/start.c
Log Message:
---
start: pidfds obviously start - like any fd - at 0
Signed-off-by: Christian Brauner
Commit: 1d24b87a1a12979a27cd0416211c229635ab1a5f
https://github.com/lxc/lxc/commit/1d24b87a1a12979a27cd0416211c229635ab1a5f
Author: Serge Hallyn
Date: 2019
is the implementation of that idea.
Suggested-by: Jann Horn
Signed-off-by: Christian Brauner
Commit: 345a21ca9ec1b736208611f4bec7e24097ce279b
https://github.com/lxc/lxc/commit/345a21ca9ec1b736208611f4bec7e24097ce279b
Author: Serge Hallyn
Date: 2019-10-04 (Fri, 04 Oct 2019)
Changed
://github.com/lxc/lxc/commit/83bac1bf25ea1233f1900d925942800268a376d1
Author: Serge Hallyn
Date: 2019-10-04 (Fri, 04 Oct 2019)
Changed paths:
M doc/lxc.container.conf.sgml.in
M src/lxc/conf.c
M src/lxc/conf.h
M src/lxc/confile.c
M src/tests/parse_config_file.c
Log Message
anon-inode pidfds.
Signed-off-by: Christian Brauner
Commit: f036cc8a2c6ace70ea8086e5f34881ebadf105f1
https://github.com/lxc/lxc/commit/f036cc8a2c6ace70ea8086e5f34881ebadf105f1
Author: Serge Hallyn
Date: 2020-01-08 (Wed, 08 Jan 2020)
Changed paths:
M src/lxc/start.c
: Serge Hallyn
Date: 2020-05-15 (Fri, 15 May 2020)
Changed paths:
M configure.ac
M src/include/fexecve.c
M src/lxc/Makefile.am
M src/lxc/af_unix.c
M src/lxc/attach.c
M src/lxc/cgroups/cgfsng.c
M src/lxc/cmd/lxc_init.c
M src/lxc/cmd/lxc_monitord.c
M src/lxc/cmd
Signed-off-by: Serge Hallyn
---
config/templates/ubuntu.common.conf.in | 7 +++
1 file changed, 7 insertions(+)
diff --git a/config/templates/ubuntu.common.conf.in
b/config/templates/ubuntu.common.conf.in
index ef4e818..4aeea7d 100644
--- a/config/templates/ubuntu.common.conf.in
+++ b
Quoting Stéphane Graber ([email protected]):
> On Mon, Dec 09, 2013 at 02:19:05PM -0600, Serge Hallyn wrote:
> > Signed-off-by: Serge Hallyn
>
> Hmm, doesn't that duplicate the section on nesting?
Oh, feh. So it does. V2:
>From 34c19f26bb61ef11346b06b0094331b027a0e
Quoting S.Çağlar Onur ([email protected]):
> Hi,
>
> On Mon, Dec 9, 2013 at 4:44 PM, Stéphane Graber wrote:
> > On Mon, Dec 09, 2013 at 04:29:11PM -0500, S.Çağlar Onur wrote:
> >> [Forwarding to new lxc-devel as I replied to old sf list]
> >>
> >>
> >> -- Forwarded message --
> >> F
Quoting Stéphane Graber ([email protected]):
> This moves vim back to the default list of packages, drops the duplicate
> ssh entry which means that unless extra packages are passed through
> --packages, container creation won't invoke apt-get anymore.
>
> Signed-off-by: Stéphane Graber
Acked-
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> src/lxc/lxc-ls | 14 ++
> 1 file changed, 14 insertions(+)
> mode change 100644 => 100755 src/lxc/lxc-ls
>
> diff --git a/src/lxc/lxc-ls b/src/lxc/lxc-ls
> old mode 1
Quoting Stéphane Graber ([email protected]):
> This removes any existing uid check in the python3 binding and tools,
> replacing those by .controllable where appropriate.
>
> Extra checks are also added to make lxc-ls work as a user, returning as
> much information as can possibly be retrieved.
etwork type are specified, then the
none type will be ignored.
Signed-off-by: Serge Hallyn
---
src/lxc/conf.c| 39 +++
src/lxc/conf.h| 2 ++
src/lxc/confile.c | 2 ++
src/lxc/start.c | 5 +++--
4 files changed, 46 insertions(+), 2 deletions(-)
diff
If the system gets into a bad state, it may become impossible to get
the lxc container locks. We should still be able to stop containers
in that case. Add a -L/--nolock option to specify this behavior.
Signed-off-by: Serge Hallyn
---
doc/lxc-stop.sgml.in | 14 ++
src/lxc
Quoting Stéphane Graber ([email protected]):
> This commit does the following changes:
> - Disable rpath by default
> - Switch all of our options to --enable-FEATURE in the help
> - Add auto-detection of libcap availability
> - Add auto-detection of python3 availability
> - Always specify th
Quoting S.Çağlar Onur ([email protected]):
> [resending the patch from correct branch]
>
> commit 09ad624693cb0ef41cf246e2876b5f356783b34d introduced lxc.include option
> to include other config files. This patch uses it in mountcgroups hook
> otherwise
> lxc-start fails with following error messag
Quoting S.Çağlar Onur ([email protected]):
> lxcapi_rename implemented as a convenience function as lately
> I find myself in a need to rename a container due to a
> typo in its name. I could have started over but didn't want
> to spend more time (to installing extra packages and changing
> their con
Quoting Stéphane Graber ([email protected]):
> On Mon, Dec 16, 2013 at 08:04:18AM -0600, Serge Hallyn wrote:
> > If the system gets into a bad state, it may become impossible to get
> > the lxc container locks. We should still be able to stop containers
> > in that cas
Quoting Stéphane Graber ([email protected]):
> On Mon, Dec 16, 2013 at 02:37:11PM -0500, S.Çağlar Onur wrote:
> > Hi Serge,
> >
> > On Mon, Dec 16, 2013 at 9:47 AM, Serge Hallyn
> > wrote:
> > > Quoting S.Çağlar Onur ([email protected]):
> > >
Quoting S.Çağlar Onur ([email protected]):
> On Mon, Dec 16, 2013 at 2:58 PM, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> >> On Mon, Dec 16, 2013 at 02:37:11PM -0500, S.Çağlar Onur wrote:
> >> > Hi Serge,
> >> >
> >&
Quoting S.Çağlar Onur ([email protected]):
> Hey Serge,
>
> On Tue, Dec 17, 2013 at 4:25 PM, Serge Hallyn wrote:
> > Quoting S.Çağlar Onur ([email protected]):
> >> On Mon, Dec 16, 2013 at 2:58 PM, Serge Hallyn
> >> wrote:
> >> > Quoting Stéphane Grab
Quoting S.Çağlar Onur ([email protected]):
> While testing https://github.com/lxc/lxc/pull/106, I found that concurrent
> starts
> are hanging time to time. I then reproduced the same problem in master and
> got following;
>
> [caglar@oOo:~] sudo gdb -p 16221
> (gdb) bt
> #0 __lll_lock_wait ()
Quoting S.Çağlar Onur ([email protected]):
> Signed-off-by: S.Çağlar Onur
You're missing the part where copyhooks only copies hooks under the
container's path. Could be as simple as the following untested patch:
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 1af8d62..9ee29fd 1
Quoting Serge Hallyn ([email protected]):
> Quoting S.Çağlar Onur ([email protected]):
> > Signed-off-by: S.Çağlar Onur
>
> You're missing the part where copyhooks only copies hooks under the
> container's path. Could be as simple as the following untested patc
Quoting Stéphane Graber ([email protected]):
> First patch in the set of changes required for container autostart.
>
> This commit adds the new configuration keys and parsers that will then
> be used by lxc-start and lxc-stop.
>
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
Cod
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> src/lxc/lxc-ls | 25 ++---
> 1 file changed, 22 insertions(+), 3 deletions(-)
>
> diff --git a/src/lxc/lxc-ls b/src/lxc/lxc-ls
> index b058bd0..e358525 100755
Quoting Stéphane Graber ([email protected]):
> When accessing nested containers, hardcode the path to their config.
>
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
but,
> ---
> src/lxc/lxc-ls | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/lxc/lxc-ls b/src/lxc
Quoting Serge Hallyn ([email protected]):
> Quoting Stéphane Graber ([email protected]):
> > When accessing nested containers, hardcode the path to their config.
> >
> > Signed-off-by: Stéphane Graber
>
> Acked-by: Serge E. Hallyn
(So actually I meant to
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
You're trying to shame me aren't you, with your .gitignore entry
and your manpage and your idunno...
Acked-by: Serge E. Hallyn
One trivial comment below.
> ---
> .gitignore| 1 +
> configure.ac
Quoting Stéphane Graber ([email protected]):
> On Thu, Dec 19, 2013 at 11:08:53AM -0600, Serge Hallyn wrote:
> > Quoting Serge Hallyn ([email protected]):
> > > Quoting Stéphane Graber ([email protected]):
> > > > When accessing nested containers, har
of '1' from parent to child, while the
child checked for '1'. Fix.
Signed-off-by: Serge Hallyn
---
src/lxc/lxc_usernsexec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxc_usernsexec.c b/src/lxc/lxc_usernsexec.c
index 98e4fa2..e36ff34 100644
--- a
7;t get lost in the noise.
Signed-off-by: Serge Hallyn
---
src/lxc/cgroup.c | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index 8be0ebf..f2a686a 100644
--- a/src/lxc/cgroup.c
+++ b/src/lxc/cgroup.c
@@ -1944,6 +1944,7 @@ i
k to a
netdev->type == LXC_NET_EMPTY check, but I've been making enough
mistakes today not to risk that.
Signed-off-by: Serge Hallyn
---
src/lxc/conf.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 69f90d0..a08273f 100644
Quoting Stéphane Graber ([email protected]):
> When running unprivileged (euid != 0), LXC will now use the following paths:
> - Default lxc path: ~/.local/share/lxc/
> - Default config path: ~/.config/lxc/lxc.conf
>
> Those two paths are based on standard XDG paths (though ignoring all the
> p
Quoting Stéphane Graber ([email protected]):
> On Thu, Dec 19, 2013 at 05:32:57PM -0600, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> > > When running unprivileged (euid != 0), LXC will now use the following
> > > paths:
> > > -
Quoting KATOH Yasufumi ([email protected]):
> Hi,
>
> When I translated lxc-stop(1) into Japanese, I had a question.
>
> When -s option is specified, according to the man page,
> > Only request a clean shutdown, do not kill the container tasks if
> > the clean shutdown fails.
>
> I thought
Quoting Andrey Mazo ([email protected]):
> Since lxc_global_config_value() tries to cache return value (exactly in
> "values" array) to avoid rereading config file multiple times for the same
> option, we can't just allocate "values" array on stack.
> Also, it would require all callers to free() retu
Quoting Andrey Mazo ([email protected]):
> Hi all,
>
> Sorry for coming too late to the discussion.
> In fact, I've already acked [1] the changeset.
> But after sleeping more on it, I'm concerned about __thread and bionic.
> Quoting android-ndk-r9c/docs/text/system/libc/OVERVIEW.text:
> At the momen
Is this something you've discussed with Stéphane? A set of tests is
already being run on his own server, so I'm not sure this is needed.
There is the "the more testing the better" point of view, but I've seen
more time wasted trying to debug test "breakages" that were actually
host system errors (
Quoting S.Çağlar Onur ([email protected]):
> changes since v1;
> incorporated Serge's changes
> changes since v2;
> added missing Signed-off-by
>
> Signed-off-by: S.Çağlar Onur
The only thing that would worry me if we were past 1.0 would be that
changing the values of the other copy ho
Why?
Admittedly if you're a developer this will be what you want, but
in general '' would be the more correct way. Could
we instead address this with a -I${topdir}/src in the Makefile, or
would that not suffice?
(Not Nack-ing this yet, but a little apprehensive)
Quoting S.Çağlar Onur (cag...@1
Quoting Stéphane Graber ([email protected]):
> When running unprivileged (euid != 0), LXC will now use the following paths:
> - Default lxc path: ~/.local/share/lxc/
> - Default config path: ~/.config/lxc/lxc.conf
>
> Those two paths are based on standard XDG paths (though ignoring all the
> p
Quoting Stéphane Graber ([email protected]):
> On Mon, Dec 23, 2013 at 09:25:55AM -0600, Serge Hallyn wrote:
> > Quoting Andrey Mazo ([email protected]):
> > > Hi all,
> > >
> > > Sorry for coming too late to the discussion.
> > > In fact, I'v
Quoting Serge Hallyn ([email protected]):
> Quoting KATOH Yasufumi ([email protected]):
> > Hi,
> >
> > When I translated lxc-stop(1) into Japanese, I had a question.
> >
> > When -s option is specified, according to the man page,
> > > Only
Quoting Stéphane Graber ([email protected]):
> On Mon, Dec 23, 2013 at 10:14:41AM -0600, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> > > On Mon, Dec 23, 2013 at 09:25:55AM -0600, Serge Hallyn wrote:
> > > > Quoting Andrey Mazo (m.
Quoting Andrey Mazo ([email protected]):
> Commit 4878dac496543dae0a26f5c1156bbfda63c8ea62 introduced possible
> incorrect usage of free().
> Also remove unneeded strdup().
>
> Signed-off-by: Andrey Mazo
Thanks, I had added an strdup instead, but that's not needed.
Will push yours.
Acked-by: Serge
Quoting S.Çağlar Onur ([email protected]):
> Hey Serge,
>
> On Mon, Dec 23, 2013 at 11:09 AM, Serge Hallyn
> wrote:
> >
> > Why?
>
> I've no good reason to justify this change as it's purely cosmetic.
> That's why I added [cosmetic] keyword to the
and pull request based
> development, so unless lxc is aopting that, travis usage might not yield a
> lot of value,
>
>
>
>
> On Mon, Dec 23, 2013 at 2:03 PM, S.Çağlar Onur wrote:
>
> > Hi Serge,
> >
> > On Mon, Dec 23, 2013 at 10:42 AM, Serge Hallyn
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> configure.ac | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/configure.ac b/configure.ac
> index 26b4032..4c5f002 100644
> --- a/configure.ac
> +++ b/co
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> configure.ac | 7 +++
> 1 file changed, 7 insertions(+)
>
> diff --git a/configure.ac b/configure.ac
> index 2818d79..26b4032 100644
> --- a/configure.ac
> +++ b/configure.ac
Quoting KATOH Yasufumi ([email protected]):
> >>> On Mon, 23 Dec 2013 10:26:38 -0600
> in message "Re: [lxc-devel] [Q] different from behavior of lxc-stop and
> description of man page"
> Serge Hallyn-san wrote:
>
> > I'
Quoting Andrey Mazo ([email protected]):
> Signed-off-by: Andrey Mazo
Acked-by: Serge E. Hallyn
> ---
> src/lxc/conf.c | 19 ++-
> 1 file changed, 10 insertions(+), 9 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 68f9716..ed1056d 100644
> --- a/src/lxc/conf
Quoting Guillaume ZITTA ([email protected]):
> Le 24/12/2013 15:32, Stéphane Graber a écrit :
> >On Tue, Dec 24, 2013 at 03:01:38PM +0100, Guillaume ZITTA wrote:
> >>Hi,
> >>
> >>I'm coding a new template (for gentoo).
> >>
> >>I saw this kind of tweak in many templates :
> >>
> >>if [ "$nics" -eq
Quoting KATOH Yasufumi ([email protected]):
> same as the commit 25070b660187b61aa4e969db01b55d1360639543
>
> Signed-off-by: KATOH Yasufumi
Thanks, looks good. (Note you could have simply done c->shutdown(c, 0)
but this works to :)
Acked-by: Serge E. Hallyn
> ---
> doc/ja/lxc-autostart
Quoting group PICT MANY ([email protected]):
> Trying to upgrade the lxc version from 0.7.5 to 0.8.0. Executed following
> command :
>
> apt-get install lxc
>
> But it didnt work the package is still 0.7.5.
>
> apt-get install lxc=0.8.0
>
> Gives error saying
>
> E: Version '0.8.0' for 'lxc'
Quoting S.Çağlar Onur ([email protected]):
> Hi,
>
> On Sat, Dec 28, 2013 at 5:21 AM, Stéphane Graber wrote:
> > On Fri, Dec 27, 2013 at 06:56:15PM -0500, S.Çağlar Onur wrote:
> >> Hey Pauk,
> >>
> >> On Fri, Dec 27, 2013 at 6:49 PM, Paul Wexler
> >> wrote:
> >> > Hello lxc community,
> >> >
> >>
tomatically do a copy snapshot,
but doing so would require more shenanigans - i.e. another
clone flag LXC_CLONE_MAYBSNAPSHOT - and is also not ideal imo.
So just sending this out now for feedback and ideas - what do
you think is the best behavior?
Signed-off-by: Serge Hallyn
---
src/lxc/bdev.c
Quoting Andrey Mazo ([email protected]):
> Signed-off-by: Andrey Mazo
> ---
> src/lxc/Makefile.am| 3 ++-
> src/lxc/attach.c | 2 --
> src/lxc/bdev.c | 13 -
> src/lxc/lxccontainer.c | 4
> src/lxc/lxclock.c | 23 ++-
> src/lxc/monitor.c
Quoting S.Çağlar Onur ([email protected]):
> Use "#include " style for external or exported headers only.
>
> changes since v1:
> - adjusted formatting as Stéphane suggested
>
> Signed-off-by: S.Çağlar Onur
I'm not sure why you made an exception for ,
but no big deal.
Acked-by: Serge E. Hallyn
Quoting Michael H. Warfield ([email protected]):
> [Holiday is mostly over... Most of the family has departed to their
> homes or other homes. Grandpa lays back to a late nap - errr -
> E-Mail...]
>
> Ok all,
>
> Serge and Stéphane know my background as a security researcher and
> expert. This
Quoting S.Çağlar Onur ([email protected]):
> Hey Serge,
>
> On Wed, Jan 1, 2014 at 3:04 PM, Serge Hallyn wrote:
> > Quoting S.Çağlar Onur ([email protected]):
> >> Use "#include " style for external or exported headers only.
> >>
> >> chang
1
> make[2]: Leaving directory `/tmp/android-build-scripts/lxc/src'
> make[1]: *** [all] Error 2
> make[1]: Leaving directory `/tmp/android-build-scripts/lxc/src'
> make: *** [all-recursive] Error 1
>
> It looks like pthread_atfork doesn't exist in bionic.
>
>
Quoting Michael H. Warfield ([email protected]):
> > Why not purely random? I also liked the suggestion of putting the
> > password in a file under $lxcpath/$lxcname - though chmod 600 owned
> > by the calling user, not root. I prefer not outputting it in
> > stdout during create, but am not *str
Quoting Stéphane Graber ([email protected]):
> On Wed, Jan 01, 2014 at 02:30:21PM -0600, Serge Hallyn wrote:
> > Quoting S.Çağlar Onur ([email protected]):
> > > Hey Serge,
> > >
> > > On Wed, Jan 1, 2014 at 3:04 PM, Serge Hallyn
> > > wrote:
&
Quoting Stéphane Graber ([email protected]):
> On Wed, Jan 01, 2014 at 11:37:32PM -0600, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> > > This patch caused a build failure on Android:
> > >
> > > arm-linux-androideabi-gcc
> &
Quoting Rami Rosen ([email protected]):
> This method removes the return value of the attach_ns() method as it is
> not needed and not used.
>
> Signed-off-by: Rami Rosen
I think it'd be better to fail on error at the callers - if we
failed to switch namespaces and proceed in starting the cont
blem until we come up with a proper solution.
>
>
> On Mon, Dec 23, 2013 at 1:29 PM, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> >> On Mon, Dec 23, 2013 at 10:14:41AM -0600, Serge Hallyn wrote:
> >> > Quoting Stéphane Graber (stgra...
Quoting Andrey Mazo ([email protected]):
> Mark most of functions that are used within only one file as static.
> After 95ee490bbdb97ab2b4f1dfa63a0a26e0dd1c2f17 it's easy to prove they
> are not in public API.
> Several arrays and structs are also marked static.
> This prevents them from being exported
Quoting Andrey Mazo ([email protected]):
> Signed-off-by: Andrey Mazo
Acked-by: Serge E. Hallyn
> ---
> src/tests/attach.c | 2 +-
> src/tests/concurrent.c | 4 ++--
> src/tests/list.c| 2 +-
> src/tests/locktests.c | 2 +-
> src/tests/may_control.c | 4 ++--
> src/tests/reboot.c
Quoting Michael H. Warfield ([email protected]):
> Hey all,
>
> I'm in the middle of some cleanup and fix-ups in the Fedora and CentOS
> templates including hardening the root password and some static MAC
> address code and generally reconciling the two templates into some
> semblance of coherency
Quoting Michael H. Warfield ([email protected]):
> Additional logic for dealing with container shutdown / reboot
>
> Fix a problem with CentOS containers and legacy Fedora (<16) containers
> not shutting down or rebooting properly. Copy /etc/init.d/halt to
> /etc/init.d/lxc-halt, deleting everyth
Quoting Leonid Isaev ([email protected]):
> Multiple fixes for the ArchLinux template:
>
> 1. Add some packages from base group to the pkg install list.
>
> 2. Better comment and clean up the default container config, namely: (i)
> remove
> duplicate and conflicting entries, (ii) constrain lis
Yup, I won't have time to work on this until cgmanager is in better
shape at least, but I hope someone else has some time. I'd love for
criu folks to get api feedback as early as possible.
Quoting Ranjib Dey ([email protected]):
> hi all,
>
> now that criu supports plugin[1], has any one trie
Quoting Guillaume ZITTA ([email protected]):
> >>If not, my proposal:
> >> I set an incomplete (prefix) lxc.network.hwaddr in default conf.
> >> lxc-create complete it randomly and write it to the container's
> >>config.
> >>
> >>Does it make sense?
> >
> >I think so. Just 'xx' in place of real number
Quoting Dwight Engen ([email protected]):
> It is desirable to have a mode where a soft shutdown is requested,
> but then do a hard shutdown if after some time period the container
> has not shut down. This the default behaviour of lxc-stop, but is
> not currently possible with lxc-autostart.
Quoting Dwight Engen ([email protected]):
> This change updates the way init scripts get installed so that more
> than one init system can be supported. Instead of installing the
> systemd service file from the spec file, it should be installed at
> make install time, so that someone compilin
h the modified contents.
So add a 'LXC_CLONE_KEEPBDEVTYPE' flag, which c->snapshot()
passes to c->clone().
Also add a LXC_CLONE_MAYBE_SNAPSHOT. If this is set and a
backing store does not support snapshotting, then proceed with
a copy clone.
Signed-off-by: Serge Hallyn
---
src/lx
Quoting Dwight Engen ([email protected]):
> On Thu, 2 Jan 2014 10:59:56 -0600
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen ([email protected]):
> > > It is desirable to have a mode where a soft shutdown is requested,
> > > but then do a hard shutd
retty convenient.
>
> Now that lxc is going mainstream with vendor support, and tools like
> docker, if lxc include a private/pub key with the installation, I think
> will made the life easier to pack and share containers a la vagrant.
>
> Alvaro.
>
>
> On Thu, Jan
Quoting Stéphane Graber ([email protected]):
> On Thu, Jan 02, 2014 at 11:09:25AM -0600, Serge Hallyn wrote:
> > Quoting Dwight Engen ([email protected]):
> > > This change updates the way init scripts get installed so that more
> > > than one init system c
Quoting S.Çağlar Onur ([email protected]):
> Hi,
>
> On Fri, Jan 3, 2014 at 3:13 PM, Stéphane Graber wrote:
> > On Thu, Jan 02, 2014 at 08:59:10AM -0600, Serge Hallyn wrote:
> >> Quoting Stéphane Graber ([email protected]):
> >> > On Wed, Jan 01, 2014 at
Quoting Stéphane Graber ([email protected]):
> On Fri, Jan 03, 2014 at 02:00:25PM -0600, Serge Hallyn wrote:
> > Quoting Stéphane Graber ([email protected]):
> > > On Thu, Jan 02, 2014 at 11:09:25AM -0600, Serge Hallyn wrote:
> > > > Quoting Dwight
Quoting Guillaume ZITTA ([email protected]):
> This change introduce mac address templating.
>
> By setting lxc.network.hwaddr to something like fe:xx:xx:xx:xx:xx
> each "x" will be replaced by a random value.
> If less significant bit of first byte is "templated", it will be
> set to 0.
>
> This cha
Quoting Serge Hallyn ([email protected]):
> Quoting Guillaume ZITTA ([email protected]):
> > This change introduce mac address templating.
> >
> > By setting lxc.network.hwaddr to something like fe:xx:xx:xx:xx:xx
> > each "x" will be replaced by a random
Quoting Kent R. Spillner ([email protected]):
> On Mon, Jan 06, 2014 at 01:54:14PM +0100, Guillaume ZITTA wrote:
> > This chage introduce also a common randinit() function that could be
> > used to initialize random generator.
>
> Is there any reason to always prefer libc rand() over /dev/urandom?
Quoting Qiang Huang ([email protected]):
> Debian and Ubuntu uses docbook2x-man, but some other distr like suse
> uses docbook-to-man. I think all of them should work on LXC.
>
> Signed-off-by: Qiang Huang
Acked-by: Serge E. Hallyn
> ---
> configure.ac | 2 +-
> 1 file changed, 1 insert
Quoting [email protected] ([email protected]):
>
> Le 06/01/2014 20:01, Serge Hallyn a écrit :
> > Quoting Kent R. Spillner ([email protected]):
> >> On Mon, Jan 06, 2014 at 01:54:14PM +0100, Guillaume ZITTA wrote:
> >>> This chage introduce also a common randinit() fun
Quoting [email protected] ([email protected]):
> This change introduce mac address templating.
>
> By setting lxc.network.hwaddr to something like fe:xx:xx:xx:xx:xx
> each "x" will be replaced by a random value.
> If less significant bit of first byte is "templated", it will be
> set to 0.
>
> This chang
Quoting S.Çağlar Onur ([email protected]):
> Setting "lxc.console = none" causes following failure during startup
>
> lxc-start 1389039861.061 INFO lxc_start_ui - using rcfile
> lxcpath/original/config
> lxc-start 1389039861.062 INFO lxc_confile - read uid map: type u
> nsid 0
Quoting Kent R. Spillner ([email protected]):
> On Mon, Jan 06, 2014 at 06:04:07PM -0600, Kent R. Spillner wrote:
> > Hrrrmmm... My suggestion is more wasteful, but the original randinit()
> > can still be abused to drain the pool (albeit more slowly). I wonder
> > how bad it is in reality, howeve
This happens for instance if you run a test under sudo which
then runs lxc commands under 'su - '
Signed-off-by: Serge Hallyn
---
src/lxc/lxclock.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxclock.c b/src/lxc/lxclock.c
ind
Quoting Marian Marinov ([email protected]):
> On 01/07/2014 01:17 PM, Li Zefan wrote:
> >On 2014/1/5 8:12, Marian Marinov wrote:
> >>Happy new year guys.
> >>
> >>I need to have /proc cgroups aware, as I want to have LXC containers that
> >>see only the resources that are given to them.
> >>
> >>In or
Quoting Stéphane Graber ([email protected]):
> This is a first step in bringing the lxc.conf configfile in line with
> the container's format.
>
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
but I did want to ask whether you feel 'lxc.' is a good prefix for
these. Will 'lxc.cgr
Quoting Stéphane Graber ([email protected]):
> Instead of having one function for each possible key in lxc.conf which
> doesn't really scale and requires an API update for every new key,
> switch to a generic lxc_get_global_config_item() function which takes a
> key name as argument.
>
> Signed-
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> src/lxc/utils.c | 17 -
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/src/lxc/utils.c b/src/lxc/utils.c
> index d06e1c0..ac89da1 100644
> ---
Quoting Stéphane Graber ([email protected]):
> Signed-off-by: Stéphane Graber
Acked-by: Serge E. Hallyn
> ---
> src/lxc/lxc_create.c | 2 +-
> src/lxc/lxccontainer.c | 8
> src/tests/containertests.c | 2 +-
> src/tests/destroytest.c| 2 +-
> src/tests/saveconfig.c
Quoting John Peacock ([email protected]):
> Hardcoding the snapshot directory to be lxcpath+snaps is somewhat
> limiting. I have mounted a btrfs subvolume on /var/lib/lxc, which works
> fine; I can freely clone using btrfs snapshots in less than a second.
> However, lxc-snapshot fell ove
Quoting John Peacock ([email protected]):
> On Fri, 2014-01-10 at 11:03 -0500, Stéphane Graber wrote:
> > The remainder of the time should be used to:
> > - Fix bugs (https://github.com/lxc/lxc/issues?milestone=none&state=open)
>
> I may be totally biased, but I believe that the bug I j
Avahi sets its own rlimit_nproc to be exactly the # tasks it will spawn
as its userid. If the avahi user in the container is the same uid #
as something in use on the host, then there may already be running
tasks and so rlimit_nproc is enforced and avahi can't run.
If you use a user namespace thi
Quoting Stéphane Graber ([email protected]):
> Hey everyone,
>
> First of all, sorry for coming up with that so late in the 1.0
> development cycle. I tried to convince myself for a long time that this
> wasn't necessary but reality is that with unprivileged containers, we
> need to start thinki
Quoting Stéphane Graber ([email protected]):
> On Fri, Jan 10, 2014 at 01:54:40PM -0500, S.Çağlar Onur wrote:
> > Hey Stéphane,
> >
> > On Fri, Jan 10, 2014 at 11:03 AM, Stéphane Graber
> > wrote:
> > > Hey everyone,
> > >
> > > Just wanted to give you a quick update on the release plan for LX
1 - 100 of 1639 matches
Mail list logo
