]> git.ipfire.org Git - thirdparty/lxc.git/log
thirdparty/lxc.git
8 years agodrop useless apparmor denies
Tycho Andersen [Tue, 3 Oct 2017 05:00:21 +0000 (23:00 -0600)] 
drop useless apparmor denies

mem and kmem are really in /dev, so this does us no good.

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
8 years agodoc: fix regex-typo in Japanese and Korean lxc-monitor(1)
KATOH Yasufumi [Tue, 19 Sep 2017 15:51:03 +0000 (00:51 +0900)] 
doc: fix regex-typo in Japanese and Korean lxc-monitor(1)

Update for commit e3dd06ef41b63d0ee362fea74a3f2d798dbfe929

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
8 years agoutils: fix lxc_popen()/lxc_pclose()
Christian Brauner [Wed, 13 Sep 2017 15:07:43 +0000 (17:07 +0200)] 
utils: fix lxc_popen()/lxc_pclose()

- rework and fix pipe fd leak

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoutils: duplicate stderr as well in lxc_popen()
Christian Brauner [Wed, 13 Sep 2017 03:25:22 +0000 (05:25 +0200)] 
utils: duplicate stderr as well in lxc_popen()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agofix regex-typo in lxc-monitor.sgml.in
Christian von Roques [Tue, 12 Sep 2017 10:31:23 +0000 (12:31 +0200)] 
fix regex-typo in lxc-monitor.sgml.in

To match names beginning with the letters "f" or "b" one can use
the regular expression "[fb].*" or "(f|b).*", but not "[f|b].*",
which would match strings beginning with "f", "|", or "b".

Signed-off-by: Christian von Roques <roques@z12.ch>
8 years agoutils: lxc_popen() remove dead assignments
Christian Brauner [Sun, 10 Sep 2017 06:09:52 +0000 (08:09 +0200)] 
utils: lxc_popen() remove dead assignments

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agotests: avoid NULL pointer dereference
Christian Brauner [Sun, 10 Sep 2017 06:09:05 +0000 (08:09 +0200)] 
tests: avoid NULL pointer dereference

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agolxc_usernsexec: remove dead assignments
Christian Brauner [Sun, 10 Sep 2017 06:03:06 +0000 (08:03 +0200)] 
lxc_usernsexec: remove dead assignments

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconsole: non-functional change
Christian Brauner [Wed, 30 Aug 2017 14:37:22 +0000 (16:37 +0200)] 
console: non-functional change

Remove executable bit.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agotemplates/ubuntu: conditionally move upstart ssh job, as it is now optional.
Dimitri John Ledkov [Tue, 29 Aug 2017 14:11:55 +0000 (15:11 +0100)] 
templates/ubuntu: conditionally move upstart ssh job, as it is now optional.

Mimic the code from the debian template.

Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
8 years agortnl: non-functional changes
Christian Brauner [Fri, 25 Aug 2017 05:07:43 +0000 (07:07 +0200)] 
rtnl: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoUse deb.debian.org as the default Debian mirror
Salvatore Bonaccorso [Thu, 24 Aug 2017 07:24:29 +0000 (09:24 +0200)] 
Use deb.debian.org as the default Debian mirror

The httpredir.debian.org service has been discontinued in favour of
deb.debian.org and httpredir.debian.org now redirects to deb.debian.org.

https://lists.debian.org/debian-mirrors/2017/02/msg00000.html
https://wiki.debian.org/DebianGeoMirror#httpredir.debian.org_.2F_http.debian.net

Cf. https://bugs.debian.org/872719

Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
8 years agotools: use "which"
Christian Brauner [Mon, 21 Aug 2017 15:33:30 +0000 (17:33 +0200)] 
tools: use "which"

Somehow "type" doesn't really work.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoFix mem leak with realpath
Shukui Yang [Fri, 11 Aug 2017 09:12:24 +0000 (17:12 +0800)] 
Fix mem leak with realpath

Signed-off-by: Shukui Yang <yangshukui@huawei.com>
8 years agodebian: Add buster as a valid release
Stéphane Graber [Mon, 7 Aug 2017 21:49:40 +0000 (17:49 -0400)] 
debian: Add buster as a valid release

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agotravis: fix builds
Christian Brauner [Wed, 2 Aug 2017 16:41:57 +0000 (18:41 +0200)] 
travis: fix builds

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agotemplates/opensuse: getty.target.wants does not always exists
Thomas Lamprecht [Tue, 1 Aug 2017 06:03:07 +0000 (08:03 +0200)] 
templates/opensuse: getty.target.wants does not always exists

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 years agolxccontainer: use snprintf()
Christian Brauner [Sat, 15 Jul 2017 13:34:21 +0000 (15:34 +0200)] 
lxccontainer: use snprintf()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoUse "rsync -SHaAX" to copy the cached rootfs into place
Harald Dunkel [Fri, 28 Jul 2017 18:08:02 +0000 (13:08 -0500)] 
Use "rsync -SHaAX" to copy the cached rootfs into place

(updated by Serge to also handle hte new lxc-fedora{-legacy{.in
templates)

Signed-off-by: Harald Dunkel <harri@afaics.de>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
8 years agocommonds: fix typo
Long Wang [Sun, 9 Jul 2017 00:10:34 +0000 (08:10 +0800)] 
commonds: fix typo

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agocommands: add missing translation
Christian Brauner [Mon, 3 Jul 2017 21:37:31 +0000 (23:37 +0200)] 
commands: add missing translation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoutils: close parent end in child process after fork
Long Wang [Sat, 8 Jul 2017 05:27:16 +0000 (13:27 +0800)] 
utils: close parent end in child process after fork

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agostate: remove lxc_rmstate declaration
Long Wang [Sat, 8 Jul 2017 02:40:41 +0000 (10:40 +0800)] 
state: remove lxc_rmstate declaration

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agoaf_unix: remove unlink operation
Long Wang [Sat, 8 Jul 2017 02:29:57 +0000 (10:29 +0800)] 
af_unix: remove unlink operation

It is not necessary to unlink the abstract socket pathname when
we have finished using the socket. The abstract name is automatically
removed when the socket is closed.

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agoAllow containers to start in AppArmor namespaces
Frédéric Dalleau [Fri, 7 Jul 2017 09:26:45 +0000 (11:26 +0200)] 
Allow containers to start in AppArmor namespaces

This patch allows users to start containers in AppArmor namespaces.
Users can define their own profiles for their containers, but
lxc-start must be allowed to change to a namespace.

A container configuration file can wrap a container in an AppArmor
profile using lxc.aa_profile.

A process in an AppArmor namespace is restricted to view
or manage only the profiles belonging to this namespace, as if no
other profiles existed. A namespace can be created as follow:
sudo mkdir /sys/kernel/security/apparmor/policy/namespaces/$NAMESPACE

AppArmor can stack profiles so that the contained process is bound
by the intersection of all profiles of the stack. This is achieved
using the '//&' operator as follow:

lxc.aa_profile = $PROFILE//&:$NAMESPACE://unconfined

In this case, even the guest process appears unconfined in the
namespace, it is still confined by $PROFILE.

A guest allowed to access "/sys/kernel/security/apparmor/** rwklix,"
will be able to manage its own profile set, while still being
enclosed in the topmost profile $PROFILE:

Different guests can be assigned the same namespace or different
namespaces. In the first case, they will share their profiles.
In the second case, they will have distinct sets of profiles.

This is validated on privileged containers.

Signed-off-by: Frédéric Dalleau <frederic.dalleau@collabora.com>
8 years agotests: remove temp lxcpath for attach testcase
Long Wang [Wed, 5 Jul 2017 07:39:02 +0000 (15:39 +0800)] 
tests: remove temp lxcpath for attach testcase

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agolxc-init: add comment for exclude 32 and 33 signals
Long Wang [Wed, 5 Jul 2017 02:53:02 +0000 (10:53 +0800)] 
lxc-init: add comment for exclude 32 and 33 signals

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agoREADME: update
Christian Brauner [Mon, 3 Jul 2017 22:15:05 +0000 (00:15 +0200)] 
README: update

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoREADME: add CII Best Practices badge to README
Christian Brauner [Mon, 3 Jul 2017 18:39:59 +0000 (20:39 +0200)] 
README: add CII Best Practices badge to README

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agolxclock: non-functional changes
Long Wang [Mon, 3 Jul 2017 07:43:34 +0000 (15:43 +0800)] 
lxclock: non-functional changes

This patch mainly updates comments based on the current code.

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agolxclock: return the right error when open lock file failed
Long Wang [Mon, 3 Jul 2017 07:41:25 +0000 (15:41 +0800)] 
lxclock: return the right error when open lock file failed

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agofix some cppcheck warnings
0x0916 [Sun, 2 Jul 2017 11:12:05 +0000 (19:12 +0800)] 
fix some cppcheck warnings

use cppcheck tools `cppcheck --enable=warning  .` on lxc source directory.

This patch fix the following warnning

```
[src/lxc/cgroups/cgfs.c:794]: (warning) %ld in format string (no. 3) requires 'long' but the argument type is 'unsigned long'.
[src/lxc/confile.c:4441]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'.
[src/lxc/confile.c:4502]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'.
[src/lxc/confile_legacy.c:921]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'.
[src/lxc/confile_legacy.c:938]: (warning) %d in format string (no. 2) requires 'int' but the argument type is 'unsigned int'.
[src/lxc/lxclock.c:63]: (warning) %zd in format string (no. 1) requires 'ssize_t' but the argument type is 'size_t {aka unsigned long}'.
[src/lxc/tools/lxc_info.c:118]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_info.c:118]: (warning) %u in format string (no. 2) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_info.c:123]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_info.c:127]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_info.c:130]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_top.c:212]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_top.c:212]: (warning) %u in format string (no. 2) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_top.c:217]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_top.c:221]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
[src/lxc/tools/lxc_top.c:224]: (warning) %u in format string (no. 1) requires 'unsigned int' but the argument type is 'signed int'.
```

Signed-off-by: Long Wang <w@laoqinren.net>
8 years agoconfile: free netdev->downscript
0x0916 [Tue, 27 Jun 2017 14:12:38 +0000 (22:12 +0800)] 
confile: free netdev->downscript

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoremove the `__func__` macro
0x0916 [Mon, 26 Jun 2017 09:55:12 +0000 (17:55 +0800)] 
remove the `__func__` macro

Our logging function will always spew out the function name.

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoAPI doc: update note for get_config_item
0x0916 [Mon, 26 Jun 2017 09:28:47 +0000 (17:28 +0800)] 
API doc: update note for get_config_item

Fix issue: https://github.com/lxc/lxc/issues/505

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agouse altarch mirror for CentOS on arches other than i386 and x86_64
Evgeni Golov [Sat, 24 Jun 2017 16:53:05 +0000 (18:53 +0200)] 
use altarch mirror for CentOS on arches other than i386 and x86_64

CentOS only has i386 and x86_64 listed in mirrorlist.centos.org,
use http://mirror.centos.org/altarch/ for all other arches instead

See: https://bugs.centos.org/view.php?id=11250

Signed-off-by: Evgeni Golov <evgeni@debian.org>
8 years agotemplates/debian: add aarch64 → arm64 mapping
Evgeni Golov [Sat, 24 Jun 2017 15:24:49 +0000 (17:24 +0200)] 
templates/debian: add aarch64 → arm64 mapping

uname -m reports aarch64, but Debian calls the arch arm64

Signed-off-by: Evgeni Golov <evgeni@debian.org>
8 years agoUse strerror(errno) instead of %m
0x0916 [Fri, 23 Jun 2017 11:41:34 +0000 (19:41 +0800)] 
Use strerror(errno) instead of %m

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoMerge pull request #1749 from brauner/2017-08-15/stable_1_0_cherry_picks
Stéphane Graber [Tue, 15 Aug 2017 22:55:51 +0000 (18:55 -0400)] 
Merge pull request #1749 from brauner/2017-08-15/stable_1_0_cherry_picks

bdev: enable building with gcc7

8 years agobdev: enable building with gcc7 1749/head
Christian Brauner [Tue, 15 Aug 2017 22:34:23 +0000 (00:34 +0200)] 
bdev: enable building with gcc7

We shouldn't ignore this anyway.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoadding warning for mtu ignoring
Shane Chen [Thu, 1 Jun 2017 05:36:41 +0000 (13:36 +0800)] 
adding warning for mtu ignoring

Signed-off-by: Shane Chen <ss1ha3tw@gmail.com>
8 years agoconf: improve write_id_mapping()
Christian Brauner [Sat, 27 May 2017 06:16:01 +0000 (08:16 +0200)] 
conf: improve write_id_mapping()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconf: non-functional changes
Christian Brauner [Sun, 28 May 2017 22:18:37 +0000 (00:18 +0200)] 
conf: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_utsname()
Christian Brauner [Mon, 29 May 2017 13:04:40 +0000 (15:04 +0200)] 
confile: config_utsname()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_stopsignal()
Christian Brauner [Mon, 29 May 2017 13:01:28 +0000 (15:01 +0200)] 
confile: config_stopsignal()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_haltsignal()
Christian Brauner [Mon, 29 May 2017 12:59:21 +0000 (14:59 +0200)] 
confile: config_haltsignal()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_haltsignal()
Christian Brauner [Mon, 29 May 2017 12:58:24 +0000 (14:58 +0200)] 
confile: config_haltsignal()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_start()
Christian Brauner [Mon, 29 May 2017 12:53:58 +0000 (14:53 +0200)] 
confile: config_start()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_cap_drop()
Christian Brauner [Mon, 29 May 2017 12:41:02 +0000 (14:41 +0200)] 
confile: config_cap_drop()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_cap_keep()
Christian Brauner [Mon, 29 May 2017 12:40:47 +0000 (14:40 +0200)] 
confile: config_cap_keep()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_mount()
Christian Brauner [Mon, 29 May 2017 12:40:32 +0000 (14:40 +0200)] 
confile: config_mount()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_mount_auto()
Christian Brauner [Mon, 29 May 2017 12:40:18 +0000 (14:40 +0200)] 
confile: config_mount_auto()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_fstab()
Christian Brauner [Mon, 29 May 2017 12:39:56 +0000 (14:39 +0200)] 
confile: config_fstab()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_idmap()
Christian Brauner [Mon, 29 May 2017 12:39:33 +0000 (14:39 +0200)] 
confile: config_idmap()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_cgroup()
Christian Brauner [Mon, 29 May 2017 12:38:50 +0000 (14:38 +0200)] 
confile: config_cgroup()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_loglevel()
Christian Brauner [Mon, 29 May 2017 12:38:26 +0000 (14:38 +0200)] 
confile: config_loglevel()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_group()
Christian Brauner [Mon, 29 May 2017 12:37:42 +0000 (14:37 +0200)] 
confile: config_group()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_hook()
Christian Brauner [Mon, 29 May 2017 12:37:18 +0000 (14:37 +0200)] 
confile: config_hook()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_ipv6_gateway()
Christian Brauner [Mon, 29 May 2017 12:36:36 +0000 (14:36 +0200)] 
confile: config_network_ipv6_gateway()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_ipv6()
Christian Brauner [Mon, 29 May 2017 12:36:12 +0000 (14:36 +0200)] 
confile: config_network_ipv6()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_ipv4_gateway()
Christian Brauner [Mon, 29 May 2017 12:35:55 +0000 (14:35 +0200)] 
confile: config_network_ipv4_gateway()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_ipv4()
Christian Brauner [Mon, 29 May 2017 12:35:13 +0000 (14:35 +0200)] 
confile: config_network_ipv4()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_hwaddr()
Christian Brauner [Mon, 29 May 2017 12:34:34 +0000 (14:34 +0200)] 
confile: config_network_hwaddr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_network_type()
Christian Brauner [Mon, 29 May 2017 12:32:37 +0000 (14:32 +0200)] 
confile: config_network_type()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: config_string_item()
Christian Brauner [Mon, 29 May 2017 12:30:04 +0000 (14:30 +0200)] 
confile: config_string_item()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconfile: add config_value_empty()
Christian Brauner [Mon, 29 May 2017 12:28:34 +0000 (14:28 +0200)] 
confile: add config_value_empty()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoREADME: reword id mapping restrictions when unpriv
Christian Brauner [Mon, 29 May 2017 04:02:24 +0000 (06:02 +0200)] 
README: reword id mapping restrictions when unpriv

Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agorepo: add new README
Christian Brauner [Sat, 27 May 2017 01:53:59 +0000 (03:53 +0200)] 
repo: add new README

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoFix the bug of 'ts->stdoutfd' did not fill with parameters 'stdoutfd'
Li Feng [Fri, 19 May 2017 14:40:07 +0000 (22:40 +0800)] 
Fix the bug of 'ts->stdoutfd' did not fill with parameters 'stdoutfd'

Signed-off-by: Li Feng <lifeng68@huawei.com>
8 years agoAdd cronie to the pkg list
mgariepy [Wed, 17 May 2017 19:03:20 +0000 (15:03 -0400)] 
Add cronie to the pkg list

Add cronie to have crond running in the containers.

Signed-off-by: Marc Gariepy <gariepy.marc@gmail.com>
8 years agoseccomp: print action name in log
0x0916 [Mon, 15 May 2017 10:05:09 +0000 (18:05 +0800)] 
seccomp: print action name in log

This patch add function `get_action_name`, so we can print action name
in the log file. for example:

```
lxc-start ubuntu 20170515095416.561 INFO     lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for reject_force_umount action 0(kill).
lxc-start ubuntu 20170515095416.562 INFO     lxc_seccomp - seccomp.c:parse_config_v2:613 - Adding compat rule for kexec_load action 327681(errno).
```

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoseccomp: update comment for function `parse_config`
0x0916 [Mon, 15 May 2017 10:04:27 +0000 (18:04 +0800)] 
seccomp: update comment for function `parse_config`

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoseccomp: s/n-new-privs/no-new-privs/g
0x0916 [Mon, 15 May 2017 10:03:41 +0000 (18:03 +0800)] 
seccomp: s/n-new-privs/no-new-privs/g

Signed-off-by: 0x0916 <w@laoqinren.net>
8 years agoconf: fix build without libcap
Dima Krasner [Sun, 14 May 2017 09:24:59 +0000 (12:24 +0300)] 
conf: fix build without libcap

Signed-off-by: Dima Krasner <samdima@securingsam.com>
8 years agochange version to 1.0.10 in configure.ac lxc-1.0.10
Stéphane Graber [Thu, 11 May 2017 17:02:58 +0000 (13:02 -0400)] 
change version to 1.0.10 in configure.ac

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agolxccontainer: avoid NULL pointer dereference
Christian Brauner [Sat, 6 May 2017 21:38:22 +0000 (23:38 +0200)] 
lxccontainer: avoid NULL pointer dereference

In case the lxc command socket is hashed and the socket was created for a
different path than the one we're currently querying
lxc_cmd_get_{lxcpath,name}() can return NULL. The command socket path is hashed
when len(lxcpath) > sizeof(sun_path) - 2.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agocommands: non-functional changes
Christian Brauner [Sat, 6 May 2017 21:37:53 +0000 (23:37 +0200)] 
commands: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agocommands: avoid NULL pointer dereference
Christian Brauner [Sat, 6 May 2017 21:35:57 +0000 (23:35 +0200)] 
commands: avoid NULL pointer dereference

lxc_cmd_get_lxcpath() and lxc_cmd_get_name() both pass a nil pointer to
fill_sock_name(). Make sure that they are not dereferenced.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconf: order mount options
Christian Brauner [Tue, 2 May 2017 21:37:16 +0000 (23:37 +0200)] 
conf: order mount options

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoissue template: fix typo
Christian Brauner [Sun, 23 Apr 2017 20:04:54 +0000 (22:04 +0200)] 
issue template: fix typo

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agocreate ISSUE_TEMPLATE.md
Christian Brauner [Sat, 22 Apr 2017 16:38:44 +0000 (18:38 +0200)] 
create ISSUE_TEMPLATE.md

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoconf: less error prone pointer access
Wolfgang Bumiller [Fri, 23 Dec 2016 12:10:01 +0000 (13:10 +0100)] 
conf: less error prone pointer access

These functions define pointer to their key shifted by a
number and guard access to it later via another variable.
Let's make this more explicit (and additionally have the
pointer be NULL in the case where it is not supposed to be
used).

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
8 years agoremove obsolete note about api stability
Jakob Gillich [Sat, 8 Apr 2017 01:05:40 +0000 (03:05 +0200)] 
remove obsolete note about api stability

Signed-off-by: Jakob Gillich <jakob@gillich.me>
8 years agoIncreased buffer length in print_stats()
Denis Pynkin [Thu, 30 Mar 2017 15:31:48 +0000 (18:31 +0300)] 
Increased buffer length in print_stats()

Some "/sys" entries exceeds buffer size.
This results to some statistics loss ('BlkIO' in particular):

 wc -c /sys/fs/cgroup/blkio/lxc/alt/blkio.throttle.io_service_bytes
 318 /sys/fs/cgroup/blkio/lxc/alt/blkio.throttle.io_service_bytes

Signed-off-by: Denis Pynkin <dans@altlinux.org>
8 years agoMerge pull request #1386 from brauner/2017-01-16/fix_CVE-2016-10124_stable-1.0
Stéphane Graber [Tue, 4 Apr 2017 18:21:10 +0000 (14:21 -0400)] 
Merge pull request #1386 from brauner/2017-01-16/fix_CVE-2016-10124_stable-1.0

stable-1.0: backport fixes for CVE-2016-10124

8 years agolxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals 1386/head
Thomas Jarosch [Thu, 2 Feb 2017 11:48:35 +0000 (12:48 +0100)] 
lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals

Prevent an endless loop while executing lxc-attach in the background:

The kernel might fire SIGTTOU while an ioctl() in tcsetattr()
is executed. When the ioctl() is resumed and retries,
the signal handler interrupts it again.

We can't configure the TTY to stop sending
the signals in the first place since that
is a modification/write to the TTY already.

Still we clear the TOSTOP flag to prevent further signals.

Command to reproduce the hang:
----------------------------
cat > lxc_hang.sh << EOF
/usr/bin/timeout 5s /usr/bin/lxc-attach -n SOMECONTAINER -- /bin/true
EOF
sh lxc_hang.sh    # hangs
----------------------------

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
8 years agoCVE-2016-10124: make lxc-attach use a pty
Christian Brauner [Mon, 16 Jan 2017 14:10:45 +0000 (15:10 +0100)] 
CVE-2016-10124: make lxc-attach use a pty

Previous versions of lxc-attach simply attached to the specified namespaces of
a container and ran a shell or the specified command without first allocating a
pseudo terminal. This made them vulnerable to input faking via a TIOCSTI ioctl
call after switching between userspace execution contexts with different
privilege levels. Newer versions of lxc-attach will try to allocate a pseudo
terminal master/slave pair on the host and attach any standard file descriptors
which refer to a terminal to the slave side of the pseudo terminal before
executing a shell or command. Note, that if none of the standard file
descriptors refer to a  terminal lxc-attach will not try to allocate a pseudo
terminal. Instead it will simply attach to the containers namespaces and run a
shell or the specified command.

(This is a backport of a series of patches fixing CVE-2016-10124.)

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoCVE-2016-10124: backport new console backend
Christian Brauner [Mon, 16 Jan 2017 14:03:59 +0000 (15:03 +0100)] 
CVE-2016-10124: backport new console backend

- Make escape sequence to exit tty optional since we want to reuse
  lxc_console_cb_tty_stdin() in lxc_attach.c.
- Export the following functions since they can be reused in other modules:
  - lxc_console_cb_tty_stdin()
  - lxc_console_cb_tty_master()
  - lxc_setup_tios(int fd, struct termios *oldtios);
  - lxc_console_winsz(int srcfd, int dstfd);
  - lxc_console_cb_sigwinch_fd(int fd, uint32_t events, void *cbdata, struct lxc_epoll_descr *descr);
  - lxc_tty_state *lxc_console_sigwinch_init(int srcfd, int dstfd);
  - lxc_console_sigwinch_fini(struct lxc_tty_state *ts);
- rewrite lxc_console_set_stdfds()
  - Make lxc_console_set_stdfds useable by other callers that do not have
    access to lxc_handler.
- Use ssh settings for ptys.
- Remove all asserts from console.{c,h}.
- Adapt start.c to changes.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
8 years agoFix opening wrong file in suggest_default_idmap
John Chen [Wed, 22 Mar 2017 03:03:59 +0000 (11:03 +0800)] 
Fix opening wrong file in suggest_default_idmap

Fixing the typo making `suggest_default_idmap` open `subuidfile`
instead of `subgidfile` to read subgid information.

Signed-off-by: Pochang Chen <johnchen902@gmail.com>
8 years agotests: Kill containers (don't wait for shutdown)
Stéphane Graber [Tue, 21 Mar 2017 20:35:44 +0000 (16:35 -0400)] 
tests: Kill containers (don't wait for shutdown)

We waste a lot of time waiting for Ubuntu containers to cleanly stop
right before we destroy them anyway.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agotests: Support running on IPv6 networks
Stéphane Graber [Tue, 21 Mar 2017 20:23:27 +0000 (16:23 -0400)] 
tests: Support running on IPv6 networks

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agoChange variable check to match existing style
Tai Kedzierski [Sun, 19 Mar 2017 17:28:26 +0000 (17:28 +0000)] 
Change variable check to match existing style

Signed-off-by: Tai Kedzierski <dch.tai@gmail.com>
8 years agolxc-download.in / Document keyserver change in help
Tai Kedzierski [Sun, 19 Mar 2017 09:27:42 +0000 (09:27 +0000)] 
lxc-download.in / Document keyserver change in help

Signed-off-by: Tai Kedzierski <dch.tai@gmail.com>
8 years agolxc-download.in / allow setting keyserver from env
Tai Kedzierski [Sun, 19 Mar 2017 09:21:29 +0000 (09:21 +0000)] 
lxc-download.in / allow setting keyserver from env

Checks if DOWNLOAD_KEYSERVER has already been set in the environment before setting a value

Signed-off-by: Tai Kedzierski <dch.tai@gmail.com>
8 years agopython3: Deal with potential NULL char*
Stéphane Graber [Fri, 17 Mar 2017 08:52:41 +0000 (09:52 +0100)] 
python3: Deal with potential NULL char*

Closes #1466

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agolxc-checkconfig: verify new[ug]idmap are setuid-root
Serge Hallyn [Tue, 14 Mar 2017 18:16:48 +0000 (13:16 -0500)] 
lxc-checkconfig: verify new[ug]idmap are setuid-root

Signed-off-by: Serge Hallyn <serge@hallyn.com>
8 years agoseccomp: set SCMP_FLTATR_ATL_TSKIP if available
Serge Hallyn [Mon, 6 Mar 2017 19:36:19 +0000 (13:36 -0600)] 
seccomp: set SCMP_FLTATR_ATL_TSKIP if available

Newer libseccomp has a flag called SCMP_FLTATR_ATL_TSKIP which
allows syscall '-1' (nop) to be executed.  Without that flag,
debuggers cannot skip system calls inside containers.  For reference,
see the seccomp(2) manpage, which says:

The tracer can skip the system call by changing the system call  number  to  -1.

and see the seccomp issue #80

Signed-off-by: Serge Hallyn <serge@hallyn.com>
8 years agosqueeze is not a supported release anymore, drop the key
Evgeni Golov [Thu, 23 Feb 2017 21:03:40 +0000 (22:03 +0100)] 
squeeze is not a supported release anymore, drop the key

Signed-off-by: Evgeni Golov <evgeni@debian.org>
8 years agoseccomp: allow x32 guests on amd64 hosts.
Adam Borowski [Sun, 12 Feb 2017 06:26:54 +0000 (07:26 +0100)] 
seccomp: allow x32 guests on amd64 hosts.

Without this patch, x32 guests (and no others) worked "natively" with x32
host lxc, but not on regular amd64 hosts.  That was especially problematic
as a number of ioctls such as those needed by netfilter don't work in such
scenarios, thus you want to run amd64 on the host.

With the patch, you can use all three ABIs: i386 x32 amd64 on amd64 hosts.

Despite x32 being little used, there's no reason to deny it by default:
the admin needs to compile their own kernel with CONFIG_X86_X32=y or (on
Debian) boot with syscall.x32=y.  If they've done so, it is a reasonable
assumption they want x32 guests.

Signed-off-by: Adam Borowski <kilobyte@angband.pl>
8 years agoconfile: clear lxc.network.<n>.ipv{4,6} when empty
Christian Brauner [Mon, 6 Feb 2017 22:08:26 +0000 (23:08 +0100)] 
confile: clear lxc.network.<n>.ipv{4,6} when empty

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>