles);
lxc_config_define(init_cmd);
+lxc_config_define(init_cwd);
lxc_config_define(init_gid);
lxc_config_define(init_uid);
lxc_config_define(log_file);
@@ -176,6 +177,7 @@ static struct lxc_config_t config[] = {
{ "lxc.init.cmd", false,
set_config_init_cmd,get_config_init_cmd,
clr_config_init_cmd, },
{ "lxc.init.gid", false,
set_config_init_gid,get_config_init_gid,
clr_config_init_gid, },
{ "lxc.init.uid", false,
set_config_init_uid,get_config_init_uid,
clr_config_init_uid, },
+ { "lxc.init.cwd", false,
set_config_init_cwd,get_config_init_cwd,
clr_config_init_cwd, },
{ "lxc.log.file", false,
set_config_log_file,get_config_log_file,
clr_config_log_file, },
{ "lxc.log.level", false,
set_config_log_level, get_config_log_level,
clr_config_log_level, },
{ "lxc.log.syslog",false,
set_config_log_syslog, get_config_log_syslog,
clr_config_log_syslog,},
@@ -945,6 +947,12 @@ static int set_config_init_cmd(const char *key, const char
*value,
return set_config_path_item(&lxc_conf->init_cmd, value);
}
+static int set_config_init_cwd(const char *key, const char *value,
+ struct lxc_conf *lxc_conf, void *data)
+{
+ return set_config_path_item(&lxc_conf->init_cwd, value);
+}
+
static int set_config_init_uid(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
@@ -3249,6 +3257,12 @@ static int get_config_init_cmd(const char *key, char
*retv, int inlen,
return lxc_get_conf_str(retv, inlen, c->init_cmd);
}
+static int get_config_init_cwd(const char *key, char *retv, int inlen,
+ struct lxc_conf *c, void *data)
+{
+ return lxc_get_conf_str(retv, inlen, c->init_cwd
