Priveleged operations should be allowed on loop devices within a
devloop mount by root within the user namespace which owns the
mount. Stash away the namespace at mount time and allow
CAP_SYS_ADMIN within this namespace to perform priveleged
operations on loop devices.
Signed-off-by: Seth Forshee
On 05/27/2014 02:58 PM, Seth Forshee wrote:
> Add limited capability for use of loop devices in containers via
> a loopfs psuedo fs. When mounted this filesystem will contain
> only a loop-control device node. This can be used to request free
> loop devices which will be "owned" by that mount. Devi
On Mon, May 26, 2014 at 10:39:22PM -0400, Michael H. Warfield wrote:
> On Tue, 2014-05-27 at 03:36 +0200, Serge E. Hallyn wrote:
> > Quoting Michael H. Warfield (m...@wittsend.com):
> > > On Mon, 2014-05-26 at 11:16 +0200, Seth Forshee wrote:
> > > > On Fri, May 23, 2014 at 08:48:25AM +0300, Marian
I'm posting these patches in response to the ongoing discussion of loop
devices in containers at [1].
The patches implement a psuedo filesystem for loop devices, which will
allow use of loop devices in containters using standard utilities. Under
normal use a loopfs mount will initially contain a s
Add limited capability for use of loop devices in containers via
a loopfs psuedo fs. When mounted this filesystem will contain
only a loop-control device node. This can be used to request free
loop devices which will be "owned" by that mount. Device nodes
appear automatically for these devices, and
On Tue, May 27, 2014 at 2:58 PM, Seth Forshee
wrote:
> I'm posting these patches in response to the ongoing discussion of loop
> devices in containers at [1].
>
> The patches implement a psuedo filesystem for loop devices, which will
> allow use of loop devices in containters using standard utilit
Quoting Dwight Engen (dwight.en...@oracle.com):
> Signed-off-by: Dwight Engen
Acked-by: Serge E. Hallyn
> ---
> src/lxc/lxccontainer.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
> index 8e611c7..ac6de62 100644
> ---
Originally we kept snapshots under /var/lib/lxcsnaps. If a
separate btrfs is mounted at /var/lib/lxc, then we can't
make btrfs snapshots under /var/lib/lxcsnaps.
This patch moves the default directory to /var/lib/lxc/c/snaps.
If /var/lib/lxcsnaps already exists, then we continue to use that.
add
Currently, a user has to read kernel/Documentation/cgroups/* to know what
is available and then apply these using lxc-cgroups to set runtime limits,
or hand edit the configuration file after creating a container to set them
permanently.
This change covers the most common use cases (cpu, memory) by
Signed-off-by: Dwight Engen
---
src/lxc/lxccontainer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 8e611c7..ac6de62 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -1170,7 +1170,7 @@ static bool prep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi everybody,
On 20.05.2014 21:48 Johannes Kastl wrote:
> This is the logfile of the failed build for Fedora 19:
>> https://build.opensuse.org/package/live_build_log/home:ojkastl_buildservice:LXC/lxc-vanilla/Fedora_19/i586
>
>>
> This
>
> is the lo
Quoting Michael H. Warfield (m...@wittsend.com):
> On Tue, 2014-05-27 at 03:36 +0200, Serge E. Hallyn wrote:
> > Quoting Michael H. Warfield (m...@wittsend.com):
> > > On Mon, 2014-05-26 at 11:16 +0200, Seth Forshee wrote:
> > > > On Fri, May 23, 2014 at 08:48:25AM +0300, Marian Marinov wrote:
> >
12 matches
Mail list logo
