[lxc-devel] [lxc/master] fix logic for execute log file
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2303 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === The problem here is that lxc-init runs *inside* the container. So if a person has the log file set to /home/$USER/foo, lxc-init ends up making a directory /home/$USER/foo inside the container to put the log file in. What we really want are the logs to be propagated from inside the container to the outside. We accomplish this by passing an fd without O_CLOEXEC, and telling lxc-init to log to that file. Signed-off-by: Tycho Andersen From cd90db2c0ec7948a9a52dfc83d3a2b92ed522511 Mon Sep 17 00:00:00 2001 From: Tycho Andersen Date: Thu, 3 May 2018 18:32:19 + Subject: [PATCH] fix logic for execute log file The problem here is that lxc-init runs *inside* the container. So if a person has the log file set to /home/$USER/foo, lxc-init ends up making a directory /home/$USER/foo inside the container to put the log file in. What we really want are the logs to be propagated from inside the container to the outside. We accomplish this by passing an fd without O_CLOEXEC, and telling lxc-init to log to that file. Signed-off-by: Tycho Andersen --- src/lxc/execute.c | 29 + 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/src/lxc/execute.c b/src/lxc/execute.c index c7320ab2d..9fe1af0eb 100644 --- a/src/lxc/execute.c +++ b/src/lxc/execute.c @@ -21,11 +21,13 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ +#define _GNU_SOURCE #include #include #include #include #include +#include #include "conf.h" #include "log.h" @@ -36,9 +38,9 @@ lxc_log_define(lxc_execute, lxc_start); static int execute_start(struct lxc_handler *handler, void* data) { - int j, i = 0; + int j, i = 0, log = -1; struct execute_args *my_args = data; - char **argv; + char **argv, *logfd; int argc = 0, argc_add; while (my_args->argv[argc++]); @@ -69,9 +71,25 @@ static int execute_start(struct lxc_handler *handler, void* data) argv[i++] = (char *)lxc_log_priority_to_string(lxc_log_get_level()); } - if (handler->conf->logfile) { + if (current_config->logfd != -1 || lxc_log_fd != -1) { + int to_dup = current_config->logfd; + + if (current_config->logfd == -1) + to_dup = lxc_log_fd; + + log = dup(to_dup); + if (log < 0) { + SYSERROR("dup of log fd failed"); + goto out2; + } + + if (asprintf(&logfd, "/proc/1/fd/%d", log) < 0) { + ERROR("Couldn't allocate memory for log string"); + goto out3; + } + argv[i++] = "-o"; - argv[i++] = (char *)handler->conf->logfile; + argv[i++] = logfd; } if (my_args->quiet) @@ -92,6 +110,9 @@ static int execute_start(struct lxc_handler *handler, void* data) execvp(argv[0], argv); SYSERROR("Failed to exec %s", argv[0]); + free(logfd); +out3: + close(log); out2: free(argv); out1: ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Make waitready less verbose
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4532 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Free Ekanayaka From 8c8bfaed9496a8737cb5b123c5df31087bf1dcb7 Mon Sep 17 00:00:00 2001 From: Free Ekanayaka Date: Thu, 3 May 2018 13:11:20 + Subject: [PATCH] Make waitready less verbose Signed-off-by: Free Ekanayaka --- lxd/main_waitready.go | 42 +++--- 1 file changed, 15 insertions(+), 27 deletions(-) diff --git a/lxd/main_waitready.go b/lxd/main_waitready.go index 1558da66c6..da9caca5d6 100644 --- a/lxd/main_waitready.go +++ b/lxd/main_waitready.go @@ -35,52 +35,40 @@ func (c *cmdWaitready) Command() *cobra.Command { func (c *cmdWaitready) Run(cmd *cobra.Command, args []string) error { finger := make(chan error, 1) + var errLast error go func() { for i := 0; ; i++ { - // Log initial attempts at debug level, but use warn - // level after the 10'th attempt (about 5 seconds). Then - // after the 30'th attempt (about 15 seconds), log only - // only one attempt every 10 attempts (about 5 seconds), - // to avoid being too verbose. - logPriority := 1 // 0 is discard, 1 is Debug, 2 is Warn + // Start logging only after the 10'th attempt (about 5 + // seconds). Then after the 30'th attempt (about 15 + // seconds), log only only one attempt every 10 + // attempts (about 5 seconds), to avoid being too + // verbose. + doLog := false if i > 10 { - logPriority = 2 - if i > 30 && !((i % 10) == 0) { - logPriority = 0 - } + doLog = i < 30 || ((i % 10) == 0) } - switch logPriority { - case 1: + if doLog { logger.Debugf("Connecting to LXD daemon (attempt %d)", i) - case 2: - logger.Warnf("Connecting to LXD daemon (attempt %d)", i) } d, err := lxd.ConnectLXDUnix("", nil) if err != nil { - switch logPriority { - case 1: + errLast = err + if doLog { logger.Debugf("Failed connecting to LXD daemon (attempt %d): %v", i, err) - case 2: - logger.Warnf("Failed connecting to LXD daemon (attempt %d): %v", i, err) } time.Sleep(500 * time.Millisecond) continue } - switch logPriority { - case 1: + if doLog { logger.Debugf("Checking if LXD daemon is ready (attempt %d)", i) - case 2: - logger.Warnf("Checking if LXD daemon is ready (attempt %d)", i) } _, _, err = d.RawQuery("GET", "/internal/ready", nil, "") if err != nil { - switch logPriority { - case 1: + errLast = err + if doLog { logger.Debugf("Failed to check if LXD daemon is ready (attempt %d): %v", i, err) - case 2: - logger.Warnf("Failed to check if LXD daemon is ready (attempt %d): %v", i, err) } time.Sleep(500 * time.Millisecond) continue @@ -96,7 +84,7 @@ func (c *cmdWaitready) Run(cmd *cobra.Command, args []string) error { case <-finger: break case <-time.After(time.Second * time.Duration(c.flagTimeout)): - return fmt.Errorf("LXD still not running after %ds timeout", c.flagTimeout) + return fmt.Errorf("LXD still not running after %ds timeout (%v)", c.flagTimeout, errLast) } } else { <-finger ___ lxc-devel mailing list lxc-devel@lis
[lxc-devel] [lxd/master] Doc tweaks
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4530 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 5c6286ce01b882154e0adac7015e19088abac5a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 3 May 2018 10:40:51 +0200 Subject: [PATCH 1/2] doc: s/status command/info command/ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #4527 Signed-off-by: Stéphane Graber --- doc/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/security.md b/doc/security.md index 552e529ba..c9d919976 100644 --- a/doc/security.md +++ b/doc/security.md @@ -29,7 +29,7 @@ fingerprint will be shown to the user. The user will then be asked to confirm that this is indeed the server's fingerprint which they can manually check by connecting to or asking -someone with access to the server to run the status command and compare +someone with access to the server to run the info command and compare the fingerprints. After that, the user must enter the trust password for that server, if From 696a2d03a95269ec445925c74d7d2d02eb160f30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 3 May 2018 10:51:51 +0200 Subject: [PATCH 2/2] lxd/init: Explain password less behavior MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #4524 Signed-off-by: Stéphane Graber --- lxd/main_init_interactive.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lxd/main_init_interactive.go b/lxd/main_init_interactive.go index 4d961c13a..73ae50d59 100644 --- a/lxd/main_init_interactive.go +++ b/lxd/main_init_interactive.go @@ -627,6 +627,9 @@ they otherwise would. netPort := cli.AskInt("Port to bind LXD to [default=8443]: ", 1, 65535, "8443") config.Config["core.https_address"] = fmt.Sprintf("%s:%d", netAddr, netPort) config.Config["core.trust_password"] = cli.AskPassword("Trust password for new clients: ") + if config.Config["core.trust_password"] == "" { + fmt.Printf("No password set, client certificates will have to be manually trusted.") + } } // Ask if the user wants images to be automatically refreshed ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] xattr: Support empty values
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4529 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Stéphane Graber From a1783b173cb37066ddb8cacbcbad3ee02259 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 3 May 2018 10:38:45 +0200 Subject: [PATCH] xattr: Support empty values MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 8 shared/util_linux.go | 13 +++-- shared/util_linux_test.go | 1 + 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index c1d7845b1..26376e62e 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -5961,23 +5961,23 @@ func (c *containerLXC) tarStoreFile(linkmap map[uint64]string, offset int, tw *t if link == "" { hdr.Xattrs, err = shared.GetAllXattr(path) if err != nil { - return fmt.Errorf("failed to read xattr: %s", err) + return fmt.Errorf("Failed to read xattr for '%s': %s", path, err) } } if err := tw.WriteHeader(hdr); err != nil { - return fmt.Errorf("failed to write tar header: %s", err) + return fmt.Errorf("Failed to write tar header: %s", err) } if hdr.Typeflag == tar.TypeReg { f, err := os.Open(path) if err != nil { - return fmt.Errorf("failed to open the file: %s", err) + return fmt.Errorf("Failed to open the file: %s", err) } defer f.Close() if _, err := io.Copy(tw, f); err != nil { - return fmt.Errorf("failed to copy file content: %s", err) + return fmt.Errorf("Failed to copy file content: %s", err) } } diff --git a/shared/util_linux.go b/shared/util_linux.go index e0d0056d8..b6d83794f 100644 --- a/shared/util_linux.go +++ b/shared/util_linux.go @@ -473,15 +473,16 @@ func GetAllXattr(path string) (xattrs map[string]string, err error) { if err != nil || pre < 0 { return nil, err } - if pre == 0 { - return nil, fmt.Errorf("No valid extended attribute value found.") - } dest = make([]byte, pre) - post, err = syscall.Getxattr(path, xattr, dest) - if err != nil || post < 0 { - return nil, err + post := 0 + if pre > 0 { + post, err = syscall.Getxattr(path, xattr, dest) + if err != nil || post < 0 { + return nil, err + } } + if post != pre { return nil, e1 } diff --git a/shared/util_linux_test.go b/shared/util_linux_test.go index 36e20e879..bd54fae4b 100644 --- a/shared/util_linux_test.go +++ b/shared/util_linux_test.go @@ -13,6 +13,7 @@ func TestGetAllXattr(t *testing.T) { testxattr = map[string]string{ "user.checksum": "asdfsf13434qwf1324", "user.random": "This is a test", + "user.empty":"", } ) xattrFile, err := ioutil.TempFile("", "") ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel