This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "lxc".
The branch, master has been updated
via 60a742e0afd34e02299f64536df35116d68d888d (commit)
via 2b657f10cad90a2486003f05be62914ee1f23550 (commit)
via d80cfe71886898f4c0fb4c80622792699bf40fd7 (commit)
via 40f6ee0088528f355f3fe16e440c8d5f60b0d27d (commit)
via add1d11833394aaa3a3497c2fdf548e5b14c80d4 (commit)
via e7f0d73311c80bc1fe543d01d5c795264ca745f6 (commit)
via a11a544f5f9adecc648fc5fb9f1b28c3c5e7b466 (commit)
via 30c5d29201b8ee1333995bea0b41f2bc673ee90b (commit)
via 09595b86de932c524c455ff10746e8be270f3bda (commit)
via adca8543105002fdae3b48de780c10907fc66b52 (commit)
via f876c22399932971378690d3476053e4b39ce77c (commit)
via f34ff296835b2afa4b80018651d902448c99ac75 (commit)
via b8bced69a80a8be95fdbbb6b4e9ad7fa85464b1e (commit)
via 989e861d5c5b4a905efb4eb3f58a3eae9d21f83f (commit)
via e99ee0decc02cd304b3173bbd321fee628570f87 (commit)
via 9ba8130c96099a77fe2ad40d3645cd0abeb6cce9 (commit)
via a0a2066d93aa10de373a97784e2cb300518a38b0 (commit)
via d1252b84255a12cdf7a488fd4b922a4f1b3ac40f (commit)
via b505cccf4dcdf933ec2edd5b3b394318d8db6412 (commit)
via edd3810e951ec1b20af761955e6100ab75a66534 (commit)
via 42ff5f0f8767114d060f5031055038a1a1c3759a (commit)
via 5a0f7f3c707bf713f35382eaabc54395d2b36b12 (commit)
via b08ee0ce9a17b575a35eb90778bcf166ecf3634a (commit)
via 6e1d9b94b65cb9b99a74159485c7616fb3742a74 (commit)
via e4208a1995538460cd2a5f75fdafb70cf30599b3 (commit)
via 80a881b232b8955b85b360d4def99e6e680ff61b (commit)
via 26ddeedd83c13da219dee6e26cef37e619b9ef1a (commit)
via e075f5d9b64175dad6e591e3f1d05a8434c4699f (commit)
via 72be4f89b0564bbecab3c5dc934197aefcecccc3 (commit)
via 427bffc7a10c9015dc78ef52543f7b8cb9414359 (commit)
via 3eecde703e9ac3af788ac17357f378d6b6d7c658 (commit)
via 9db1aba4bc2201d886c159d7821c03a8cf25c389 (commit)
via 0c54752318ae11763de5551bee0d6aea92fa5d82 (commit)
via ce5dbd8275111991815b1e4757c356deb54984e7 (commit)
via 93f292149ea555a61cf043acf760ce2520b43472 (commit)
via 96bd45c823a8b8aaf1d684ccc8ad063ac411a0f4 (commit)
via 39aa5856f03898a84684c074ffb35bd0fa538b23 (commit)
via 7b605a1d1e2ad65c235a43bf61dbd0bc240809c1 (commit)
via 3d5a9debb5b7f0efac7b5d1f14700de0c8cac488 (commit)
via 12170cf8e7eeed59cc3b14e9b129dc46257b81de (commit)
via 1d61e5b908fe892ac3f10045d45ba4a4d75f0853 (commit)
via 83366944b45bcb6acfa8c2397c6205a52104d5d0 (commit)
via 3f52fd0763d212a91472a0e2271f6db9aab03f78 (commit)
via 0f6f3a5a42d8afe878949c1528583645a9a5bbb8 (commit)
via d3139ed123018d50064c4f9c6ebc305fabe9d82e (commit)
via 21e487f256705638cbfbd584e33021b9b2db504a (commit)
via 5548f2182e0a4c1677871aca48eaf24c19012a03 (commit)
via 98a02fae03afdd0f04a7a9c48ab56688f1677a24 (commit)
via 814463cf0b35386abb73586a9ad8f7c6b7cf6a40 (commit)
from 00ad19d4dba5c05401125d4217dc8f4e7fd9403a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 60a742e0afd34e02299f64536df35116d68d888d
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
remove unused lastcap variable
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 2b657f10cad90a2486003f05be62914ee1f23550
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
Fix lxc's handling of CAP_LAST_CAP
CAP_LAST_CAP in linux/capability.h doesn't always match what the kernel
actually supports. If the kernel supports fewer capabilities, then a
cap_get_flag for an unsupported capability returns -EINVAL.
Recognize that, and don't fail when initializing capabilities when this
happens, rather accept that we've reached the last capability.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit d80cfe71886898f4c0fb4c80622792699bf40fd7
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
apparmor support: fix compilation with --disable-apparmor
Make the prototypes and functions match between apparmor.{c,h}
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 40f6ee0088528f355f3fe16e440c8d5f60b0d27d
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
lxc-ubuntu: Use dpkg --add-architecture
When a container has dpkg >= 1.16.2, use dpkg --add-architecture
for multi-arch configuration on foreign architecture containers.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit add1d11833394aaa3a3497c2fdf548e5b14c80d4
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
templates: don't fail on busy flock
Just wait until the lock is available. That is a nicer behavior
for concurrent lxc-creates.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit e7f0d73311c80bc1fe543d01d5c795264ca745f6
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
lxc-ls: prepend container name with -- when calling ls
Otherwise a container name with a dash confuses ls
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit a11a544f5f9adecc648fc5fb9f1b28c3c5e7b466
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
lxc-unshare: require an argument
It segfaults otherwise trying to execute &NULL.
We could alternatively guess at a command to execute, such as a
shell, but invariably there would be cases where the command we
guess does not exist.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 30c5d29201b8ee1333995bea0b41f2bc673ee90b
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
use lxc_putold as pivot_dir put dir, not mnt
Using mnt means that lxc fstab entries do not work when placed under
the container's /mnt/ (i.e. /mnt/etc).
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 09595b86de932c524c455ff10746e8be270f3bda
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
lxc-ubuntu.in: drop duplicate code
Commits 15da01b3938d7ba45472e6c9d3b183a94dd86ca9 and
2e44ed1e647d9fd1544b7ad855bda22ca71abd12 conflicted and resulted in
some duplicate functionality. Drop the poorer version of that block.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit adca8543105002fdae3b48de780c10907fc66b52
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:07:18 2012 +0200
Simplify the Ubuntu template a bit
- Update list of extra packages for debootstrap to only include vim
and ssh. The others were only relevant when we were still using the
minbase variant. (LP: #996839)
- Drop any hardcoded Ubuntu version check and replace by feature
checks instead.
- Format lxc-ubuntu to consistently use 4-spaces indent instead of
mixed spaces/tabs.
- Update default /etc/network/interfaces to include the header.
- Update default /etc/hosts to match that of a regular Ubuntu system.
- Drop support for end-of-life releases (gutsy on sparc).
- Make sure /etc/resolv.conf is valid before running any apt command.
- Update template help message for release and arch parameters.
- Switch default Ubuntu version from lucid to precise.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit f876c22399932971378690d3476053e4b39ce77c
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-ubuntu: fix non-native architectures
When installing a non-native architecture, the template
installs a bunch of packages of the native architecture to work around
existing limitations of qemu-user-static, mostly related to netlink.
The current code would install upstart of the host architecture but
force the amd64 version of the others. This was just a mistake done
while testing/developping the code. Fixing now to always install
the native architecture version of all of them.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit f34ff296835b2afa4b80018651d902448c99ac75
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
ubuntu templates: remove maverick as it is end-of-life
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit b8bced69a80a8be95fdbbb6b4e9ad7fa85464b1e
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Update Ubuntu templates for quantal
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 989e861d5c5b4a905efb4eb3f58a3eae9d21f83f
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-clone.in: put $line in quotes to avoid its expansion
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit e99ee0decc02cd304b3173bbd321fee628570f87
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
don't try to pin a null rootfs.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 9ba8130c96099a77fe2ad40d3645cd0abeb6cce9
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
switch all sprintfs which can overrun to snprintfs
and check return values
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit a0a2066d93aa10de373a97784e2cb300518a38b0
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-execute: find lxc-init
lxc-init used to be under /usr/lib/lxc. Now it is under
/usr/lib/<multiarch>/lxc, but old containers will still have it under
/usr/lib/lxc. So search for a valid lxc-init to run.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit d1252b84255a12cdf7a488fd4b922a4f1b3ac40f
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-destroy: wait until the container is stopped
Signed-off-by: Timothy Chen <tnac...@gmail.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit b505cccf4dcdf933ec2edd5b3b394318d8db6412
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
make lxc-shutdown -h work
It was calling non-existent 'help'
Signed-off-by: Timothy Chen <tnac...@gmail.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit edd3810e951ec1b20af761955e6100ab75a66534
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-ubuntu-cloud: extract the right filenames from tarball
Signed-off-by: Ben Howard <ben.how...@canonical.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 42ff5f0f8767114d060f5031055038a1a1c3759a
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-ubuntu*: in precise, make /dev/shm a symbolic link to /run/shm
This would be done (though done wrongly) by mounted-dev.conf, but
that doesn't run because we don't mount /dev.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 5a0f7f3c707bf713f35382eaabc54395d2b36b12
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Description: Fix handling of user-data in ubuntu-cloud template
Signed-off-by: Ben Howard <ben.how...@canonical.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit b08ee0ce9a17b575a35eb90778bcf166ecf3634a
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Minor lxc config template layout fix
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 6e1d9b94b65cb9b99a74159485c7616fb3742a74
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
fix typo in confile.c
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Reported-by: Stéphane Graber <stgra...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit e4208a1995538460cd2a5f75fdafb70cf30599b3
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-ubuntu: use relative path as target for bind mount
An absolute path will be interpreted as absolute with respect to the
parent's namespace.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 80a881b232b8955b85b360d4def99e6e680ff61b
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
templates: use relative paths when creating containers
At the same time, allow lxc.mount.entry to specify an absolute target
path relative to /var/lib/lxc/CN/rootfs, even if rootfs is a blockdev.
Otherwise all such entries are ignored for blockdev-backed containers.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 26ddeedd83c13da219dee6e26cef37e619b9ef1a
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Introduce a first set of container hooks
This patch introduces support for 4 hooks. We'd like to have 6 in
all to mirror the openvz ones (thanks to Stéphane for this info):
pre-start: in the host namespace before container mounting happens
mount: after container mounting (as per config and
/var/lib/lxc/container/fstab)
but before pivot_root
start: immediately before exec'ing init
stop: in container namespace and in chroot before shutdown
umount: after other unmounting has happened
post-stop: outside of the container
stop and umount are not implemented here because when the kernel kills
the container init, it kills the namespace. We can probably work around
this, i.e. by keeping the /proc/pid/ns/mnt open, and using that, though
all container tasks including init would still be dead. Is that worth
pursuing?
start also presents a bit of an issue. openvz allows a script on the
host to be specified, apparently. My patch requires the script or
program to exist in the container. I'm fine with trying to do it the
openvz way, but I wasn't sure what the best way to do that was. Openvz
(I'm told) opens the script and passes its contents to a bash in the
container. But that limits the hooks to being only scripts. By
requiring the hook to be in the container, we can allow any sort of
hook, and assume that any required libraries/dependencies exist
there.
Other than that with this patchset I can add
lxc.hook.pre-start = /var/lib/lxc/p1/pre-start
lxc.hook.mount = /var/lib/lxc/p1/mount
lxc.hook.start = /start
lxc.hook.post-stop = /var/lib/lxc/p1/post-stop
to my /var/lib/lxc/p1/config, and the hooks get executed as expected.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit e075f5d9b64175dad6e591e3f1d05a8434c4699f
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Introduce apparmor support
This could be done as generic 'lsm_init()' and 'lsm_load()' functions,
however that would make it impossible to compile one package supporting
more than one lsm. If we explicitly add the selinux, smack, and aa
hooks in the source, then one package can be built to support multiple
kernels.
The smack support should be pretty trivial, and probably very close
to the apparmor support.
The selinux support may require more, including labeling the passed-in
fds (consoles etc) and filesystems.
If someone on the list has the inclination and experience to add selinux
support, please let me know. Otherwise, I'll do Smack and SELinux.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 72be4f89b0564bbecab3c5dc934197aefcecccc3
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Add lxc-shutdown script
It optionally waits (an optional timeout # of seconds) for the container to
be STOPPED. If given -r, it reboots the container (and exits immediately).
I decided to add the timeout after all because it's harder to finagle into
an upstart post-stop script than a full bash script.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 427bffc7a10c9015dc78ef52543f7b8cb9414359
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
lxc-ubuntu-cloud.in: re-enable use of daily cloud images
There are two types of cloud images - released and daily ones. We were
always using daily ones, instead of using released by default with an
option for daily. Fix that.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 3eecde703e9ac3af788ac17357f378d6b6d7c658
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:04:33 2012 +0200
Description: fix handling of non-precise cloud image format
Also includes a fix for broken check for $debug
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 9db1aba4bc2201d886c159d7821c03a8cf25c389
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:03:30 2012 +0200
lxc-ubuntu.in: fix up the logic adding group for bound users
1. 'getent group $user' assumes user's group is named $user.
2. if 'getent group' returns error, just ignore the group in container
3. (misc) while it happens to all work out fine anyway, don't do
getent passwd $bindhome if $bindhome isn't defined. (it will
successfully return all password entries)
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 0c54752318ae11763de5551bee0d6aea92fa5d82
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:03:30 2012 +0200
pin container's rootfs to prevent read-only remount
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit ce5dbd8275111991815b1e4757c356deb54984e7
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:03:30 2012 +0200
ubuntu template: if a user is bound in, don't define ubuntu user
It might have a conflicting uid, and isn't needed. Also put the bound user
into sudo group.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 93f292149ea555a61cf043acf760ce2520b43472
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
lxc-clone: maintain size of lvm snapshot
When creating a container as lvm snapshot, use the original size unless
user explicitly overrides it.
It's all well and good to day "use lvextend if you run out of space", but
in the meantime applications may become corrupted...
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 96bd45c823a8b8aaf1d684ccc8ad063ac411a0f4
Author: Stéphane Graber <stgra...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
ubuntu template: add sudo group and cleanup minor devttydir issue
Always add the user to the 'sudo' group as it's been around
since at least Ubuntu 10.04. In addition make the user part
of the admin group until 12.04 where it's been removed.
Also fix a minor layout issue with devttydir.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 39aa5856f03898a84684c074ffb35bd0fa538b23
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
ubuntu template: install bound user's shell
If a host user is bound into the container (-b), make sure that his
shell is installed in the container.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 7b605a1d1e2ad65c235a43bf61dbd0bc240809c1
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
lxc-clone: update any hwaddrs
Since we are creating a new container it should not share a macaddr with
the original container.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/934256
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 3d5a9debb5b7f0efac7b5d1f14700de0c8cac488
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
lxc-busybox.in: check separately that /usr/lib64 exists
It's possible for only one of /lib64 and /usr/lib64 to exist, so
adding both fstab entries can cause the busybox container to fail
to start.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 12170cf8e7eeed59cc3b14e9b129dc46257b81de
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
ubuntu template: handle /etc/resolv.conf being a symlink
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 1d61e5b908fe892ac3f10045d45ba4a4d75f0853
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Tue Jul 31 16:01:28 2012 +0200
ubuntu template: set -e to return error on failures.
Otherwise callers can get bad containers without knowing it.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/922645
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 83366944b45bcb6acfa8c2397c6205a52104d5d0
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Tue Jul 31 16:01:27 2012 +0200
Only create rootfs directory where required
In general, lxc-create should not mess with this and leave it entirely
up to the templates to create it.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 3f52fd0763d212a91472a0e2271f6db9aab03f78
Author: Ivan Vilata i Balaguer <i...@selidor.net>
Date: Tue Jul 31 16:01:27 2012 +0200
Allow escape prefix to escape itself
(Closes: #659011).
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 0f6f3a5a42d8afe878949c1528583645a9a5bbb8
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Thu Jun 28 09:13:01 2012 -0500
Fix 'trap' in lxc-clone
Fix signal names in lxc-clone trap.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit d3139ed123018d50064c4f9c6ebc305fabe9d82e
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Tue Jul 31 16:01:25 2012 +0200
Fix 'trap in lxc-create script
Fix correct signal names in lxc-create trap (Closes: #655173).
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 21e487f256705638cbfbd584e33021b9b2db504a
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Tue Jul 31 16:01:24 2012 +0200
fix netstat script with separator
Allow to use -- as seperator in lxc-netstat, otherwise -n from lxc-netstat
collides with netstats -n option (Closes: #641251).
[Serge Hallyn] update patch to (1) not demand argument for
exec (breaks) and (2) set $name not $lxc_name.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 5548f2182e0a4c1677871aca48eaf24c19012a03
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Tue Jul 31 16:01:22 2012 +0200
Change ipv4 addresses in the configuration examples
Use non-routed, private IPv4 address in documentation examples
(Closes: #571525).
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 98a02fae03afdd0f04a7a9c48ab56688f1677a24
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Tue Jul 31 16:01:21 2012 +0200
Simplify information message
Keeping creation of new containers without previously existing configuration
non-interactive and trimm the warning message.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
commit 814463cf0b35386abb73586a9ad8f7c6b7cf6a40
Author: Daniel Baumann <daniel.baum...@progress-technologies.net>
Date: Thu Jun 28 08:51:10 2012 -0500
Trimming directories to use
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com>
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 15 +-
doc/examples/lxc-complex.conf.in | 6 +-
doc/examples/lxc-macvlan.conf.in | 2 +-
doc/examples/lxc-phys.conf.in | 2 +-
doc/examples/lxc-veth.conf.in | 2 +-
doc/examples/lxc-vlan.conf.in | 2 +-
doc/{lxc-unfreeze.sgml.in => lxc-shutdown.sgml.in} | 51 ++---
doc/lxc.conf.sgml.in | 8 +-
lxc.spec.in | 1 +
src/lxc/Makefile.am | 12 +-
src/lxc/apparmor.c | 134 +++++++++
src/lxc/apparmor.h | 18 ++
src/lxc/caps.c | 10 +-
src/lxc/cgroup.c | 55 ++++-
src/lxc/commands.c | 16 +-
src/lxc/conf.c | 232 ++++++++++++++--
src/lxc/conf.h | 23 ++
src/lxc/confile.c | 67 +++++-
src/lxc/execute.c | 54 ++++-
src/lxc/freezer.c | 6 +-
src/lxc/lxc-clone.in | 22 ++-
src/lxc/lxc-create.in | 25 +--
src/lxc/lxc-destroy.in | 1 +
src/lxc/lxc-ls.in | 2 +-
src/lxc/lxc-netstat.in | 16 +-
src/lxc/lxc-shutdown.in | 147 ++++++++++
src/lxc/lxc_console.c | 6 +-
src/lxc/lxc_monitor.c | 11 +-
src/lxc/lxc_unshare.c | 8 +-
src/lxc/network.c | 10 +-
src/lxc/start.c | 27 ++
src/lxc/start.h | 3 +
src/lxc/state.c | 4 +-
templates/lxc-altlinux.in | 4 +-
templates/lxc-busybox.in | 5 +
templates/lxc-debian.in | 8 +-
templates/lxc-fedora.in | 10 +-
templates/lxc-lenny.in | 8 +-
templates/lxc-opensuse.in | 8 +-
templates/lxc-sshd.in | 16 +-
templates/lxc-ubuntu-cloud.in | 94 ++++++-
templates/lxc-ubuntu.in | 289 +++++++++++---------
42 files changed, 1139 insertions(+), 301 deletions(-)
copy doc/{lxc-unfreeze.sgml.in => lxc-shutdown.sgml.in} (62%)
create mode 100644 src/lxc/apparmor.c
create mode 100644 src/lxc/apparmor.h
create mode 100644 src/lxc/lxc-shutdown.in
hooks/post-receive
--
lxc
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
