James Cowgill [Mon, 15 Aug 2016 16:09:44 +0000 (16:09 +0000)]
seccomp: Implement MIPS seccomp handling
MIPS processors implement 3 ABIs: o32, n64 and n32 (similar to x32). The kernel
treats each ABI separately so syscalls disallowed on "all" arches should be
added to all three seccomp sets. This is implemented by expanding compat_arch
and compat_ctx to accept two compat architectures.
After this, the MIPS hostarch detection code and config section code is added.
Signed-off-by: James Cowgill <james410@cowgill.org.uk>
Stéphane Graber [Wed, 17 Aug 2016 19:42:34 +0000 (15:42 -0400)]
Use full GPG fingerprint instead of long IDs.
With how easy it is to create a collision on a short ID nowadays and
given that the user doesn't actually have to remember or manually enter
the key ID, lets just use the full fingerprint from now on.
This fixes a double free corruption on container-requested
reboots when lxc_spawn() fails before receiving the ttys, as
lxc_fini() (part of __lxc_start()'s cleanup) calls
lxc_delete_tty().
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Antonio Terceiro [Wed, 29 Jun 2016 17:58:35 +0000 (14:58 -0300)]
lxc-debian: fix regression when creating wheezy containers
The regression was introduced by commit 3c39b0b7a2b445e08d2e2aecb05566075f4f3423 which makes it possible to
create working stretch containers by forcinig `init` to be in the
included package list.
However, `init` didn't exit before jessie, so now for wheezy we
explicitly include `sysvinit`; sysvinit on wheezy is essential,
so it would already be included anyway.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
Preetam D'Souza [Tue, 28 Jun 2016 03:12:12 +0000 (23:12 -0400)]
Include all lxcmntent.h function declarations on Bionic
Newer versions of Android (5.0+, aka API Level 21+) include mntent.h,
which declares setmntent and endmntent. This hits an edge
case with the preprocessor checks in lxcmntent.h because HAVE_SETMNTENT
and HAVE_ENDMNTENT are both defined (in Bionic's mntent.h), but conf.c
always includes lxcmntent.h on Bionic! As a result, we get compiler
warnings of implicit function declarations for setmntent endmntent.
This patch always includes setmntent/endmntent/hasmntopt function
declarations on Bionic, which gets rid of these warnings.
Antonio Terceiro [Fri, 17 Jun 2016 22:00:56 +0000 (19:00 -0300)]
lxc-debian: make sure init is installed
init 1.34 is not "Essential" anymore, in order to make it not required
on minimal chroots, docker containers, etc. Because of that we now need
to manually include it on systems that are expected to boot.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
Stewart Brodie [Tue, 10 May 2016 12:57:00 +0000 (13:57 +0100)]
Allow configuration file values to be quoted
If the value starts and ends with matching quote characters, those
characters are stripped automatically. Quote characters are the
single quote (') or double quote ("). The quote removal is done after
the whitespace trimming.
This is needed particularly in order that lxc.environment values may
have trailing spaces. However, the quote removal is done for all values
in the parse_line function, as it has non-const access to the value.
Signed-off-by: Stewart Brodie <stewart@metahusky.net>
Aron Podrigal [Sun, 1 May 2016 15:06:53 +0000 (11:06 -0400)]
Fixed - set PyErr when Container.__init__ fails
When container init failed for whatever reason, previously it resulted
in a `SystemError: NULL result without error in PyObject_Call`
This will now result in a RuntimeError with the error message
previously printed to stderr.
nicer date format and support for SOURCE_DATE_EPOCH in LXC_GENERATE_DATE
Using $(date) for LXC_GENERATE_DATE has various flaws:
* formating depends on the locale of the system we execute configure on
* the output is not really a date but more a timestamp
Let's use $(date --utc '+%Y-%m-%d') instead.
While at it, also support SOURCE_DATE_EPOCH [1] to make the build
reproducible
All uses of netlink_open() assume that on error the
nl_handler doesn't need to be closed, but some error cases
happen after the socket was opened successfully and used to
simply return -errno.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
A change in kernel 4.2 caused btrfs_recursive_destroy to
fail to delete unprivileged containers. This patch restores
the pre-kernel-4.2 behaviour. Ref: Issue 935.
lxc-busybox: Remove warning for dynamically linked Busybox
The warning has been present since commit 32b37181ea (with no purpose stated).
Support for dynamically linked Busybox has been added since commit bf6cc73696.
Haven't encountered any issues with dynamically linked Busybox in my last
2 years' testing.
open_without_symlink: Don't SYSERROR on something else than ELOOP
The open_without_symlink routine has been specifically created to prevent
mounts with synlinks as source or destination. Keep SYSERROR'ing in that
particular scenario, but leave error handling to calling functions for the
other ones - e.g. optional bind mount when the source dir doesn't exist
throws a nasty error.
Serge Hallyn [Thu, 25 Feb 2016 19:01:12 +0000 (11:01 -0800)]
cgfs: make sure we use valid cgroup mountpoints
If lxcfs starts before cgroup-lite, then the first cgroup mountpoints in
/proc/self/mountinfo are /run/lxcfs/*. Unprivileged users cannot access
these. So privileged containers are ok, and unprivileged containers are ok
since they won't cache those to begin with. But unprivileged root-owned
containers cache /run/lxcfs/* and then try to use them.
So when doing cgroup automounting check whether the mountpoints we have
stored are accessible, and if not look for a new one to use.
Ubuntu [Sat, 20 Feb 2016 02:25:55 +0000 (02:25 +0000)]
lxc: cgfs: handle lxcfs
When containers have lxcfs mounted instead of cgroupfs, we have to
process /proc/self/mountinfo a bit differently. In particular, we
should look for fuse.lxcfs fstype, we need to look elsewhere for the
list of comounted controllers, and the mount_prefix is not a cgroup path
which was bind mounted, so we should ignore it, and named subsystems
show up without the 'name=' prefix.
With this patchset I can start containers inside a privileged lxd
container with lxcfs mounted (i.e. without cgroup namespaces).
Serge Hallyn [Fri, 19 Feb 2016 22:12:47 +0000 (14:12 -0800)]
cgroups: do not fail if setting devices cgroup fails due to EPERM
If we're trying to allow a device which was denied to our parent
container, just continue.
Cgmanager does not help us to distinguish between eperm and other
errors, so just always continue.
We may want to consider actually computing the range of devices
to which the container monitor has access, but OTOH that introduces
a whole new set of complexity to compute access sets.
Serge Hallyn [Mon, 15 Feb 2016 20:15:10 +0000 (12:15 -0800)]
log.c:__lxc_log_set_file: fname cannot be null
fname cannot be passed in as NULL by any of its current callers. If it
could, then build_dir() would crash as it doesn't check for it. So make
sure we are warned if in the future we pass in NULL.
Some systems need to be able to bind-mount /run to /var/run
and /run/lock to /var/run/lock. (Tested with opensuse 13.1
containers migrated from openvz.)
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
lxc_setup_fs: Create /dev/shm folder if it doesn't exist
When running application containers with lxc-execute, /dev is
populated only with device entries. Since /dev is a tmpfs mount in
the container environment, the /dev/shm folder not being present is not
a sufficient reason for the /dev/shm mount to fail.
Create the /dev/shm directory if not present.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
open_without_symlink: Account when prefix is empty string
In the current implementation, the open_without_symlink function
will default to opening the root mount only if the passed rootfs
prefix is null. It doesn't account for the case where this prefix
is passed as an empty string.
Properly handle this second case as well.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Serge Hallyn [Tue, 12 Jan 2016 02:25:19 +0000 (18:25 -0800)]
Set the right variable to NULL when unsetting ipv6_gateway
We were freeing one and setting a different one to NULL, eventually
leading to a crash when closing the netdev (at container shutdown)
and freeing already-freed memory.
Peter Simons [Sat, 2 Jan 2016 16:53:07 +0000 (17:53 +0100)]
bash completion: the 'have' command was deprecated in favor of '_have'
`bash-completion` version 2.1 and later no longer include the `have` command,
and consequently the `lxc` competion file fails on such systems. The command is
now called `_have`.
Andre McCurdy [Fri, 11 Dec 2015 20:35:55 +0000 (12:35 -0800)]
lxc-checkconfig: remove zgrep dependency
zgrep is a script provided by the 'gzip' package, which may not be
installed on embedded systems etc which use busybox instead of the
standard full-featured utilities.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
projects / thirdparty / lxc.git / log
