Hi folks,
AFAICS stable-2.0 has got a new tag 2.0.11, including a fix
for CVE-2019-5736. There is no new tag on stable-3.0, even
though the fix appears to be in, too.
Wouldn't it be reasonable to introduce new tags, esp. if a
CVE has been fixed on a LTS branch? Is there something
missing on
), waiting for systemd-remount-fs startup script
Of course it still works for RHEL 6, CentOS 6 and 7 as well. I did
not verify earlier CentOS or RHEL releases.
Signed-off-by: Harald Dunkel <harald.dun...@aixigo.de>
Index: lxc-2.0.9/templates/lxc-cen
Hi Christian,
On 12/11/17 4:17 PM, Christian Brauner wrote:
What is the container's config file? liblxc itself does not know what
drbd devices are and cannot create such containers. So I expect your
container's config file to contain a line like:
lxc.rootfs = /data1//rootfs
Here is a
Hi Serge,
On 12/11/17 4:40 AM, Serge E. Hallyn wrote:
Quoting Harald Dunkel (ha...@afaics.de):
On 12/07/17 22:30, Serge E. Hallyn wrote:
What filesystem are you using?
ext4 on a drbd block device:
/dev/drbd1 /data1 ext4 rw,noatime,stripe=256,data=ordered 0 0
I have to think drbd would
On 12/07/17 22:30, Serge E. Hallyn wrote:
>
> What filesystem are you using?
ext4 on a drbd block device:
/dev/drbd1 /data1 ext4 rw,noatime,stripe=256,data=ordered 0 0
Regards
Harri
signature.asc
Description: OpenPGP digital signature
___
Hi folks,
If a LXC server ran for several weeks and if I try to stop a
container, then the server gets stuck for a few minutes (see
attachment).
Please note the
:
[8541088.226013] Task dump for CPU 31:
[8541088.226015] mount R
:
This might be common for all incidents of this kind,
On Sat, 29 Jul 2017 14:06:17 +0200
Christian Brauner wrote:
> Merged the patch today. Thanks guys!
>
Would it be possible to merge this change into the 2.0 branch
as well?
Thanx very much
Harri
___
lxc-devel mailing
PS:
On Thu, 27 Jul 2017 08:45:49 -0500
"Serge E. Hallyn" wrote:
>
> It looks like these were done by commit
> 44d397891e691ab994a69766cc72e57265b62da1,
> and lxc-2.0.0 does have that commit.
>
44d397891e691ab994a69766cc72e57265b62da1 was created on
Mon Dec 3 09:53:10
I verified this on github:
% cd /tmp
% git clone git://github.com/lxc/lxc
Cloning into 'lxc'...
remote: Counting objects: 38059, done.
remote: Compressing objects: 100% (30/30), done.
remote: Total 38059 (delta 19), reused 31 (delta 14), pack-reused 38015
Receiving objects: 100% (38059/38059),
Hi Serge,
apparently all these fixes have been lost on the 2.0 branch:
{hdunkel@dpcl082:lxc (stable-2.0) 507} grep rsync templates/* | grep rootfs
templates/lxc-altlinux.in:rsync -Ha $cache/rootfs/ $rootfs_path/
templates/lxc-centos.in:rsync -a $cache/rootfs/ $rootfs_path/
Is there anything missing? Some feedback would be highly
appreciated.
Harri
On 02/21/2017 04:29 PM, Harald Dunkel wrote:
> Hi folks,
>
> if /etc/lxc/default.conf defines 2 or more bridges, then
> I get a ton of warnings:
>
> # service lxc restart
> [] St
Nitzsch
Signed-off-by: Harald Dunkel <harald.dun...@aixigo.de>
Index: lxc-1.1.5.1/config/init/common/lxc-containers.in
===
--- lxc-1.1.5.1.orig/config/init/common/lxc-containers.in
+++ lxc-1.1.5.1/config/init/common/lxc-contain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Serge,
On 10/21/16 16:56, Serge E. Hallyn wrote:
> Quoting Harald Dunkel (harald.dun...@aixigo.de):
>> On 10/20/2016 03:39 PM, Serge E. Hallyn wrote:
>>> On Wed, Oct 19, 2016 at 02:10:59PM +0200, Harald Dunkel wrote:
>>&g
Hi Serge,
On 10/21/2016 04:56 PM, Serge E. Hallyn wrote:
>
> lxc-cgroup talks to the container to find out the cgroup it is running
> in. There could for instance be several containers called 'c1' (in
> different lxcpaths), which could be running in cgroups c1, c1.0, and c1.1.
> And for each
Hi folks,
using an unprivileged account for monitoring lxc-cgroup
returns a "permission denied" messages for something that
is world readable in the /cgroup directory. Sample:
% lxc-cgroup -P /data1/lxc -n jerry1 memory.usage_in_bytes
lxc-cgroup: tools/lxc_cgroup.c: main: 104 Insufficent
Hi Serge,
On 06/15/16 19:00, Serge E. Hallyn wrote:
> Quoting Harald Dunkel (harald.dun...@aixigo.de):
>>
>> Using "rsync -SHaAX" in lxc-debian it works (on Jessie).
>> Attached you can find a suggested patch for all (lxc 1.1.5).
>
> Thanks this looks go
Hi Serge,
On 06/14/16 17:10, Serge E. Hallyn wrote:
>
> Well I notice that copy_debian() rsyncs without -X. Does
> adding -X fix it for you?
Using "rsync -SHaAX" in lxc-debian it works (on Jessie).
Attached you can find a suggested patch for all (lxc 1.1.5).
Thanx for your help
Harri
Index:
Hi folks,
would it be possible to have an option "lxc.device" in
the config file, e.g.
lxc.autodev = 1
lxc.device = /dev/vg00/lv01
lxc.device = /dev/vg00/lv02
It should make the block devices available to the client,
similar to the lxc-device script, but before init and
Hi Serge,
On 07/23/15 15:12, Serge Hallyn wrote:
Quoting Harald Dunkel (harald.dun...@aixigo.de):
My suggestion would be to use the real lxcpath (resolving
all the symlinks and .. and .) for constructing the abstract
socket name.
Well that's true, perhaps lxc should do a realpath
Hi Serge,
On 07/22/15 22:55, Serge Hallyn wrote:
Quoting Harald Dunkel (harald.dun...@aixigo.de):
This looks pretty fragile to me. Shouldn't lxc report the same
state for both paths, no matter what?
No, because when you start the container, it listens on a
abstract unix socket, i.e. @/var
Hi folks,
please consider this:
# ls -al /var/lib/lxc
lrwxrwxrwx 1 root root 11 Aug 11 2014 /var/lib/lxc - /export/lxc
# lxc-ls --fancy
NAME STATEIPV4 IPV6 GROUPS AUTOSTART
-
lxchost01 RUNNING
Hi folks,
to avoid postprocessing the output of lxc-info, it would be
nice to have an option --short, e.g.
# lxc-info -n sample -c lxc.start.auto --short
1
My first guess was that '-q' did the trick, but it didn't.
Just a suggestion, of course. Regards
Harri
Hi folks,
I get a weird effect on running lxc-ls without root:
{hdunkel@dpcl082:~ 507} lxc-ls
{hdunkel@dpcl082:~ 508} echo $?
0
{hdunkel@dpcl082:~ 509} lxc-ls -P /var/lib/lxc
.jessiedebbuild template.blog
.mini lxc0
.squeeze oraclient
On 04/13/15 14:54, Serge Hallyn wrote:
Can you give us an example?
Sure, here is a sample session:
# lxc-create -P /data1/lxc -n sample42 -t debian -- -r jessie
debootstrap is /usr/sbin/debootstrap
Checking cache download in /var/cache/lxc/debian/rootfs-jessie-amd64 ...
Copying rootfs to
On 04/14/15 15:41, Stéphane Graber wrote:
Ever since LXC 1.0.0 (so over a year now), lxc-ls run as non-root lists
unprivileged containers stored in ~/.local/share/lxc/
Sorry, I didn't know. Do you think a message like
% lxc-ls
~/.local/share/lxc: no such directory
or
Hi folks,
lxc-ls implies a certain similarity to Unix' ls command,
some releases ago lxc stopped to ignore hidden container
directories.
Did this happen on purpose? Is there a common config option
for lxc to bring back the expected behavior wrt hidden
directories?
Regards
Harri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/21/15 22:27, Stéphane Graber wrote:
Hey everyone,
So after doing a fair amount of additional manual testing on it, I've just
released LXC 1.1 rc1.
That means that from now on, we won't be taking new features and will instead
work on
On Fri, 21 Nov 2014 04:41:00 +
Serge Hallyn serge.hal...@ubuntu.com wrote:
Michael and/or Stéphane may have other comments , but as you say this
will not regress non-systemd hosts so looks like a step in the right
direction to me, thanks.
I wonder if this could go to the stable-1.0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi folks,
The patch seems to work.
Do you think it would be reasonable to include this fix on
the stable-1.0 branch as well?
Thanx anyway. Keep on your good work
Harri
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Hi folks,
if I build the top of the 1.0.4 branch on Debian, then the
generated lxc.service file contains bad ExecStart* and ExecStop
options:
% ./autogen.sh ; configure; make
:
:
% grep ^Exec config/init/systemd/lxc.service
ExecStartPre=${exec_prefix}/libexec/lxc/lxc-devsetup
Hi Michael,
On 06/08/14 18:59, Michael H. Warfield wrote:
I see, reviewing my notes now, that you were the one who brought it up
back in December last year. Funny too that I just got done doing
something very very similar for lxc-autostart and the -g/--groups
parameter (which is a comma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi folks
currently I've got 3 container paths on some hosts:
/var/lib/lxclocal containers
/data1/lxc network services
/data2/lxc network services
/data1 and /data2 are part of a high availability setup
(using
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/02/14 16:29, Serge Hallyn wrote:
That won't show you the startup msgs as it will attach you to tty1, not
/dev/console.
Surely the alias was just a vague description. The point is being
able to detach from the console, after the
Hi folks,
I tried the fedora template, but it seems the generated
image (Fedora 19 or 20) doesn't start. lxc-start returns
immediately without any message on stderr. Attached is the
debug log file for Fedora 20.
lxc is rc2 of this morning. Host is Debian (sid) with kernel
3.13.3. Creating and
That was fast.
Thanx very much. Keep on your good work
Harri
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
Hi folks,
Problem in LXC (beta4) running a Centos 6.5 client:
# cat (echo hello)
cat: /dev/fd/63: No such file or directory
On a real host /dev/fd is a symlink pointing to /proc/self/fd.
AFAICS only the altlinux template creates this symlink. Debian
seems to provide the link on
On 02/04/14 14:53, Serge Hallyn wrote:
Thanks everyone. I guess my main question was whether '--repo' would
conflict with the 'additional repos' interpretation (sort of like
proxy vs. ppa in ubuntu, where one is for fast local mirror while the
other is for testing upgraded packages before
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi folks,
On 02/04/14 02:18, Serge Hallyn wrote:
It looks fine to me, but I'm not quite sure whether users ordinarily would
want such a repo to be an additional repo or a replacement for the centos
one. Michael, does this look good to you?
This change introduces a flag --repo to the lxc-centos template
to allow using a local repository (e.g. a loop mounted installer
iso on your web server).
Signed-off-by: Harald Dunkel ha...@afaics.de
---
templates/lxc-centos.in | 14 --
1 file changed, 12 insertions(+), 2 deletions
Hi folks,
AFAICS lxc-autostart -s ignores all containers unless they match
a group or are set to autostart or something. What would you suggest
to stop the rest, e.g. at shutdown time of the server? Is there a
default group without saying?
Of course I tried lxc-autostart -s -a. No luck.
40 matches
Mail list logo