riya khanna writes:
> (Please pardon multiple emails, artifact of merging all separate
> conversations)
>
> Thanks for your feedback!
>
> Letting the kernel know about what devices a container could access (based on
> device cgroups) and having devtmpfs in the kernel create device nodes for a
>
My use case for having device namespaces is device isolation. Isn't what
namespaces are there for (as I understand)? Not everything should be
accessible (or even visible) from a container all the time (we have seen
people come up with different use cases for this). However, bind-mounting
takes away
On Wed, Sep 24, 2014 at 12:29:53AM -0400, S.Çağlar Onur wrote:
> On Wed, Sep 24, 2014 at 12:18 AM, Stéphane Graber wrote:
> > On Wed, Sep 24, 2014 at 12:10:16AM -0400, S.Çağlar Onur wrote:
> >> Hey Stéphane,
> >>
> >> On Tue, Sep 23, 2014 at 12:21 AM, Stéphane Graber
> >> wrote:
> >> > Hey every
(Please pardon multiple emails, artifact of merging all separate
conversations)
Thanks for your feedback!
Letting the kernel know about what devices a container could access (based
on device cgroups) and having devtmpfs in the kernel create device nodes
for a container that map to corresponding C
On Wed, Sep 24, 2014 at 12:18 AM, Stéphane Graber wrote:
> On Wed, Sep 24, 2014 at 12:10:16AM -0400, S.Çağlar Onur wrote:
>> Hey Stéphane,
>>
>> On Tue, Sep 23, 2014 at 12:21 AM, Stéphane Graber
>> wrote:
>> > Hey everyone,
>> >
>> > So I've finally caught up on all the master patches and pushed
Thanks for your feedback!
Letting the kernel know about what devices a container could access (based
on device cgroups) and having devtmpfs in the kernel create device nodes
for a container that map to corresponding CUSE nodes is what I thought of.
For example, "echo 29:0 > /proc//devices" would p
On Wed, Sep 24, 2014 at 12:10:16AM -0400, S.Çağlar Onur wrote:
> Hey Stéphane,
>
> On Tue, Sep 23, 2014 at 12:21 AM, Stéphane Graber wrote:
> > Hey everyone,
> >
> > So I've finally caught up on all the master patches and pushed
> > everything to the stable-1.0 branch. All tests pass on all archi
Hey Stéphane,
On Tue, Sep 23, 2014 at 12:21 AM, Stéphane Graber wrote:
> Hey everyone,
>
> So I've finally caught up on all the master patches and pushed
> everything to the stable-1.0 branch. All tests pass on all architectures
> and a tiny bit of manual testing didn't find any obvious problem w
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 7dc6f6e279b35ccff88793afe991d34ecead57f3
https://github.com/lxc/lxc/commit/7dc6f6e279b35ccff88793afe991d34ecead57f3
Author: Dwight Engen
Date: 2014-09-23 (Tue, 23 Sep 2014)
Changed paths:
M doc/lxc-top.sg
Quoting Dwight Engen (dwight.en...@oracle.com):
> - keep but rename the lua version as an example of how to use the lua API
>
> - got rid of the fairly useless --max argument
>
> Signed-off-by: Dwight Engen
Thanks, let's push it and proceed from there.
Acked-by: Serge E. Hallyn
> ---
> v3:
>
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 22 Sep 2014 23:52:18 +
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > - keep but rename the lua version as an example of how to use the
> > > lua API
> > >
> > > - got rid of the fairly useless --max
- keep but rename the lua version as an example of how to use the lua API
- got rid of the fairly useless --max argument
Signed-off-by: Dwight Engen
---
v3:
- remove unneeded exit from for loop (which could've cause a mem leak)
- remove leftover debug printf
- check return from realloc()
v2:
Perfect, thanks for testing!
On Tue, Sep 23, 2014 at 05:45:10PM +0200, viv...@gmail.com wrote:
>
> lxc from git _work_ ok with 3.14.19
>
> ___
> lxc-devel mailing list
> lxc-devel@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/l
lxc from git _work_ ok with 3.14.19
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
I'm running 1.0.5, I'll test git or 1.0.6 if it come out before I can test a
git version.
Il 23/09/2014 16:14, Stéphane Graber ha scritto:
> That very much looks like the security fix commits we've got a while
> back and for which we already have workarounds in git.
>
> Would be great if you c
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: 5492e9695743e909641472309b93384f04875132
https://github.com/lxc/lxc/commit/5492e9695743e909641472309b93384f04875132
Author: Stéphane Graber
Date: 2014-09-23 (Tue, 23 Sep 2014)
Changed paths:
M templat
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 3cd988ccdbbb5b5794b19ad1165e48168c2dd1d9
https://github.com/lxc/lxc/commit/3cd988ccdbbb5b5794b19ad1165e48168c2dd1d9
Author: Stéphane Graber
Date: 2014-09-23 (Tue, 23 Sep 2014)
Changed paths:
M templates/l
Please ignore, this patch is incomplete, I've pushed the correct version
to both branches.
On Tue, Sep 23, 2014 at 10:24:04AM -0400, Stéphane Graber wrote:
> Signed-off-by: Stéphane Graber
> ---
> templates/lxc-download.in | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/templates/lxc-d
Signed-off-by: Stéphane Graber
---
templates/lxc-download.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/templates/lxc-download.in b/templates/lxc-download.in
index 5799de8..497de45 100644
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in
@@ -234,6 +234,7 @@ while :; do
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: 35fc594d9c21d50e24648525b32fdf990fb8e947
https://github.com/lxc/lxc/commit/35fc594d9c21d50e24648525b32fdf990fb8e947
Author: KATOH Yasufumi
Date: 2014-09-23 (Tue, 23 Sep 2014)
Changed paths:
M doc/ja/l
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: b58575f74843284077c622d46747adf8ad13ebba
https://github.com/lxc/lxc/commit/b58575f74843284077c622d46747adf8ad13ebba
Author: KATOH Yasufumi
Date: 2014-09-23 (Tue, 23 Sep 2014)
Changed paths:
M doc/ja/lxc.s
On Tue, Sep 23, 2014 at 10:36:03PM +0900, KATOH Yasufumi wrote:
> Signed-off-by: KATOH Yasufumi
Acked-by: Stéphane Graber
> ---
> doc/ja/lxc.system.conf.sgml.in | 3 +++
> doc/lxc.system.conf.sgml.in| 4 +++-
> 2 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/doc/ja/lxc.sy
That very much looks like the security fix commits we've got a while
back and for which we already have workarounds in git.
Would be great if you could try running the current stable-1.0 branch
and see if that fixes it for you.
On Tue, Sep 23, 2014 at 02:15:08PM +0200, viv...@gmail.com wrote:
>
On Mon, 22 Sep 2014 23:52:18 +
Serge Hallyn wrote:
> Quoting Dwight Engen (dwight.en...@oracle.com):
> > - keep but rename the lua version as an example of how to use the
> > lua API
> >
> > - got rid of the fairly useless --max argument
> >
> > Signed-off-by: Dwight Engen
>
> Sorry, a fe
Signed-off-by: KATOH Yasufumi
---
doc/ja/lxc.system.conf.sgml.in | 3 +++
doc/lxc.system.conf.sgml.in| 4 +++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/doc/ja/lxc.system.conf.sgml.in b/doc/ja/lxc.system.conf.sgml.in
index 9ef669d..c34af93 100644
--- a/doc/ja/lxc.system.co
last long term 3.14.9 has a change that make user lxc fail to start, it
seem the permission problem has been already encountered and fixed
before, in lxc userspace, not in kernel.
===
lxc-start --version
1.0.5
===
git bisect good | tee -a ${HOME}/bisect.
26 matches
Mail list logo