This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "lxc".
The branch, master has been updated via 00ad19d4dba5c05401125d4217dc8f4e7fd9403a (commit) via 2775bb4c5a13d80dbbe57adddb1b302267ccafd5 (commit) via 8edcbf336673d13bb944f817c9974298a77b7860 (commit) via 5e52afd52830c1853e6fc7ec76bd836ff6cfbcc9 (commit) via 7ef0141356454503ab81460290b5dffa32c1f441 (commit) via 1d39a0658370ac104825e796bf90bb96ae0b7027 (commit) via 460a1cf0a9465043652092b11844f026cdad1342 (commit) via ad08bbb704333984b21739e24506d463aea9bb16 (commit) via f10e7166ab7f6d2a6665842b2613dd45d1795cc9 (commit) via 257e5824e485816780035d93084db0852a4bfcee (commit) via e7d04aaea0b66df1bdbd303580c7a6125b7071d1 (commit) via f51db2b39a5006ed74271ffd0b46cbbc27d7bf0b (commit) via 631c07d49cb666f46990d83210d5ac916a700f21 (commit) via 910bb4fa53eddcaba291ee8ce917f161ef49caf0 (commit) from ed55bf5203aca88809d979b289d6b2280a18e79c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 00ad19d4dba5c05401125d4217dc8f4e7fd9403a Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 lxc-setcap/lxc-setuid: add autoconf expansion for $libexecdir Support new default location for LXCINITDIR. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 2775bb4c5a13d80dbbe57adddb1b302267ccafd5 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 make help consistent for other scripts Display help information in a consistent format. Print error messages and help information to stderr. Prefix error messages with the name of the script (for easier debugging as part of larger scripts). Allow help information to be printed as a non-root user. Fix file mode for lxc-checkconfig.in. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 8edcbf336673d13bb944f817c9974298a77b7860 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 rewrite lxc-ps Use bash instead of perl; eliminates final lxc dependency on perl (beneficial for minimal operating system environments). Modify the cgroup search to only use hierarchies that contain one or more subsystems. When searching, if a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Maintain column spacing. Expand container name column as necessary. Properly handle spaces in 'ps' output that are not field separators (for example, try 'lxc-ps -o pid,args'). Fix file mode in repository. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 5e52afd52830c1853e6fc7ec76bd836ff6cfbcc9 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 refresh lxc-netstat Modify the cgroup search to only use hierarchies that contain one or more subsystems. When searching, if a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Change method of bind mounting /proc/<pid>/net onto /proc/net, to avoid error "cannot mount block device /proc/<pid>/net read-only". Check that user is root. Check that container name is specified before calling 'exec'. Update the help information. Print error messages and help information to stderr. Make indentation consistent. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 7ef0141356454503ab81460290b5dffa32c1f441 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 refresh lxc-ls Add an '--active' option that lists active containers by searching cgroups. (Otherwise, the directories in /var/lib/lxc are listed.) Modify the cgroup search to only use hierarchies that contain one or more subsystems. When searching, if a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Add a '--help' option that prints the command syntax. Print error messages and help information to stderr. Update the documentation. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 1d39a0658370ac104825e796bf90bb96ae0b7027 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 cgroup: only touch hierarchies that are bound to subsystems Obtain a list of subsystems from /proc/cgroups, and ignore hierarchies that are not bound to any of them (especially the 'systemd' hierarchy: http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups ). Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 460a1cf0a9465043652092b11844f026cdad1342 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 lxc-attach: unify code for attaching a pid to a cgroup To attach a new pid to the cgroups for an existing container, we can use the same method that we did when we started the container: iterate over all the mounted cgroup hierarchies; find the cgroup that pid 1 is in for each hierarchy; add 'lxc/<name>' to the end of it; then write the pid to the 'tasks' file in that cgroup. (The only difference is that we do not create the cgroup again.) Note that we follow exactly the same iteration pattern to delete our cgroups when a container is shutdown. There may be situations where additional cgroups hierarchies are mounted after the container is started, or the cgroup for pid 1 gets reassigned. But we currently don't handle any of these cases in the shutdown code or anywhere else, so it doesn't make sense to try to handle these cases for lxc-attach by itself. Aside from simplifying the code, this change makes it easier to solve a different problem: ignoring hierarchies that are not bound to any subsystems (like 'systemd'). Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit ad08bbb704333984b21739e24506d463aea9bb16 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 cgroup: rearrange code blocks Avoid nesting and improve readability. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit f10e7166ab7f6d2a6665842b2613dd45d1795cc9 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 lxc-cgroup: use correct terminology lxc-cgroup gets or sets the value of a state object (such as 'cpuset.cpus'), not the value of a subsystem (which would be just 'cpuset'). Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 257e5824e485816780035d93084db0852a4bfcee Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 cgroup: additional fix for deprecated ns subsystem When a hierarchy contains the 'ns' subsystem, do not append '/lxc' to the parent cgroup. Update surrounding comments for consistency. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit e7d04aaea0b66df1bdbd303580c7a6125b7071d1 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 utmp: support non-rootfs configuration Having a rootfs is not a necessary condition for monitoring utmp, since /var or /var/run can just be remounted inside the container instead. We should rely on the other two conditions already in place to decide whether to monitor the utmp file: - the container was started with 'lxc-start', which indicates that it has a real init process and is expected to write to a utmp file - support for CAP_SYS_BOOT was not found in the kernel, which would otherwise supersede utmp monitoring Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit f51db2b39a5006ed74271ffd0b46cbbc27d7bf0b Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 utmp: do not set conf->need_utmp_watch if CAP_SYS_BOOT is not found If CAP_SYS_BOOT is not found in the kernel, the existing value for conf->need_utmp_watch should be left intact (which will be '1' for containers started with 'lxc-start', or '0' for containers started with 'lxc-execute'). Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 631c07d49cb666f46990d83210d5ac916a700f21 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 lxc-attach: use execvp instead of execve execvp does not require specifying the full path to the executable (e.g., "ls" instead of "/bin/ls"), making the operation of 'lxc-attach' consistent with 'lxc-start' and 'lxc-execute'. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> commit 910bb4fa53eddcaba291ee8ce917f161ef49caf0 Author: David Ward <david.w...@ll.mit.edu> Date: Fri May 4 00:50:15 2012 +0200 use syscall numbers from Linux kernel headers __NR_setns is defined in the Linux kernel headers in linux/unistd.h. The full Linux kernel sources are not necessary for compilation. Signed-off-by: David Ward <david.w...@ll.mit.edu> Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> ----------------------------------------------------------------------- Summary of changes: config/linux.m4 | 76 ---------- configure.ac | 9 +- doc/lxc-cgroup.sgml.in | 31 +++-- doc/lxc-ls.sgml.in | 17 ++- src/lxc/Makefile.am | 11 -- src/lxc/attach.c | 113 +--------------- src/lxc/attach.h | 9 -- src/lxc/cgroup.c | 210 ++++++++++++++++++----------- src/lxc/cgroup.h | 2 +- src/lxc/lxc-checkconfig.in | 15 +- src/lxc/lxc-clone.in | 70 +++++----- src/lxc/lxc-create.in | 96 ++++++------- src/lxc/lxc-destroy.in | 40 ++++-- src/lxc/lxc-ls.in | 119 ++++++++++++---- src/lxc/lxc-netstat.in | 146 +++++++++++++------- src/lxc/lxc-ps.in | 329 ++++++++++++++++---------------------------- src/lxc/lxc-setcap.in | 37 ++++-- src/lxc/lxc-setuid.in | 36 ++++-- src/lxc/lxc_attach.c | 10 +- src/lxc/lxc_cgroup.c | 22 ++-- src/lxc/start.c | 3 +- src/lxc/utmp.c | 4 - 22 files changed, 653 insertions(+), 752 deletions(-) delete mode 100644 config/linux.m4 mode change 100755 => 100644 src/lxc/lxc-checkconfig.in mode change 100755 => 100644 src/lxc/lxc-ps.in hooks/post-receive -- lxc ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel