[lxc-devel] [PATCH] bdev: allow unprivileged overlayfs snapshots

Also make sure to chown the new rootfs path to the container owner. This is how we make sure that the container root is allowed to write under delta0. Signed-off-by: Serge Hallyn serge.hal...@ubuntu.com --- src/lxc/bdev.c | 55 +++

[lxc-devel] [PATCH] conf: Save lxc.network.ipv4 broadcast address

Reported-by: Robert Vogelgesang vo...@users.sourceforge.net Signed-off-by: Stéphane Graber stgra...@ubuntu.com --- src/lxc/confile.c | 14 +++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 546df53..fa263ef 100644 ---

Re: [lxc-devel] [PATCH] bdev: allow unprivileged overlayfs snapshots

On Tue, Feb 11, 2014 at 01:43:19PM -0600, Serge Hallyn wrote: Also make sure to chown the new rootfs path to the container owner. This is how we make sure that the container root is allowed to write under delta0. Signed-off-by: Serge Hallyn serge.hal...@ubuntu.com Acked-by: Stéphane Graber

[lxc-devel] [PATCH] Add --with-runtime-path to configure

This allows older distros to override /run with whatever their own path is, mostly useful for old RedHat and possibly Android. Signed-off-by: Stéphane Graber stgra...@ubuntu.com --- config/init/upstart/lxc-net.conf | 2 +- configure.ac | 10 +- src/lxc/Makefile.am

Re: [lxc-devel] [PATCH] conf: Save lxc.network.ipv4 broadcast address

Quoting Stéphane Graber (stgra...@ubuntu.com): Reported-by: Robert Vogelgesang vo...@users.sourceforge.net Signed-off-by: Stéphane Graber stgra...@ubuntu.com Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com --- src/lxc/confile.c | 14 +++--- 1 file changed, 11 insertions(+), 3

Re: [lxc-devel] [PATCH] Add --with-runtime-path to configure

Quoting Stéphane Graber (stgra...@ubuntu.com): This allows older distros to override /run with whatever their own path is, mostly useful for old RedHat and possibly Android. Signed-off-by: Stéphane Graber stgra...@ubuntu.com Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com ---

[lxc-devel] [PATCH] tests: Add lxc-test-autostart

Signed-off-by: Stéphane Graber stgra...@ubuntu.com --- src/tests/Makefile.am| 25 +++--- src/tests/lxc-test-autostart | 78 2 files changed, 91 insertions(+), 12 deletions(-) create mode 100755 src/tests/lxc-test-autostart diff --git

[lxc-devel] [lxc/lxc] be6608: conf: Save lxc.network.ipv4 broadcast address

Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: be660853e4488d6dddab6c35c568e3a936cf6063 https://github.com/lxc/lxc/commit/be660853e4488d6dddab6c35c568e3a936cf6063 Author: Stéphane Graber stgra...@ubuntu.com Date: 2014-02-11 (Tue, 11 Feb 2014) Changed

Re: [lxc-devel] [PATCH] tests: Add lxc-test-autostart

Quoting Stéphane Graber (stgra...@ubuntu.com): Signed-off-by: Stéphane Graber stgra...@ubuntu.com Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com --- src/tests/Makefile.am| 25 +++--- src/tests/lxc-test-autostart | 78 2

Re: [lxc-devel] [PATCH] tests: Don't hardcode architecture

Quoting Stéphane Graber (stgra...@ubuntu.com): If on Ubuntu, then match the host's own architecture, this should allow for our tests to pass on the armhf CI environment. Signed-off-by: Stéphane Graber stgra...@ubuntu.com Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com ---

[lxc-devel] [lxc/lxc] 457948: tests: Add lxc-test-autostart

Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 45794802f13e5db18b5d7acb45169e1f4e8b70b2 https://github.com/lxc/lxc/commit/45794802f13e5db18b5d7acb45169e1f4e8b70b2 Author: Stéphane Graber stgra...@ubuntu.com Date: 2014-02-11 (Tue, 11 Feb 2014) Changed

[lxc-devel] [lxc/lxc] fd2b73: tests: Don't hardcode architecture

Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: fd2b7320e3562450111b5adaabcb7f6b9c8d9d13 https://github.com/lxc/lxc/commit/fd2b7320e3562450111b5adaabcb7f6b9c8d9d13 Author: Stéphane Graber stgra...@ubuntu.com Date: 2014-02-11 (Tue, 11 Feb 2014) Changed

[lxc-devel] [Still Failing] lxc/lxc#234 (master - fd2b732)

Build Update for lxc/lxc - Build: #234 Status: Still Failing Duration: 58 seconds Commit: fd2b732 (master) Author: Stéphane Graber Message: tests: Don't hardcode architecture If on Ubuntu, then match the host's own architecture, this should allow for our

[lxc-devel] [Broken] lxc/lxc#233 (master - 4579480)

Build Update for lxc/lxc - Build: #233 Status: Broken Duration: 1 minute and 9 seconds Commit: 4579480 (master) Author: Stéphane Graber Message: tests: Add lxc-test-autostart Signed-off-by: Stéphane Graber stgra...@ubuntu.com Acked-by: Serge E. Hallyn

[lxc-devel] [lxc/lxc] 8b605e: Fix build failure (broken makefile)

Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 8b605e2305d74b17ac4cd653a7a0637e65c62bff https://github.com/lxc/lxc/commit/8b605e2305d74b17ac4cd653a7a0637e65c62bff Author: Stéphane Graber stgra...@ubuntu.com Date: 2014-02-11 (Tue, 11 Feb 2014) Changed

[lxc-devel] [Fixed] lxc/lxc#235 (master - 8b605e2)

Build Update for lxc/lxc - Build: #235 Status: Fixed Duration: 1 minute and 55 seconds Commit: 8b605e2 (master) Author: Stéphane Graber Message: Fix build failure (broken makefile) Signed-off-by: Stéphane Graber stgra...@ubuntu.com View the changeset:

[lxc-devel] [PATCH RFC] seccomp: introduce v2 policy

v2 allows specifying system calls by name, and specifying architecture. A policy might look like: 2 whitelist # native architecture is x86_64; we could put # [x86-64] here but don't need to open read write close mount # let's also allow some 32-bit syscalls [x86] open read Also use