---
commands_utils: fix lxc-wait
Closes: #3570
Fixes: 7792a5b60f79 ("commands: add additional check to
lxc_cmd_sock_get_state()")
Signed-off-by: Christian Brauner
Commit: 92bc70903c8e9ca920503bcf288934a9e8f12e1f
https://github.com/lxc/lxc/commit/92bc70903c8e9ca
: http://lists.openvz.org/pipermail/criu/2014-July/015117.html
[2]: http://lists.openvz.org/pipermail/criu/2014-August/015876.html
Signed-off-by: Tycho Andersen
---
.gitignore | 2 +
configure.ac | 24 +++
doc/Makefile.am| 2 +
doc/lxc-checkpoint.sgml.in
Hi Stéphane,
On Tue, Aug 19, 2014 at 10:40:15PM -0500, Stéphane Graber wrote:
> On Tue, Aug 19, 2014 at 10:14:03PM -0500, Tycho Andersen wrote:
> > This patch adds support for checkpointing and restoring containers via CRIU.
> > It adds two api calls, ->checkpoint and -&
On Wed, Aug 20, 2014 at 09:50:28AM -0500, Stéphane Graber wrote:
> On Wed, Aug 20, 2014 at 07:32:34AM -0500, Tycho Andersen wrote:
> > Hi Stéphane,
> >
> > On Tue, Aug 19, 2014 at 10:40:15PM -0500, Stéphane Graber wrote:
> > > On Tue, Aug 19, 2014 at 10:14:03
Hi Stéphane,
On Wed, Aug 20, 2014 at 10:34:55AM -0500, Tycho Andersen wrote:
>
> Sounds good, I will make the changes.
Below is a revised version of the patch.
Tycho
This patch adds support for checkpointing and restoring containers via CRIU.
It adds two api calls, ->checkpoint and
Hi Stéphane,
On Wed, Aug 20, 2014 at 05:19:14PM -0500, Stéphane Graber wrote:
> On Wed, Aug 20, 2014 at 02:31:05PM -0500, Tycho Andersen wrote:
> >
> > +# criu
> > +AC_ARG_ENABLE([criu],
> > + [AC_HELP_STRING([--enable-criu], [enable checkpoint/restore
Hi Stéphane,
On Wed, Aug 20, 2014 at 05:19:14PM -0500, Stéphane Graber wrote:
> On Wed, Aug 20, 2014 at 02:31:05PM -0500, Tycho Andersen wrote:
> > Hi Stéphane,
> >
> > On Wed, Aug 20, 2014 at 10:34:55AM -0500, Tycho Andersen wrote:
> > >
> > &g
Hi Serge,
On Fri, Aug 22, 2014 at 12:09:31AM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Hi Stéphane,
> >
> > On Wed, Aug 20, 2014 at 05:19:14PM -0500, Stéphane Graber wrote:
> > > On Wed, Aug 20, 2014 at 02:31:05
On Fri, Aug 22, 2014 at 04:00:40AM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Hi Serge,
> >
> > On Fri, Aug 22, 2014 at 12:09:31AM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canon
On Fri, Aug 22, 2014 at 04:36:37AM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
>
> Thanks, Tycho. Just one remaining request below. Other than that,
>
> Acked-by: Serge E. Hallyn
>
> > +static bool lxcapi_checkpoint(struc
On Fri, Aug 22, 2014 at 07:45:06AM -0500, Tycho Andersen wrote:
>
> Maybe just a test and then return false?
Here's a version that does this.
Tycho
This patch adds support for checkpointing and restoring containers via CRIU.
It adds two api calls, ->checkpoint and ->restore, w
On Fri, Aug 22, 2014 at 08:03:32AM -0500, Tycho Andersen wrote:
> On Fri, Aug 22, 2014 at 07:45:06AM -0500, Tycho Andersen wrote:
> >
> > Maybe just a test and then return false?
>
> Here's a version that does this.
Whoops, I forgot to change lxc_checkpoint.c to re
Hi Serge,
On Sat, Aug 23, 2014 at 02:29:46AM +, Serge Hallyn wrote:
> Hm, was trying this out tonight, but I keep getting
>
> sh: 1: /usr/lib/x86_64-linux-gnu/lxc/lxc-restore-net: not found
>
> despite the fact that I most certainly did copy lxc-restore-net into place:
>
> -rwxr-xr-x 1 root
: http://lists.openvz.org/pipermail/criu/2014-July/015117.html
[2]: http://lists.openvz.org/pipermail/criu/2014-August/015876.html
v2: fixed some problems with the s/int/bool return code form api function
v3: added a testcase, fixed up the man page synopsis
Signed-off-by: Tycho Andersen
Acked-by: S
sis
v4: fix a small typo in lxc-test-checkpoint-restore
Signed-off-by: Tycho Andersen
Acked-by: Serge E. Hallyn
---
.gitignore| 1 +
configure.ac | 1 +
doc/Makefile.am | 1 +
doc/lxc-checkpoint.sgml.in
On Mon, Aug 25, 2014 at 04:25:28PM -0400, Stéphane Graber wrote:
> On Sun, Aug 24, 2014 at 02:43:53PM -0500, Tycho Andersen wrote:
> >
> > + if (!ret) {
> > + fprintf(stderr, "Checkpointing %s failed.\n", my_args.name);
>
criu version 1.3 has been tagged, which has the minimal set of patches to allow
checkpointing and restoring containers. lxc-test-checkpoint-restore is now
skipped on any version of criu lower than 1.3.
Signed-off-by: Tycho Andersen
---
src/tests/lxc-test-checkpoint-restore | 8 +++-
1 file
If we just return here, we end up with two processes executing the caller's
code, which is not good.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index ee
We can also narrow the scope of this, since we only need it in the process that
is actually going to use it.
Reported-by: Serge Hallyn
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 43 ++-
src/lxc/start.c| 2 +-
src/lxc/start.h
On Thu, Sep 04, 2014 at 10:04:34PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > criu version 1.3 has been tagged, which has the minimal set of patches to
> > allow
> > checkpointing and restoring containers. lxc-test-checkpoint-resto
This option is required when migrating containers across hosts; it is used to
restore inotify via file paths instead of file handles, which aren't preserved
across hosts.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
CRIU's 1.3.1 point release fixed a serious deadlock and also added an option
that LXC should use. These patches are on top of my other patches that are on
the mailing list, so those can be applied first.
Tycho
___
lxc-devel mailing list
lxc-devel@lists.
CRIU 1.3 has a pretty crippling deadlock which will cause dumping containers to
fail fairly often. This is fixed in criu 1.3.1, so we shouldn't run the tests
on anything less than that.
Signed-off-by: Tycho Andersen
---
src/tests/lxc-test-checkpoint-restore | 2 +-
1 file changed, 1 inse
:
http://lists.openvz.org/pipermail/criu/2014-September/thread.html#16330
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index ff5167a..8c75267 100644
--- a/src/lxc
On Fri, Sep 12, 2014 at 11:07:14PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > In order for LXC to be the parent of the restored process, CRIU needs to
> > restore init as its sibling, not as its child. This was previously
&
On Tue, Sep 16, 2014 at 11:11:04PM +, Zmudzinski, Krystof C wrote:
> I've added DECLARE_ARG("--evasive-devices"); in lxccontainer.c/exec_criu and
> I was finally able to dump the container.
Ok, I've been trying to produce a situation where this is necessary
but I couldn't. Can you paste your
On Wed, Sep 17, 2014 at 01:43:59PM +0400, Pavel Emelyanov wrote:
> On 09/17/2014 03:11 AM, Zmudzinski, Krystof C wrote:
>
> > Lastly, could criu dump the entire command line to the logs when it is
> > executed?
>
> This patch would be greatly appreciated :)
This would be simple enough to do in
eckpoint/restore.log -vv --root /usr/local/lib/lxc/rootfs
> --restore-detached --pidfile /tmp/fileGCxb5C --veth-pair eth0 vethSID6CM
>
> -Original Message-
> From: lxc-devel [mailto:lxc-devel-boun...@lists.linuxcontainers.org] On
> Behalf Of Tycho Andersen
> Se
Hi Krystof,
On Wed, Sep 17, 2014 at 10:22:57PM +, Zmudzinski, Krystof C wrote:
> Sorry, guys but I included all kinds of logs and the message is too big. But
> I think Tycho would like to see it.
Alternatively, you can paste it somewhere (e.g.
http://paste.ubuntu.com) and I can take a look
bility, if you are trying to migrate containers
across hosts. If not, though, passing -s to lxc-checkpoint when you
dump the container will hopefully solve your problem.
Tycho
> Krystof
>
> -Original Message-
> From: lxc-devel [mailto:lxc-devel-boun...@lists.linuxcontainers.org]
Looks like lxc-checkpoint was missing the log inititalization code, so it never
actually logged anything when the options were provided.
Signed-off-by: Tycho Andersen
---
src/lxc/lxc_checkpoint.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/src/lxc/lxc_checkpoint.c b/src/lxc
The ->checkpoint() API call didn't exit correctly if criu was killed by a
signal instead of exiting, so lxc-checkpoint didn't fail correctly as a result.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 4
1 file changed, 4 insertions(+)
diff --git a/src/lxc/lxccont
With cgmanager, the cgroups are polled on demand, so these steps aren't needed.
However, with cgfs, lxc doesn't know about the cgroups for a container and so
it can't report any of the statistics about e.g. how much memory or CPU a
container is using.
Signed-off-by: Tycho Anderse
If we don't close these running lxc-checkpoint via:
ssh host "sudo lxc-checkpoint ..."
just hangs. We leave stderr open so that subesquent errors will print correctly
(and also because for whatever reason it doesn't break ssh :).
Signed-off-by: Tycho Andersen
---
src/lxc/
Hi all,
Based on some discussion on the criu list, we need to explicitly create the
cgroups we would like to restore into ourselves, so that the restore goes
correctly. There are also a few problems (as mentioned in the patch commit) if
we don't do this.
Tycho
___
This commit is in preparation for the cgroups create work, since we will need
the handler in both the parent and the child. This commit also re-works how
errors are propagated to be less verbose.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 70
an
alive container in u1-3).
Instead, we use lxc's cgroup_create, and then tell criu where to restore to.
Signed-off-by: Tycho Andersen
---
src/lxc/cgfs.c | 36 +++-
src/lxc/cgmanager.c| 11 ++-
src/lxc/cgroup.c
On Tue, Oct 07, 2014 at 07:33:07PM +, Tycho Andersen wrote:
> This commit is in preparation for the cgroups create work, since we will need
> the handler in both the parent and the child. This commit also re-works how
> errors are propagated to be less verbose.
Here is an update
This is in preparation for the cgroups creation work, but also probably just a
good idea in general. The ERROR message is handy since we print line nos. it
will to give people an indication of what arg was null.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 14 +-
1
Break the monolithic ->checkpoint and ->restore functions into smaller ones.
This is in preparation for the checkpoint/restore tty work, which has a similar
need to dump information outside of criu.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 61d06ea..b9eab17 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -3591,16 +3591,16
, and then changing the bridge name in the
container's configuration before running lxc-checkpoint.
Signed-off-by: Tycho Andersen
---
src/lxc/lxc-restore-net | 16 +++---
src/lxc/lxccontainer.c | 126 +++-
2 files changed, 68 insertions(+), 74 del
On Thu, Oct 16, 2014 at 08:53:03PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > We previously wrote a bunch of files (eth*, veth*, and bridge*) as hard
> > coded
> > files which we used as the names of interfaces to restore via c
On Fri, Oct 10, 2014 at 11:16:54AM +0800, Dongsheng Yang wrote:
> We should exit with a error when starting a running container.
Is this intentional? I just noticed it when pulling from master that
it breaks some of my scripts. Are we sure it doesn't break anything
else?
Tycho
> Signed-off-by: D
On Tue, Oct 21, 2014 at 02:29:28PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > On Fri, Oct 10, 2014 at 11:16:54AM +0800, Dongsheng Yang wrote:
> > > We should exit with a error when starting a running container.
> >
> &g
On Tue, Oct 21, 2014 at 02:54:34PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > On Tue, Oct 21, 2014 at 02:29:28PM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > > > On Fri, Oc
rootfs and then happliy called criu, pointing it to this directory which
didn't have lxc-restore-net any more, it just had the container's rootfs.
Instead, we should put lxc-restore-net somewhere else, so that criu can still
see it after the rootfs is mounted.
Signed-off-by: Tych
On Wed, Oct 22, 2014 at 10:25:02PM +, Tycho Andersen wrote:
> On restore, we pass criu a script to manage the network interfaces (i.e. the
> full path to lxc-restore-net), which we previously installed into
> /var/lib//lxc. However, this is also the directory that is the default
>
On Fri, Oct 31, 2014 at 03:31:38PM -0700, David Richardson wrote:
> Hey everyone,
>
> Apologies up front for a somewhat dumb question, but I'm looking to build
> and install LXC from source on Ubuntu-14.04 so that I can debug some issues
> I'm seeing with automounting in a container. My current s
mes with its own problems :)
Tycho
> ~Dave
>
> On Fri, Oct 31, 2014 at 3:34 PM, Tycho Andersen <
> tycho.ander...@canonical.com> wrote:
>
> > On Fri, Oct 31, 2014 at 03:31:38PM -0700, David Richardson wrote:
> > > Hey everyone,
> > >
> > > A
Hi all,
I have a couple questions about exactly how `lxd move` [1] would be
implemented.
First, is the --stateful argument necessary? Can we just drop it and
make it implied if the container is running?
Second, are we sure we want to support changing the hostname of a
running container (lxc move
On Thu, Nov 06, 2014 at 09:43:51AM -0500, Stéphane Graber wrote:
> On Thu, Nov 06, 2014 at 03:56:05AM -0600, Tycho Andersen wrote:
> > Hi all,
> >
> > I have a couple questions about exactly how `lxd move` [1] would be
> > implemented.
> >
> > First, is th
On Wed, Nov 12, 2014 at 03:51:04AM +, Serge Hallyn wrote:
> Otherwise both resulting takss will print what they had flushed when they
> exit.
>
> This fixes https://bugs.launchpad.net/bugs/1389244
>
> Signed-off-by: Serge Hallyn
Tested-by: Tycho Andersen
Thanks!
On Fri, Jan 09, 2015 at 07:49:54PM -0600, riya khanna wrote:
> Why is init not a session leader? I faced an issue with using CRIU
> because of that. Adding CRIU folks as well.
How did you call CRIU to do the dump?
Tycho
> Error (cr-dump.c:1598): A session leader of 74(1) is outside of its
> pid
Instead of having a parent process that's called whatever the caller of the
library is called, we instead set it to "[lxc monitor] "
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 10 +
src/lxc/utils.c| 61
On Fri, Jan 30, 2015 at 01:38:59PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Instead of having a parent process that's called whatever the caller of the
> > library is called, we instead set it to "[lxc monitor]
> >
Not all kernels have these macros; they'll just give an EINVAL if/when invoked.
Signed-off-by: Tycho Andersen
---
src/lxc/utils.c | 16
1 file changed, 16 insertions(+)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 9acf7e6..f9533db 100644
--- a/src/lxc/utils.c
+++
It turns out the process command line is in fact null terminated on the stack;
this caused a bug where when the new process title was smaller than the old
one, the first environment entry would be rendered as part of the process
title.
Signed-off-by: Tycho Andersen
---
src/lxc/utils.c | 9
From: Tycho Andersen
Signed-off-by: Tycho Andersen
---
src/lxc/lxc_checkpoint.c | 20
1 file changed, 20 insertions(+)
diff --git a/src/lxc/lxc_checkpoint.c b/src/lxc/lxc_checkpoint.c
index cfa08fc..8345789 100644
--- a/src/lxc/lxc_checkpoint.c
+++ b/src/lxc
Hi Ruslan,
On Tue, Mar 24, 2015 at 10:14:02AM +0200, Ruslan Kuprieiev wrote:
> Hi Axel,
>
> On 03/24/2015 01:17 AM, Axel Schöner wrote:
> >Am Montag, 23. März 2015, 15:42:47 schrieb Ruslan Kuprieiev:
> >>Hi!
> >>
> >>I'm trying to use lxc-checkpoint to dump/restore simple lxc container.
> >>
> >>
On Tue, Mar 24, 2015 at 04:40:00PM +0200, Ruslan Kuprieiev wrote:
> Hi Tycho,
>
> On 03/24/2015 04:21 PM, Tycho Andersen wrote:
> >Hi Ruslan,
> >
> >On Tue, Mar 24, 2015 at 10:14:02AM +0200, Ruslan Kuprieiev wrote:
> >>Hi Axel,
> >>
> >>On 0
On Tue, Mar 24, 2015 at 09:10:54PM +0200, Ruslan Kuprieiev wrote:
> Hi Tycho,
>
> On 03/24/2015 05:00 PM, Tycho Andersen wrote:
> >Yep :). For that I used utopic hosts with utopic containers with no LXCFS.
> >LXC hash 0080bebf3195 is probably a good one to use. You might be a
On Fri, Mar 20, 2015 at 08:38:39PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > From: Tycho Andersen
> >
> > Signed-off-by: Tycho Andersen
> > ---
> > src/lxc/lxc_checkpoint.c | 20
&
On Tue, Mar 24, 2015 at 07:40:48PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > + if (pid != 0)
> > + wait_for_pid(pid);
>
> Sorry - I suspect some package builds will fail on the ignore of
> return value here. Cou
On Tue, Mar 24, 2015 at 08:05:17PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > On Tue, Mar 24, 2015 at 07:40:48PM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canonical.com):
> >
calls it. Users
who want to daemonize the restore process need to fork themselves.
lxc-checkpoint has been updated to reflect this behavior change.
Signed-off-by: Tycho Andersen
---
src/lxc/lxc_checkpoint.c | 48 +++--
src/lxc/lxccontainer.c
On Wed, Mar 25, 2015 at 11:05:23AM -0600, Tycho Andersen wrote:
> Previously, lxcapi_restore used the calling process as the lxc monitor process
> (and just never returned), requiring users to fork before calling it. This, of
> course, would cause problems for things like LXD, which c
calls it. Users
who want to daemonize the restore process need to fork themselves.
lxc-checkpoint has been updated to reflect this behavior change.
Signed-off-by: Tycho Andersen
---
src/lxc/lxc_checkpoint.c | 48 +--
src/lxc/lxccontainer.c
CRIU needs to be told when something is bind mounted into the container from
the outside as cgmanager's socket is.
Signed-off-by: Tycho Andersen
---
src/lxc/cgfs.c | 1 +
src/lxc/cgmanager.c| 1 +
src/lxc/cgroup.c | 5 +
src/lxc/cgroup.h | 7 +++
sr
Signed-off-by: Tycho Andersen
---
src/lxc/conf.c | 18 +++---
src/lxc/conf.h | 2 ++
src/lxc/list.h | 11 +
src/lxc/lxccontainer.c | 67 +++---
4 files changed, 85 insertions(+), 13 deletions(-)
diff --git a
On Fri, Apr 03, 2015 at 04:41:01PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Previously, lxcapi_restore used the calling process as the lxc monitor
> > process
> > (and just never returned), requiring users to fork before call
It is impolite to print stuff to stderror owned by other people, and they might
miss it anyway since it's not in the normal log location.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 10 --
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/sr
Instead, the parent always writes a status to the pipe.
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 21 ++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index b310a0f..88cdf55 100644
--- a/src/lxc
On Fri, Apr 03, 2015 at 09:41:03PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Signed-off-by: Tycho Andersen
> > ---
> > src/lxc/conf.c | 18 +++---
> > src/lxc/conf.h | 2 ++
> > src/lxc/list.
On Mon, Apr 06, 2015 at 12:03:55PM -0400, Stéphane Graber wrote:
> On Fri, Apr 03, 2015 at 11:02:11AM -0600, Tycho Andersen wrote:
> > On Fri, Apr 03, 2015 at 04:41:01PM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > > > P
On Mon, Apr 06, 2015 at 12:09:28PM -0400, Stéphane Graber wrote:
> I'm not seeing an ack in this thread, are we expecting a new version of this?
Yep, here it is.
Tycho
>From fadafa4348e00cd0391a8facb939510c196fc46f Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Thu, 26 Mar 20
Hi all,
Here's a series that fixes several nits reported by Coverity Scan.
Tycho
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
Reported-by: Coverity
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 3c3ff33..6a2b080 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -3895,6 +3895,7 @@ static
We've already checked that c is not null above, so the false branch can never
be taken here.
Reported-by: Coverity
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
1. prctl() only accepts longs, so we can just scan the stat file as longs.
2. check overflow before addition
Signed-off-by: Tycho Andersen
---
src/lxc/utils.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 1df6e8f
Reported-by: Coverity
Signed-off-by: Tycho Andersen
---
src/lxc/conf.c | 22 ++
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index f1e89d8..e4222eb 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2053,16 +2053,30
This is more secure than tempnam().
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 30 +++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 5b96b8c..8424cf6 100644
--- a/src/lxc
lxc_console dereferences C, so we should check that it is not null and fail if
it is.
Reported-by: Coverity
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index
lxc/rootfs mountpoint propagates outside of our
mount namespace, which is bad, since we don't want to leak mounts. In
particular, this leak confuses criu the second time it goes to checkpoint
the container.
Signed-off-by: Tycho Andersen
---
src/lxc/lxcc
probably
want to wait to use 1.5 options until it has been out for a while and is in
distros.
Signed-off-by: Tycho Andersen
---
src/lxc/Makefile.am | 4
src/lxc/lxc-restore-net | 26 --
src/lxc/lxccontainer.c | 37 +
3 files changed
On Mon, Apr 13, 2015 at 07:18:21PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Reported-by: Coverity
> > Signed-off-by: Tycho Andersen
> > ---
> > src/lxc/conf.c | 22 ++
> > 1 file chang
On Mon, Apr 13, 2015 at 07:05:24PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > 1. prctl() only accepts longs, so we can just scan the stat file as longs.
>
> ? That's not what the manpage tells me.
Hmm, yeah, I must be crazy.
1. don't cast to long
2. check overflow before addition
v2: just remove the cast, don't change the type of the variables
Reported-by: Coverity
Signed-off-by: Tycho Andersen
---
src/lxc/utils.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/lxc
On Mon, Apr 13, 2015 at 04:52:37PM -0500, Stéphane Graber wrote:
> On Mon, Apr 13, 2015 at 06:07:05PM +0000, Tycho Andersen wrote:
> > This is more secure than tempnam().
>
> No such thing as mkstemp on Android unfortunately.
Yep, sorry. I think we can drop both the temp file p
Instead, check that the result is larger than its parts.
Signed-off-by: Tycho Andersen
---
src/lxc/utils.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 084b556..fe71e9a 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
does
Signed-off-by: Tycho Andersen
---
src/lxc/lxccontainer.c | 90 +++---
1 file changed, 20 insertions(+), 70 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 3c3ff33..db11947 100644
--- a/src/lxc/lxccontainer.
On Wed, Apr 15, 2015 at 03:48:10PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > CRIU now supports autodetection of external mounts via the --ext-mount-map
> > auto
> > --enable-external-sharing --enable-external-masters options,
On Wed, Apr 15, 2015 at 03:57:32PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > CRIU now supports autodetection of external mounts via the --ext-mount-map
> > auto
> > --enable-external-sharing --enable-external-masters options,
On Wed, Apr 15, 2015 at 04:19:54PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > On Wed, Apr 15, 2015 at 03:48:10PM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > > > CRIU now supp
On Wed, Apr 15, 2015 at 04:39:10PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > On Wed, Apr 15, 2015 at 04:19:54PM +, Serge Hallyn wrote:
> > > Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > > > On Wed, Ap
rt
does
v4: rebase onto master for revert of logging patch
Signed-off-by: Tycho Andersen
Acked-by: Serge E. Hallyn
---
src/lxc/lxccontainer.c | 91 +++---
1 file changed, 20 insertions(+), 71 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc
Note that we allow both a tagged version or a git build that has sufficient
patches for the features we require.
Signed-off-by: Tycho Andersen
---
src/lxc/criu.c | 89 ++
1 file changed, 89 insertions(+)
diff --git a/src/lxc/criu.c b/src
Trying to cage the beast that is lxccontainer.c.
Signed-off-by: Tycho Andersen
---
src/lxc/Makefile.am| 4 +-
src/lxc/criu.c | 477 +
src/lxc/criu.h | 70
src/lxc/lxccontainer.c | 454
On Fri, Apr 17, 2015 at 04:28:33PM +, Serge Hallyn wrote:
> Quoting Tycho Andersen (tycho.ander...@canonical.com):
> > Note that we allow both a tagged version or a git build that has sufficient
> > patches for the features we require.
> >
> > Signed-off-by: Ty
Note that we allow both a tagged version or a git build that has sufficient
patches for the features we require.
v2: close criu's stderr too
Signed-off-by: Tycho Andersen
Acked-by: Serge E. Hallyn
---
src/lxc/criu.c | 90 ++
1
1 - 100 of 187 matches
Mail list logo
