git.ipfire.org Git - thirdparty/lxc.git/log

]> git.ipfire.org Git - thirdparty/lxc.git/log

projects / thirdparty / lxc.git / log

commit | commitdiff | tree

Stéphane Graber [Mon, 30 May 2022 19:59:58 +0000 (15:59 -0400)]

meson: More flexible doc handling

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Mon, 30 May 2022 19:33:33 +0000 (15:33 -0400)]

meson: Simplify if statements

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sat, 28 May 2022 06:27:12 +0000 (08:27 +0200)]

Merge pull request #4124 from stgraber/master

More meson work

commit | commitdiff | tree

Stéphane Graber [Sat, 28 May 2022 01:40:30 +0000 (21:40 -0400)]

meson: Add manpages

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 27 May 2022 23:56:05 +0000 (19:56 -0400)]

meson: Only build tools when requested

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 27 May 2022 23:54:40 +0000 (19:54 -0400)]

meson: Add tools option

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 27 May 2022 23:49:23 +0000 (19:49 -0400)]

meson: Re-shuffle PAM

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 27 May 2022 23:00:34 +0000 (19:00 -0400)]

meson_options: Move entries around

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Tue, 24 May 2022 14:26:38 +0000 (10:26 -0400)]

Merge pull request #4120 from brauner/2022-05-18.meson.pam

build: add pam_cgfs to meson

commit | commitdiff | tree

Christian Brauner [Sat, 21 May 2022 07:23:57 +0000 (09:23 +0200)]

Merge pull request #4121 from sitano/ivan_fix_pidfds_loglvl

lxc_can_use_pidfd: don't log error if pidfds not supported, trace

commit | commitdiff | tree

Ivan Prisyazhnyy [Fri, 20 May 2022 14:07:14 +0000 (16:07 +0200)]

lxc_can_use_pidfd: don't log error if pidfds not supported, trace

Signed-off-by: Ivan Prisyazhnyy <john.koepi@gmail.com>

commit | commitdiff | tree

Christian Brauner [Wed, 18 May 2022 15:51:10 +0000 (17:51 +0200)]

pam: fix compiler warnings

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Wed, 18 May 2022 15:47:51 +0000 (17:47 +0200)]

build: add pam_cgfs to meson

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 15 May 2022 20:58:16 +0000 (16:58 -0400)]

Merge pull request #4115 from terceiro/rename-completion

bash: rename main bash completion file

commit | commitdiff | tree

Christian Brauner [Thu, 12 May 2022 22:13:59 +0000 (00:13 +0200)]

Merge pull request #4117 from stgraber/master

More meson coverage

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 16:57:17 +0000 (18:57 +0200)]

meson: Add remaining scripts

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 16:56:56 +0000 (18:56 +0200)]

meson: Re-organize dir variables

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 16:48:46 +0000 (18:48 +0200)]

meson: Add init helper scripts

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 14:16:36 +0000 (16:16 +0200)]

meson: Add common configs

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 14:06:23 +0000 (16:06 +0200)]

meson: Add SELinux configs

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 12 May 2022 13:58:36 +0000 (15:58 +0200)]

meson: Add global config

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Antonio Terceiro [Wed, 11 May 2022 19:49:35 +0000 (16:49 -0300)]

bash: rename main bash completion file

Since the `lxc` binary is actually provided by lxd, the main
bash-completion file needs to be moved away to not conflict with a bash
completion file provided for the `lxc` binary by lxd.

Signed-off-by: Antonio Terceiro <terceiro@debian.org>

commit | commitdiff | tree

Christian Brauner [Sat, 7 May 2022 22:06:52 +0000 (00:06 +0200)]

Merge pull request #4113 from stgraber/master

More meson tweaks

commit | commitdiff | tree

Stéphane Graber [Fri, 6 May 2022 20:25:59 +0000 (22:25 +0200)]

meson: Add doc examples

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 6 May 2022 20:25:42 +0000 (22:25 +0200)]

meson: Rework options

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 2 May 2022 14:34:14 +0000 (07:34 -0700)]

Merge pull request #4110 from stgraber/master

More meson fixes

commit | commitdiff | tree

Stéphane Graber [Mon, 2 May 2022 12:21:46 +0000 (14:21 +0200)]

meson: Use dependencies for pkgconfig

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Mon, 2 May 2022 12:21:32 +0000 (14:21 +0200)]

meson: Bump minimal version

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 22:00:51 +0000 (00:00 +0200)]

meson: Simplify pc handling

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 1 May 2022 13:20:55 +0000 (06:20 -0700)]

Merge pull request #4109 from stgraber/master

More meson fixes

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 10:21:46 +0000 (12:21 +0200)]

meson: Add bash completion

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 10:04:57 +0000 (12:04 +0200)]

meson: Include the /var paths

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 09:59:54 +0000 (11:59 +0200)]

meson: Include rootfs dir

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 09:49:45 +0000 (11:49 +0200)]

meson: Setup pkgconfig

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:52:02 +0000 (10:52 +0200)]

meson: Include headers

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:24:03 +0000 (10:24 +0200)]

meson: Fix hook install locations

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:22:05 +0000 (10:22 +0200)]

meson: Fix library version

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:21:50 +0000 (10:21 +0200)]

meson: Add lxc-attach

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:21:33 +0000 (10:21 +0200)]

meson: Fix internal binaries

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:21:08 +0000 (10:21 +0200)]

meson: Fix template installation location

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 1 May 2022 08:03:21 +0000 (10:03 +0200)]

meson: Get test binaries to match autotools

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Fri, 29 Apr 2022 07:51:29 +0000 (09:51 +0200)]

Merge pull request #4108 from stgraber/master

Meson improvements

commit | commitdiff | tree

Stéphane Graber [Fri, 29 Apr 2022 03:12:30 +0000 (23:12 -0400)]

Update MAINTAINERS file

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 29 Apr 2022 02:35:21 +0000 (22:35 -0400)]

meson: Fix unix epoch

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 29 Apr 2022 02:32:56 +0000 (22:32 -0400)]

meson: Update run_command calls

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 29 Apr 2022 02:19:03 +0000 (22:19 -0400)]

meson: Install the test binaries

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 29 Apr 2022 01:21:09 +0000 (21:21 -0400)]

meson: Cleanup build configs

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 28 Apr 2022 21:55:11 +0000 (17:55 -0400)]

meson: Remove non-existent tests

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Sun, 3 Apr 2022 00:33:25 +0000 (20:33 -0400)]

Merge pull request #4101 from memnoth/fix-fail-exec-dnsmasq

lxc-net.in: fix failure executing dnsmasq

commit | commitdiff | tree

Leesoo Ahn [Sat, 2 Apr 2022 11:23:21 +0000 (20:23 +0900)]

lxc-net.in: fix failure executing dnsmasq

Failure executing dnsmasq happens if misc dir is not existed as the
following error messages.

localhost.localdomain systemd[1]: Starting LXC network bridge setup...
localhost.localdomain lxc-net[5754]: dnsmasq: cannot open or create lease file /usr/local/var/lib/misc/dnsmasq.lxcbr0.leases: No such file or directory
localhost.localdomain dnsmasq[5754]: cannot open or create lease file /usr/local/var/lib/misc/dnsmasq.lxcbr0.leases: No such file or directory
localhost.localdomain dnsmasq[5754]: FAILED to start up
localhost.localdomain lxc-net[5727]: Failed to setup lxc-net.
localhost.localdomain lxc-net[5727]: Failed to setup lxc-net.
localhost.localdomain systemd[1]: lxc-net.service: Main process exited, code=exited, status=1/FAILURE
localhost.localdomain systemd[1]: lxc-net.service: Failed with result 'exit-code'.
localhost.localdomain systemd[1]: Failed to start LXC network bridge setup.

Modify 'lxc-net' script to call 'mkdir -p' command if the directory is not
existed before executing dnsmasq daemon.

Signed-off-by: Leesoo Ahn <lsahn@ooseel.net>

commit | commitdiff | tree

Stéphane Graber [Wed, 30 Mar 2022 15:40:16 +0000 (11:40 -0400)]

Merge pull request #4099 from corubba/feature/stop-order

tools: lxc-autostart: Reverse order on stop

commit | commitdiff | tree

corubba [Sun, 27 Mar 2022 00:36:20 +0000 (01:36 +0100)]

tools: lxc-autostart: Reverse order on stop

As it was already discussed in lxc/lxd#2082, containers should be
stopped in the opposite order they are started in. LXD does so already,
lxc should do the same.

Signed-off-by: Corubba Smith <corubba@gmx.de>

commit | commitdiff | tree

Christian Brauner [Sat, 26 Mar 2022 16:40:02 +0000 (17:40 +0100)]

Merge pull request #4098 from memnoth/mnth/fastpath-mkdir_p

utils: add fastpath routine on mkdir_p function

commit | commitdiff | tree

Leesoo Ahn [Sat, 26 Mar 2022 12:09:05 +0000 (21:09 +0900)]

utils: add fastpath routine on mkdir_p function

Call 'access' to examine whether 'dir' is already existed or not instead
of directly calling 'mkdir' on each dir name separated by slash '/' even though
'dir' is existed.

Signed-off-by: Leesoo Ahn <lsahn@ooseel.net>

commit | commitdiff | tree

Stéphane Graber [Wed, 23 Mar 2022 16:57:19 +0000 (12:57 -0400)]

Merge pull request #4096 from brauner/2022-03-22.meson

build: add more tests to meson

commit | commitdiff | tree

Christian Brauner [Wed, 23 Mar 2022 15:11:00 +0000 (16:11 +0100)]

build: add more tests to meson

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Wed, 23 Mar 2022 15:10:48 +0000 (16:10 +0100)]

tests: fix include statements

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Tue, 22 Mar 2022 13:40:44 +0000 (09:40 -0400)]

Merge pull request #4095 from brauner/2022-03-22.meson

build: add tests to meson

commit | commitdiff | tree

Christian Brauner (Microsoft) [Tue, 22 Mar 2022 07:48:43 +0000 (08:48 +0100)]

build: add tests to meson

Signed-off-by: Christian Brauner (Microsoft) <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Wed, 9 Mar 2022 16:14:05 +0000 (17:14 +0100)]

Merge pull request #4091 from JamiKettunen/non-modular-kernels

lxc-checkconfig: Only check probed modules if /proc/modules exists

commit | commitdiff | tree

Jami Kettunen [Tue, 8 Mar 2022 10:20:33 +0000 (12:20 +0200)]

lxc-checkconfig: Only check probed modules if /proc/modules exists

Kernels can be built with CONFIG_MODULES=n which results in
is_probed() telling the module isn't probed and lsmod spamming the
following to stderr each time it's called:

libkmod: kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory
Error: could not get list of modules: No such file or directory

Fix this by "stubbing" is_probed() when /proc/modules doesn't exist
as it's always called after a is_enabled() anyway.

Signed-off-by: Jami Kettunen <jami.kettunen@protonmail.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 24 Feb 2022 16:32:30 +0000 (11:32 -0500)]

Merge pull request #4090 from brauner/2022-02-22.fixes.4

cgroups: modify cgroup2 attach logic

commit | commitdiff | tree

Christian Brauner [Wed, 23 Feb 2022 14:40:20 +0000 (15:40 +0100)]

cgroups: modify cgroup2 attach logic

Recent kernels have seen various permission checking fixes when moving
processes into cgroups. So we're forced to modify how we attach to
containers.

Link: https://discuss.linuxcontainers.org/t/lxd-4-23-unable-to-start-nested-containers
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Tue, 22 Feb 2022 15:52:37 +0000 (10:52 -0500)]

Merge pull request #4089 from brauner/2022-02-22.fixes

ttys: ensure container_ttys= env variable is set correctly

commit | commitdiff | tree

Christian Brauner [Tue, 22 Feb 2022 11:17:23 +0000 (12:17 +0100)]

ttys: ensure container_ttys= env variable is set correctly

Fixes: #4088
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Mon, 21 Feb 2022 13:32:10 +0000 (14:32 +0100)]

Merge pull request #4087 from tenforward/japanese

doc: Fix reverse allowlist/denylist in Japanese man page

commit | commitdiff | tree

KATOH Yasufumi [Mon, 21 Feb 2022 13:17:36 +0000 (22:17 +0900)]

doc: Fix reverse allowlist/denylist in Japanese man page

Update for commit 2965130c45124a01f017144512c39fc39fa8717c

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

commit | commitdiff | tree

Stéphane Graber [Sun, 20 Feb 2022 19:53:07 +0000 (14:53 -0500)]

Merge pull request #4085 from brauner/2022-02-20.cgroup.fixes

cgroups: fixes

commit | commitdiff | tree

Christian Brauner [Sun, 20 Feb 2022 14:51:13 +0000 (15:51 +0100)]

cgroups: log fd of newly created cgroup

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Sun, 20 Feb 2022 14:47:28 +0000 (15:47 +0100)]

cgroups: check that opened file descriptor is a cgroup filesystem

Link: https://discuss.linuxcontainers.org/t/lxd-4-23-unable-to-start-nested-containers/13416
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 3 Feb 2022 06:08:40 +0000 (07:08 +0100)]

Merge pull request #4078 from stgraber/master

lxc-checkconfig: Fix bashism

commit | commitdiff | tree

Stéphane Graber [Thu, 3 Feb 2022 02:28:55 +0000 (21:28 -0500)]

doc: Fix reverse allowlist/denylist

Reported at: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1957934
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 3 Feb 2022 02:11:09 +0000 (21:11 -0500)]

lxc-checkconfig: Fix bashism

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Wed, 2 Feb 2022 18:35:09 +0000 (13:35 -0500)]

Merge pull request #4077 from terceiro/lxc-net-on-lxc

lxc-net: don't start by default inside lxc

commit | commitdiff | tree

Antonio Terceiro [Wed, 2 Feb 2022 18:11:02 +0000 (15:11 -0300)]

lxc-net: don't start by default inside lxc

When lxc is installed inside an lxc container, trying to bring up
lxc-net with the default parameters will conflict with the networking
setup for lxc on the host. This breaks all networking inside the
container where lxc is installed.

Signed-off-by: Antonio Terceiro <terceiro@debian.org>

commit | commitdiff | tree

Stéphane Graber [Fri, 21 Jan 2022 12:47:07 +0000 (07:47 -0500)]

Merge pull request #4069 from brauner/2021-01-21.fixes

lxccontainer: allow xdev when creating the container dir

commit | commitdiff | tree

Christian Brauner [Fri, 21 Jan 2022 08:44:01 +0000 (09:44 +0100)]

lxccontainer: allow xdev when creating the container dir

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 17:06:53 +0000 (18:06 +0100)]

Merge pull request #4065 from stgraber/master

github: Clear default ACL on /home

commit | commitdiff | tree

Stéphane Graber [Thu, 20 Jan 2022 16:05:19 +0000 (11:05 -0500)]

github: Clear default ACL on /home

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Thu, 20 Jan 2022 13:43:50 +0000 (08:43 -0500)]

Merge pull request #4066 from brauner/2022-01-18.fixes.2

conf, lxccontainer, build: fixes

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 11:35:06 +0000 (12:35 +0100)]

github: add systemd-coredump

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 11:33:57 +0000 (12:33 +0100)]

github: more detailed compilation instructions

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 11:23:35 +0000 (12:23 +0100)]

github: log system info

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 09:34:02 +0000 (10:34 +0100)]

github: ensure system liblxc is wiped

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 09:14:13 +0000 (10:14 +0100)]

lxccontainer: properly wrap lxcapi_create()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 08:57:21 +0000 (09:57 +0100)]

build: simplify thread local storage handling

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Thu, 20 Jan 2022 08:42:28 +0000 (09:42 +0100)]

build: only enable LTO for regular builds

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 17:44:37 +0000 (18:44 +0100)]

lxccontainer: simplify partial file creation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 16:48:29 +0000 (17:48 +0100)]

lxccontainer: improve create_partial()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 16:25:07 +0000 (17:25 +0100)]

lxccontainer: improve do_lxcapi_create()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 15:57:47 +0000 (16:57 +0100)]

lxccontainer: improve do_lxcapi_save_config()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 15:26:58 +0000 (16:26 +0100)]

conf: log termination status

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 15:14:13 +0000 (16:14 +0100)]

conf: improve userns_exec_mapped_root()

As we do in all other places, first drop groups, then use
setres{g,u}id().

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Tue, 18 Jan 2022 15:00:27 +0000 (10:00 -0500)]

Merge pull request #4063 from simondeziel/gnupg

github: stop installing gnupg now that it's unused

commit | commitdiff | tree

Simon Deziel [Tue, 18 Jan 2022 14:53:45 +0000 (09:53 -0500)]

github: stop installing gnupg now that it's unused

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>

commit | commitdiff | tree

Christian Brauner [Tue, 18 Jan 2022 14:24:41 +0000 (15:24 +0100)]

Merge pull request #4062 from stgraber/master

lxc-download: Rely on HTTPS only

commit | commitdiff | tree

Stéphane Graber [Tue, 18 Jan 2022 02:15:53 +0000 (21:15 -0500)]

lxc-download: Rely on HTTPS only

GPG has been a major source of issues over the years with various
attacks on the key network as well as client side issues making it hard
to retrieve our keys.

Back when we introduced the image server, SSL certificates were still
expensive and annoying to setup, so not something we'd have expected
potential mirrors to setup for us. They were also issued for multiple
years, making a compromise of such a certificate quite problematic.

But things have changed since, we now have completely free, very easily
deployable SSL certificates everywhere with the majority of those being
shortlived and with good reporting of issued certificates.

With that, we can now deprecate the GPG validation, disable the fallback
to non-HTTPS download and rely on our indices being accurate because
they've been downloaded from a server with a valid certificate.

This puts LXC more in line with what LXD has done since the beginning
and should offer a more reliable user experience.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

commit | commitdiff | tree

Stéphane Graber [Fri, 14 Jan 2022 23:03:58 +0000 (18:03 -0500)]

Merge pull request #4058 from brauner/2022-01-13.fixes

cgroups: improvements

commit | commitdiff | tree

Stéphane Graber [Fri, 14 Jan 2022 16:30:18 +0000 (11:30 -0500)]

Merge pull request #4059 from DevinNorgarb/patch-1

Update README.md: Fix broken link (403 Forbidden)

commit | commitdiff | tree

Devin Norgarb [Fri, 14 Jan 2022 16:04:16 +0000 (18:04 +0200)]

Update README.md: Fix broken link (403 Forbidden)

Signed-off-by: Devin Norgarb dnorgarb@gmail.com

Mirror of https://github.com/lxc/lxc.git

RSS Atom