On Wed, Sep 24, 2014 at 5:38 PM, Eric W. Biederman
wrote:
> Riya Khanna writes:
>
> > On Sep 24, 2014, at 12:43 PM, Eric W. Biederman
> wrote:
> >
> >> Serge Hallyn writes:
> >>
> >>> Isolation is provided by the devices cgroup. You want something more
> >>> than isolation.
> >>>
> >>> Quotin
On Wed, 24 Sep 2014 16:13:48 -0400
Stéphane Graber wrote:
> On Wed, Sep 24, 2014 at 04:05:33PM -0400, Dwight Engen wrote:
> > On Wed, 24 Sep 2014 13:17:28 -0400
> > Stéphane Graber wrote:
> >
> > > I've confirmed that the testsuite on all arches passes fine with
> > > that change and close insp
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: 69783413e85861b4494b385c66ebd607cebcf8b2
https://github.com/lxc/lxc/commit/69783413e85861b4494b385c66ebd607cebcf8b2
Author: Sergio Jimenez
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M src/lxc/
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 28417b5a874f85c118158a9874b5e0ba73bc3a03
https://github.com/lxc/lxc/commit/28417b5a874f85c118158a9874b5e0ba73bc3a03
Author: Sergio Jimenez
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M src/lxc/conf
Riya Khanna writes:
> On Sep 24, 2014, at 12:43 PM, Eric W. Biederman wrote:
>
>> Serge Hallyn writes:
>>
>>> Isolation is provided by the devices cgroup. You want something more
>>> than isolation.
>>>
>>> Quoting riya khanna (riyakhanna1...@gmail.com):
My use case for having device na
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 1fd37220db01c5e2362e2859a0f3ffe259ea5d6c
https://github.com/lxc/lxc/commit/1fd37220db01c5e2362e2859a0f3ffe259ea5d6c
Author: S.Çağlar Onur
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M .gitignore
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: dbd702fb3cd240d949ce77d8012117d03eb90f82
https://github.com/lxc/lxc/commit/dbd702fb3cd240d949ce77d8012117d03eb90f82
Author: S.Çağlar Onur
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M .gitignor
On Wed, Sep 24, 2014 at 05:28:24PM -0400, S.Çağlar Onur wrote:
> Signed-off-by: S.Çağlar Onur
Acked-by: Stéphane Graber
> ---
> .gitignore | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/.gitignore b/.gitignore
> index 2b478cd..10fe58d 100644
> --- a/.gitignore
> +++ b/.gitignore
> @
Signed-off-by: S.Çağlar Onur
---
.gitignore | 1 +
1 file changed, 1 insertion(+)
diff --git a/.gitignore b/.gitignore
index 2b478cd..10fe58d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -74,6 +74,7 @@ src/lxc/legacy/lxc-ls
src/lxc/lxc-user-nic
src/lxc/version.h
+src/python-lxc/setup.py
src/
On Wed, 24 Sep 2014 20:45:22 +
Serge Hallyn wrote:
> Quoting Dwight Engen (dwight.en...@oracle.com):
> > In lxc-0.9.0 if -B wasn't given to lxc-create (the shell script), it
> > would test if $rootfs was on a btrfs and if so would act as if -B
> > btrfs were given (ie. create a subvolume).
>
Quoting Dwight Engen (dwight.en...@oracle.com):
> In lxc-0.9.0 if -B wasn't given to lxc-create (the shell script), it
> would test if $rootfs was on a btrfs and if so would act as if -B btrfs
> were given (ie. create a subvolume).
>
> In lxc-1.x with the bdev backend, lxc-create has the option -B
Hello everyone,
The sixth LXC 1.0 bugfix release is now out!
This includes over two months worth of bugfixes contributed by 24
individual developers. The most important fix is the support for nested
unprivileged containers which was broken recently because of a kernel
security update.
As usual,
Branch: refs/heads/stable-1.0
Home: https://github.com/lxc/lxc
Commit: ddfa53e9058fcfb1c3633e6323b002cd629abe29
https://github.com/lxc/lxc/commit/ddfa53e9058fcfb1c3633e6323b002cd629abe29
Author: Andre Nathan
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M src/lxc/co
On Wed, Sep 24, 2014 at 04:05:33PM -0400, Dwight Engen wrote:
> On Wed, 24 Sep 2014 13:17:28 -0400
> Stéphane Graber wrote:
>
> > I've confirmed that the testsuite on all arches passes fine with that
> > change and close inspection of the resulting package looked good too.
> >
> > It'd be nice t
On Wed, 24 Sep 2014 13:17:28 -0400
Stéphane Graber wrote:
> I've confirmed that the testsuite on all arches passes fine with that
> change and close inspection of the resulting package looked good too.
>
> It'd be nice to have someone confirm that make rpm works with that
> change as I don't hav
On Sep 24, 2014, at 12:43 PM, Eric W. Biederman wrote:
> Serge Hallyn writes:
>
>> Isolation is provided by the devices cgroup. You want something more
>> than isolation.
>>
>> Quoting riya khanna (riyakhanna1...@gmail.com):
>>> My use case for having device namespaces is device isolation. I
Quoting Stéphane Graber (stgra...@ubuntu.com):
> From: "Michael H. Warfield"
>
> This commit is based on the work of:
> Signed-off-by: Michael H. Warfield
>
> A generic changelog would be:
> - Bring support for lxcbr0 to all distributions
> - Share the container startup and network config
I guess policy-based multiplexing (or exclusive ownership) is the usage. What
kind of devices (loop, fb, etc.) this is needed for depends on the usage. If
there are multiple FBs, then each container could potentially own one. One may
want to provide exclusive ownership of input devices to one co
My use case is for handling hotplug events. I needed a way to say that
when a hotplug event occurs which container should see the event.
Underlying this is that devtmpfs represents the host, and not the
containers view. Ideally I would like to have a containerized devtmpfs
instance. Absent
In lxc-0.9.0 if -B wasn't given to lxc-create (the shell script), it
would test if $rootfs was on a btrfs and if so would act as if -B btrfs
were given (ie. create a subvolume).
In lxc-1.x with the bdev backend, lxc-create has the option -B best
which would have a similar result, but this is not t
I've confirmed that the testsuite on all arches passes fine with that
change and close inspection of the resulting package looked good too.
It'd be nice to have someone confirm that make rpm works with that
change as I don't have an easy way to try that.
There's the issue of sysconfig/lxc-net whic
Serge Hallyn writes:
> Isolation is provided by the devices cgroup. You want something more
> than isolation.
>
> Quoting riya khanna (riyakhanna1...@gmail.com):
>> My use case for having device namespaces is device isolation. Isn't what
>> namespaces are there for (as I understand)?
Namespaces
From: "Michael H. Warfield"
This commit is based on the work of:
Signed-off-by: Michael H. Warfield
A generic changelog would be:
- Bring support for lxcbr0 to all distributions
- Share the container startup and network configuration logic across
distributions and init systems.
- Have
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 6afb165dd1ca89a364f0f503a0a08afc8abc2600
https://github.com/lxc/lxc/commit/6afb165dd1ca89a364f0f503a0a08afc8abc2600
Author: Andre Nathan
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M src/lxc/confil
Oops, forgot it...
Signed-off-by: Andre Nathan
On 09/24/2014 11:27 AM, Stéphane Graber wrote:
> Patch looks good, I'm also pretty surprised nobody noticed before
> because the output must have been pretty awful until that patch :)
>
> Can you just reply to this e-mail with your Signed-off-by li
Quoting Eric W. Biederman (ebied...@xmission.com):
> riya khanna writes:
>
> > (Please pardon multiple emails, artifact of merging all separate
> > conversations)
> >
> > Thanks for your feedback!
> >
> > Letting the kernel know about what devices a container could access (based
> > on
> > dev
Isolation is provided by the devices cgroup. You want something more
than isolation.
Quoting riya khanna (riyakhanna1...@gmail.com):
> My use case for having device namespaces is device isolation. Isn't what
> namespaces are there for (as I understand)? Not everything should be
> accessible (or e
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: edf3a692c70a50051ab0f29647644037f9a89f07
https://github.com/lxc/lxc/commit/edf3a692c70a50051ab0f29647644037f9a89f07
Author: KATOH Yasufumi
Date: 2014-09-24 (Wed, 24 Sep 2014)
Changed paths:
M doc/ja/lxc.c
Quoting Tycho Andersen (tycho.ander...@canonical.com):
> With cgmanager, the cgroups are polled on demand, so these steps aren't
> needed.
> However, with cgfs, lxc doesn't know about the cgroups for a container and so
> it can't report any of the statistics about e.g. how much memory or CPU a
> c
Patch looks good, I'm also pretty surprised nobody noticed before
because the output must have been pretty awful until that patch :)
Can you just reply to this e-mail with your Signed-off-by line so I can
include this in master?
Thanks!
On Wed, Sep 24, 2014 at 10:08:50AM -0300, Andre Nathan wrot
On Wed, Sep 24, 2014 at 08:38:40AM -0500, Tycho Andersen wrote:
> The ->checkpoint() API call didn't exit correctly if criu was killed by a
> signal instead of exiting, so lxc-checkpoint didn't fail correctly as a
> result.
>
> Signed-off-by: Tycho Andersen
Acked-by: Stéphane Graber
> ---
>
On Wed, Sep 24, 2014 at 07:25:26PM +0900, KATOH Yasufumi wrote:
> Update for commit 7dc6f6e
>
> Signed-off-by: KATOH Yasufumi
Acked-by: Stéphane Graber
> ---
> doc/ja/lxc-top.sgml.in | 38 ++
> 1 file changed, 10 insertions(+), 28 deletions(-)
>
> diff --g
On Wed, Sep 24, 2014 at 07:20:58PM +0900, KATOH Yasufumi wrote:
> Update Japanese lxc.container.conf(5) for commit 93c709b
>
> Signed-off-by: KATOH Yasufumi
Acked-by: Stéphane Graber
> ---
> doc/ja/lxc.container.conf.sgml.in | 29 +
> 1 file changed, 29 insertions(
With cgmanager, the cgroups are polled on demand, so these steps aren't needed.
However, with cgfs, lxc doesn't know about the cgroups for a container and so
it can't report any of the statistics about e.g. how much memory or CPU a
container is using.
Signed-off-by: Tycho Andersen
---
src/lxc/cg
The ->checkpoint() API call didn't exit correctly if criu was killed by a
signal instead of exiting, so lxc-checkpoint didn't fail correctly as a result.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 4
1 file changed, 4 insertions(+)
diff --git a/src/lxc/lxccontainer.c b/src/
---
src/lxc/confile.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 0e932c6..9af2aa4 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -2216,15 +2216,15 @@ static int lxc_get_item_nic(struct lxc_conf *c, char
*retv,
Update for commit 7dc6f6e
Signed-off-by: KATOH Yasufumi
---
doc/ja/lxc-top.sgml.in | 38 ++
1 file changed, 10 insertions(+), 28 deletions(-)
diff --git a/doc/ja/lxc-top.sgml.in b/doc/ja/lxc-top.sgml.in
index 38e8f10..c134b3a 100644
--- a/doc/ja/lxc-top.sgml.
Update Japanese lxc.container.conf(5) for commit 93c709b
Signed-off-by: KATOH Yasufumi
---
doc/ja/lxc.container.conf.sgml.in | 29 +
1 file changed, 29 insertions(+)
diff --git a/doc/ja/lxc.container.conf.sgml.in
b/doc/ja/lxc.container.conf.sgml.in
index fbad025..ba
38 matches
Mail list logo
