From: Xiangyu Chen <xiangyu.c...@windriver.com> Changes: 17ac6f691 lxc.spec: Align SPDX license id 5fe2de84c Makefile: Align SPDX license id 97f93be72 meson: Align SPDX license id d4cd3741d COPYING: Clarify licensing of files without SPDX 8e67eb07c doc: Add SPDX headers and remove Author field cb94edf53 src/include: Add SPDX headers 7bc33ef6e src/tests: Add SPDX headers 007642c89 hooks: Add SPDX headers 1e9e66be3 lxc.spec: Clear default changelog 202d649d1 lxc.spec: Use SPDX 85abd4026 template: Use SPDX a074b3d27 config/yum: Use SPDX header 7ed43e5e9 COPYING: Remove whitespace 522721216 MAINTAINERS: Remove Dwight from the maintainer list 08bf8b9e2 lxc-checkconfig: Fix shellcheck 0f18db543 lxc-checkconfig: Show namespace limits f71b8e3f8 lxc-ls: list names with whitespaces in `--active`. 816b8973d lxc/tools: set default log_priority to ERROR 989ea3969 tools/lxc_autostart: don't fail when there are no containers dc4df2335 lxc/lxccontainer: specify file mode in open() call inside mod_rdep 630b46ed2 lxc/confile: do not print excess space before scale suffix for time.offset.boot 796f2ccb7 lxc/confile: do not print newline symbol in getter for lxc.time.offset.* dcc4fb929 tests/parse_config_file: fix some typos 6fea67429 tests/parse_config_file: add tests for lxc.time.offset.* ad8f55445 tree-wide: replace multiply_overflow with check_mul_overflow 4464cee19 lxccontainer: rework copy_file() 9d1aa932d lxccontainer: improve mod_rdep() 81c1bbf45 Revert "lxccontainer: fixes" 82fe01821 src/lxc/syscall_numbers.h: drop define -1 590a95d83 rexec: Avoid invalid free in rexec failure path f9978b179 README: Correct 'armvl7' to 'armv7l' 046b63cd2 unshare: simplify lookup_name 7452ee8ab lxc-unshare: fix an buffer overflow issue in lxc_unshare e88883445 lxc-net: Enable IPv6 by default d78ca00bc tests/meson: attempt to fix ossfuzz builds d18f993b3 github: master -> main 86799f554 meson: link with liblxc dynamically everywhere if possible b90fecfda network: use IN_LIBLXC 9eee450d2 storage_utils: move get_fssize to utils 6eb0a73e2 storage_utils: unhide and rename is_valid_storage_type to lxc_is_valid_storage_type 42eeffcb0 confile: unhide lxc_config_parse_arch() helper 9bb318881 conf: reorganize/split code to utils.c 863c59dc3 conf: reorganize/split code to idmap_utils.c b7591ad49 confile: unhide lxc_config_define*() helpers f14656ebf meson: introduce IN_LIBLXC preprocessor macro 672b2172d confile: move lxc_fill_elevated_privileges() to tools/lxc_attach 8f9733d75 tests: remove old and broken cgroup handling code from tests d51ea224e config: apparmor: add AppArmor profile for lxc-copy 627bb9460 tests: lxc-test-usernic: use iproute tool instead of brctl df0665b6d oci: resolve cross-filesystem blob caching failure ec85e5ca4 lxc-test-usernic: drop cgroup handling 27ec0b0f6 test-usernic: don't use ifconfig 44e845b3c Add x32 to the list of recognized architectures 07e3a516e lxc-download, lxc-local: preserve xattrs on unpack 9ac7c4895 tree-wide: use container_uses_namespace() in less trivial cases 64341ce7b tree-wide: use container_uses_namespace() helper 6b40e66c1 Fix error message. c8189ee2a Add verbose output in download template. 84cc3155a Align columns in lxc-download.in template 872db5424 build: add more options for customizing install df17ac417 Add loongarch64 support 112d5615e build(deps): bump actions/upload-artifact from 3 to 4 789457f1a config: try to create workdir if not exist 86f5c1226 lxc-local: Add --no-dev option to exclude /dev from the fstree f885a3c56 lxc-local: Re-organize code to use more functions 7c025072e lxc-local: Improve usage info faa38a197 lxc-local: Change LXC_CONFIG to LXC_METADATA to match args and be more clear d65fe1b27 Disable IPv6 link-local addresses for bridged veth 8cff8fa1a don't try to delete vlan 0 from veth 0e932812a conf: fix ephemeral copies abffab441 config/init: Drop upstart files 79a4a3cf8 doc: remove the warning mentionning upstart 7bf1695d0 hooks/ubuntu-cloud-prep: remove upstart handling fb73c18d2 meson: Remove support for upstart cc6819c69 reset root_nsuid_map and root_nsgid_map when idmaps is cleared a87d6fcc9 lxc/checkconfig: use multiline `echo` f3e01fa80 lxc/checkconfig: replace `echo -n` by printf ba4f810bc lxc/checkconfig: minor cosmetic change d52c345c8 lxc/checkconfig: avoid subshell (SC2235) f84f03d1d lxc/checkconfig: remove superfluous (..) around test command (SC2234) 74b9faa64 lxc/checkconfig: check exit code directly (SC2181) 5cc69e440 lxc/checkconfig: replace `! -z` by `-n` (SC2236) a4684eb11 lxc/checkconfig: add missing quotes to please shellcheck 8a611c0b2 lxc/checkconfig: remove some unneeded `echo -n` cb2574319 lxc/checkconfig: replace `type` by `command` 003efe6db lxc/checkconfig: replace `cat | grep` with `grep` adadfa372 lxc/lxccontainer: fix do_lxcapi_set_timeout retval c02367e59 containers in the FREEZING state also need to be unfreeze aca53bcf7 build(deps): bump actions/checkout from 3 to 4 84169158f lxccontainer.h: Move new fields to the end e2696df93 Remove references to LXD 7cec54455 Update console perms to 0600 3f45443fd Fix start api call to split quoted strings in execute or init command.
Local patches modification: Removed two patches due to they are available in the code: 0001-lxc-test-usernic-drop-cgroup-handling.patch 0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch Refreshed templates-use-curl-instead-of-wget.patch Ptest modification: Released lxc-test-shutdowntest and lxc-test-state-server due to those back to normal lxc-test-no-new-privs and lxc-test-checkpoint-restore are broken test, already reported to upstream[1][2], move them to blacklist until upstream fixed them. lxc-test-usernic always fails when use ptest-runner, but normal with run-ptest by manual. Ref: [1] https://github.com/lxc/lxc/issues/4296 [2] https://github.com/lxc/lxc/issues/4435 Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> --- ...xc-test-usernic-drop-cgroup-handling.patch | 61 ----------- ...-and-broken-cgroup-handling-code-fro.patch | 103 ------------------ recipes-containers/lxc/files/run-ptest | 12 +- .../templates-use-curl-instead-of-wget.patch | 13 ++- recipes-containers/lxc/lxc_git.bb | 10 +- 5 files changed, 20 insertions(+), 179 deletions(-) delete mode 100644 recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch delete mode 100644 recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch diff --git a/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch b/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch deleted file mode 100644 index 162e8f9d..00000000 --- a/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch +++ /dev/null @@ -1,61 +0,0 @@ -From ec85e5ca4953292c4341497704ce738669a79b64 Mon Sep 17 00:00:00 2001 -From: Serge Hallyn <se...@hallyn.com> -Date: Fri, 2 Feb 2024 10:41:11 -0600 -Subject: [PATCH] lxc-test-usernic: drop cgroup handling - -This stuff is not needed in a modern systemd based system, and in fact -breaks. It would probably be better to detect such a system so that a -non-systemd box can still run this test. But I'm not sure what would be -reliable. - -Upstream-Status: Backport from -[https://github.com/lxc/lxc/commit/ec85e5ca4953292c4341497704ce738669a79b64] - -Signed-off-by: Serge Hallyn <se...@hallyn.com> -Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> ---- - src/tests/lxc-test-usernic.in | 28 ---------------------------- - 1 file changed, 28 deletions(-) - -diff --git a/src/tests/lxc-test-usernic.in b/src/tests/lxc-test-usernic.in -index 9af8678f3..49fd5e3f7 100755 ---- a/src/tests/lxc-test-usernic.in -+++ b/src/tests/lxc-test-usernic.in -@@ -80,34 +80,6 @@ lxc.idmap = u 0 910000 10000 - lxc.idmap = g 0 910000 10000 - EOF - --if command -v cgm >/dev/null 2>&1; then -- cgm create all usernic-user -- cgm chown all usernic-user $(id -u usernic-user) $(id -g usernic-user) -- cgm movepid all usernic-user $$ --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then -- for d in $(cut -d : -f 2 /proc/self/cgroup); do -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create \ -- string:$d string:usernic-user >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown \ -- string:$d string:usernic-user int32:$(id -u usernic-user) int32:$(id -g usernic-user) >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \ -- string:$d string:usernic-user int32:$$ >/dev/null -- done --else -- for d in /sys/fs/cgroup/*; do -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue -- [ -f $d/cgroup.clone_children ] && echo 1 > $d/cgroup.clone_children -- [ ! -d $d/lxctest ] && mkdir $d/lxctest -- chown -R usernic-user: $d/lxctest -- echo $$ > $d/lxctest/tasks -- done --fi -- - mkdir -p /run/user/$(id -u usernic-user) - chown -R usernic-user: /run/user/$(id -u usernic-user) /home/usernic-user - --- -2.35.5 - diff --git a/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch b/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch deleted file mode 100644 index bf8df795..00000000 --- a/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 8f9733d756361ff8f8d8d589f286c0e064b1195d Mon Sep 17 00:00:00 2001 -From: Alexander Mikhalitsyn <aleksandr.mikhalit...@canonical.com> -Date: Thu, 15 Feb 2024 18:13:05 +0100 -Subject: [PATCH] tests: remove old and broken cgroup handling code from tests - -We have removed the same piece of code in -ec85e5ca495 ("lxc-test-usernic: drop cgroup handling") -let's do the same for two other tests. - -This fixes autopkgtests. - -Upstream-Status: Backport from -[https://github.com/lxc/lxc/commit/8f9733d756361ff8f8d8d589f286c0e064b1195d] - -Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalit...@canonical.com> -Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> ---- - src/tests/lxc-test-apparmor-mount | 29 ----------------------------- - src/tests/lxc-test-unpriv | 28 ---------------------------- - 2 files changed, 57 deletions(-) - -diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount -index 7c9d9ad50..ddf783d4b 100755 ---- a/src/tests/lxc-test-apparmor-mount -+++ b/src/tests/lxc-test-apparmor-mount -@@ -119,35 +119,6 @@ chown -R $TUSER: /run/user/$(id -u $TUSER) - - cd $HDIR - --if command -v cgm >/dev/null 2>&1; then -- cgm create all $TUSER -- cgm chown all $TUSER $(id -u $TUSER) $(id -g $TUSER) -- cgm movepid all $TUSER $$ --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then -- for d in $(cut -d : -f 2 /proc/self/cgroup); do -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create \ -- string:$d string:$TUSER >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown \ -- string:$d string:$TUSER int32:$(id -u $TUSER) int32:$(id -g $TUSER) >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \ -- string:$d string:$TUSER int32:$$ >/dev/null -- done --else -- for d in /sys/fs/cgroup/*; do -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue -- [ -f $d/cgroup.clone_children ] && echo 1 > $d/cgroup.clone_children -- [ ! -d $d/lxctest ] && mkdir $d/lxctest -- chown -R $TUSER: $d/lxctest -- echo $$ > $d/lxctest/tasks -- done --fi -- -- - run_cmd lxc-create -t busybox -n $cname - - echo "test default confined container" -diff --git a/src/tests/lxc-test-unpriv b/src/tests/lxc-test-unpriv -index 8fb9106d6..426add9da 100755 ---- a/src/tests/lxc-test-unpriv -+++ b/src/tests/lxc-test-unpriv -@@ -130,34 +130,6 @@ chown -R $TUSER: /run/user/$(id -u $TUSER) - - cd $HDIR - --if command -v cgm >/dev/null 2>&1; then -- cgm create all $TUSER -- cgm chown all $TUSER $(id -u $TUSER) $(id -g $TUSER) -- cgm movepid all $TUSER $$ --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then -- for d in $(cut -d : -f 2 /proc/self/cgroup); do -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create \ -- string:$d string:$TUSER >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown \ -- string:$d string:$TUSER int32:$(id -u $TUSER) int32:$(id -g $TUSER) >/dev/null -- -- dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ -- --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid \ -- string:$d string:$TUSER int32:$$ >/dev/null -- done --else -- for d in /sys/fs/cgroup/*; do -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue -- [ -f $d/cgroup.clone_children ] && echo 1 > $d/cgroup.clone_children -- [ ! -d $d/lxctest ] && mkdir $d/lxctest -- chown -R $TUSER: $d/lxctest -- echo $$ > $d/lxctest/tasks -- done --fi -- - run_cmd lxc-create -t busybox -n c1 -l trace -o "${UNPRIV_LOG}" - - # Make sure we can start it - twice --- -2.35.5 - diff --git a/recipes-containers/lxc/files/run-ptest b/recipes-containers/lxc/files/run-ptest index 196adb04..278107d9 100644 --- a/recipes-containers/lxc/files/run-ptest +++ b/recipes-containers/lxc/files/run-ptest @@ -12,9 +12,15 @@ blacklist="$blacklist lxc-test-apparmor" blacklist="$blacklist lxc-test-apparmor-mount" #lxc-test-get_item would report Built without AppArmor support error blacklist="$blacklist lxc-test-get_item" -# These currently hang so skip them until someone fixes them up -blacklist="$blacklist lxc-test-shutdowntest" -blacklist="$blacklist lxc-test-state-server" +# This is a broken case, also fails on opensuse, already reported to +# upstream https://github.com/lxc/lxc/issues/4296 +blacklist="$blacklist lxc-test-no-new-privs" +# lxc doesn't adapt the criu's new mount flag, that cause restore fails +# already reported to upstream https://github.com/lxc/lxc/issues/4435 +blacklist="$blacklist lxc-test-checkpoint-restore" +# if we run "run-ptest" under /usr/lib64/lxc/ptest, the result is normal +# but it would be failed when using "ptest-runner lxc" +blacklist="$blacklist lxc-test-usernic" # Tests in firstrunlist will be run first firstrunlist="" diff --git a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch index e9af8335..3ef66138 100644 --- a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch +++ b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch @@ -10,6 +10,7 @@ Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Joakim Roubert <joak...@axis.com> Signed-off-by: Yanfei Xu <yanfei...@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfi...@gmail.com> +Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> --- templates/lxc-download.in | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) @@ -18,7 +19,7 @@ diff --git a/templates/lxc-download.in b/templates/lxc-download.in index a62ddf482..690307338 100755 --- a/templates/lxc-download.in +++ b/templates/lxc-download.in -@@ -59,9 +59,9 @@ cleanup() { +@@ -45,9 +45,9 @@ cleanup() { fi } @@ -30,16 +31,16 @@ index a62ddf482..690307338 100755 return 0 fi done -@@ -70,7 +70,7 @@ wget_wrapper() { - } - - download_file() { +@@ -59,7 +59,7 @@ download_file() { + if [ "${DOWNLOAD_VERBOSE}" = "true" ]; then + echo "Download file: https://${DOWNLOAD_SERVER}$1" + fi - if ! wget_wrapper --user-agent="lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -T 30 -q "https://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then + if ! curl_wrapper -L --user-agent "lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -m 30 -s "https://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then if [ "$3" = "noexit" ]; then return 1 else -@@ -176,7 +176,7 @@ while :; do +@@ -167,7 +167,7 @@ while :; do done # Check for required binaries diff --git a/recipes-containers/lxc/lxc_git.bb b/recipes-containers/lxc/lxc_git.bb index ee0e442f..379b4ecd 100644 --- a/recipes-containers/lxc/lxc_git.bb +++ b/recipes-containers/lxc/lxc_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ " -DEPENDS = "libxml2 libcap" +DEPENDS = "libxml2 libcap dbus" RDEPENDS:${PN} = " \ rsync \ curl \ @@ -36,7 +36,7 @@ RDEPENDS:${PN}-ptest += "file make gmp nettle gnutls bash libgcc" RDEPENDS:${PN}-networking += "iptables" -SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-5.0;protocol=https \ +SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-6.0;protocol=https \ file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ file://run-ptest \ file://templates-actually-create-DOWNLOAD_TEMP-directory.patch \ @@ -47,12 +47,10 @@ SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-5.0;protocol=https \ file://0001-template-if-busybox-contains-init-use-it-in-containe.patch \ file://dnsmasq.conf \ file://lxc-net \ - file://0001-lxc-test-usernic-drop-cgroup-handling.patch \ - file://0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch \ " -SRCREV = "cb8e38aca27a23964941f0f011a8919aab8bebab" -PV = "5.0.3+git" +SRCREV = "3dee5fb88c6f77496dbcab46f31bcd891c9ee4e0" +PV = "6.0.0+git" S = "${WORKDIR}/git" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8684): https://lists.yoctoproject.org/g/meta-virtualization/message/8684 Mute This Topic: https://lists.yoctoproject.org/mt/105594307/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-