KATOH Yasufumi | 30 Oct 12:31 2014
Picon

[PATCH] overlayfs: overlayfs.v22 or higher needs workdir option

This patch creates workdir as "olwork", and retry mount with workdir
option when mount is failed.
It is used to prepare files before atomically swithing with
destination, and needs to be on the same filesystem as upperdir. It's
OK for it to be empty.

Signed-off-by: KATOH Yasufumi <karma <at> jazz.email.ne.jp>
---
 src/lxc/bdev.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 89 insertions(+), 7 deletions(-)

diff --git a/src/lxc/bdev.c b/src/lxc/bdev.c
index 8a819ab..ae5c77c 100644
--- a/src/lxc/bdev.c
+++ b/src/lxc/bdev.c
 <at>  <at>  -2154,10 +2154,12  <at>  <at>  static int overlayfs_detect(const char *path)
 static int overlayfs_mount(struct bdev *bdev)
 {
 	char *options, *dup, *lower, *upper;
-	int len;
+	char *options_work, *work, *lastslash;
+	int lastslashidx;
+	int len, len2;
 	unsigned long mntflags;
 	char *mntdata;
-	int ret;
+	int ret, ret2;

 	if (strcmp(bdev->type, "overlayfs"))
 		return -22;
(Continue reading)

KATOH Yasufumi | 30 Oct 10:34 2014
Picon

lxc-clone outputs some logs

Hi,

After applying commit edf7734 "overlay and aufs clone_paths: be more
robust", clone was completed successfully but lxc-clone on unpriv env
is now output the following log:

  $ lxc-clone -o ct02 -n test -s -B overlayfs
  lxc_container: conf.c: chown_mapped_root: 3649 Error stat /home/karma/.local/share/lxc/test/delta0
  Created container test as snapshot of ct02
  lxc_container: lxccontainer.c: copy_file: 2303 copy destination
/home/karma/.local/share/lxc/test/lxc_rdepends exists
  Created container test as snapshot of ct02

Clone was completed successfully.

(on Plamo Linux 5.2, Kernel 3.14.4)

The above was just a quick report.

Thanks,
KATOH Yasufumi
_______________________________________________
lxc-devel mailing list
lxc-devel <at> lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
Johannes Kastl | 29 Oct 20:57 2014
Picon

[PATCH] Check for an existing "$localstatedir"/lock/subsys directory and create it, if it does not exist


Hi there,

after the action fallback (lxc-autostart-helper) landed in 1.0.6, the
only thing I had to change to make this running on openSUSE is to make
sure, that "$localstatedir"/lock/subsys exists. See my patch attached.

This patch is against 1.0.6, as I found no mention of the lock-things
in HEAD. Did I miss it? I see there are two files now, one for net and
one for containers, maybe it is no longer needed.

Also, I do not know it the permissions of the directory have to be set
to a different value.

Feel free to comment or critisize, I wont be angry. ;-)

Regards,
Johannes
--

-- 
If you put a large switch in some cave somewhere, with a sign on it
saying 'End-of-the-World Switch. PLEASE DO NOT TOUCH', the paint
wouldn't even have time to dry.
(Terry Pratchett)
_______________________________________________
lxc-devel mailing list
lxc-devel <at> lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
(Continue reading)

GitHub | 29 Oct 16:23 2014

[lxc/lxc] 62183f: attach: don't ignore sigint/sigkill if stdin is re...

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 62183f1af7f265b74a12297e0ab2f82f6a1f783e
      https://github.com/lxc/lxc/commit/62183f1af7f265b74a12297e0ab2f82f6a1f783e
  Author: Serge Hallyn <serge.hallyn@...>
  Date:   2014-10-29 (Wed, 29 Oct 2014)

  Changed paths:
    M src/lxc/attach.c

  Log Message:
  -----------
  attach: don't ignore sigint/sigkill if stdin is redirected

If attach is being done over passed-in fds, then we shouldn't
mess with the caller's signal table to ignore ctrl-c over the
fd.

Signed-off-by: Serge Hallyn <serge.hallyn@...>
Acked-by: Stéphane Graber <stgraber@...>

_______________________________________________
lxc-devel mailing list
lxc-devel <at> lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
Serge Hallyn | 29 Oct 16:03 2014

[PATCH] attach: don't ignore sigint/sigkill if stdin is redirected

If attach is being done over passed-in fds, then we shouldn't
mess with the caller's signal table to ignore ctrl-c over the
fd.

Signed-off-by: Serge Hallyn <serge.hallyn <at> ubuntu.com>
---
 src/lxc/attach.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 2318018..4010668 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
 <at>  <at>  -758,8 +758,10  <at>  <at>  int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun
 		}

 		/* ignore SIGKILL (CTRL-C) and SIGQUIT (CTRL-\) - issue #313 */
-		signal(SIGINT, SIG_IGN);
-		signal(SIGQUIT, SIG_IGN);
+		if (options->stdin_fd == 0) {
+			signal(SIGINT, SIG_IGN);
+			signal(SIGQUIT, SIG_IGN);
+		}

 		/* reap intermediate process */
 		ret = wait_for_pid(pid);
--

-- 
2.1.0

_______________________________________________
(Continue reading)

Luka Perkov | 29 Oct 09:25 2014
Picon

[PATCH] utils: remove unnecessary check of mystat.st_dev

The check is not needed and it breaks lxc-destroy when container is installed
on top of overlayfs. More information why this is a problem on overlayfs can be
found here:

https://kernel.googlesource.com/pub/scm/linux/kernel/git/mszeredi/vfs/+/overlayfs.current/Documentation/filesystems/overlayfs.txt

Signed-off-by: Luka Perkov <luka.perkov <at> sartura.hr>
---
 src/lxc/utils.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 34743dd..1551154 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
 <at>  <at>  -47,8 +47,8  <at>  <at> 

 lxc_log_define(lxc_utils, lxc);

-static int _recursive_rmdir_onedev(char *dirname, dev_t pdev,
-				   const char *exclude, int level)
+static int _recursive_rmdir_onedev(char *dirname, const char *exclude,
+				   int level)
 {
 	struct dirent dirent, *direntp;
 	DIR *dir;
 <at>  <at>  -108,10 +108,8  <at>  <at>  static int _recursive_rmdir_onedev(char *dirname, dev_t pdev,
 			failed=1;
 			continue;
 		}
(Continue reading)

Stéphane Graber | 28 Oct 15:56 2014

Download template images default password

Hello,

Just wanted to give a heads up to everyone that I'm now working on
changing all the download template generated images to stop shipping
with default user accounts and passwords.

That means that all the download images will now be much more similar.
No distro-specific user accounts and no root password (as in "!", not an
empty string). The post-create message will recommend using lxc-attach
or changing the password using chroot.

Expect the change to appear in the download images as they rebuild over
the next few days.

--

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
_______________________________________________
lxc-devel mailing list
lxc-devel <at> lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
GitHub | 27 Oct 22:44 2014

[lxc/lxc] 0080be: c/r: put lxc-restore-net in /usr/share

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 0080bebf3195a4a4f4868d89224e07658a1fccca
      https://github.com/lxc/lxc/commit/0080bebf3195a4a4f4868d89224e07658a1fccca
  Author: Tycho Andersen <tycho.andersen@...>
  Date:   2014-10-27 (Mon, 27 Oct 2014)

  Changed paths:
    M configure.ac
    M src/lxc/Makefile.am
    M src/lxc/lxccontainer.c

  Log Message:
  -----------
  c/r: put lxc-restore-net in /usr/share

On restore, we pass criu a script to manage the network interfaces (i.e. the
full path to lxc-restore-net), which we previously installed into
/var/lib/≤tuple>/lxc. However, this is also the directory that is the default
for use in mounting the rootfs locally before pivot_root()ing. So, we mounted
the rootfs and then happliy called criu, pointing it to this directory which
didn't have lxc-restore-net any more, it just had the container's rootfs.
Instead, we should put lxc-restore-net somewhere else, so that criu can still
see it after the rootfs is mounted.

Signed-off-by: Tycho Andersen <tycho.andersen@...>
Acked-by: Serge E. Hallyn <serge.hallyn@...>

  Commit: 6a0c909a375a75e005b2048b2d143320678e11b9
      https://github.com/lxc/lxc/commit/6a0c909a375a75e005b2048b2d143320678e11b9
(Continue reading)

Serge Hallyn | 27 Oct 15:23 2014

[PATCH 1/1] lxc_global_config_value: simplify the theme

Rather than try to free all the not-being-returned items at
each if clause where we assign one to return value, just NULL
the one we are returning so we can safely free all the
values.  This should fix the newly reported coverity memory
leak

Signed-off-by: Serge Hallyn <serge.hallyn <at> ubuntu.com>
---
 src/lxc/utils.c | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index b572982..34743dd 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
 <at>  <at>  -277,7 +277,14  <at>  <at>  const char *lxc_global_config_value(const char *option_name)
 #else
 	static const char *values[sizeof(options) / sizeof(options[0])] = { 0 };
 #endif
+
+	/* user_config_path is freed as soon as it is used */
 	char *user_config_path = NULL;
+
+	/*
+	 * The following variables are freed at bottom unconditionally.
+	 * So NULL the value if it is to be returned to the caller
+	 */
 	char *user_default_config_path = NULL;
 	char *user_lxc_path = NULL;
 	char *user_cgroup_pattern = NULL;
(Continue reading)

GitHub | 27 Oct 14:33 2014

[lxc/lxc] 145832: do_rootfs_setup: fix return bugs

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 145832ba8b1dfd0b53436e6b61ef112bbdd50c6c
      https://github.com/lxc/lxc/commit/145832ba8b1dfd0b53436e6b61ef112bbdd50c6c
  Author: Serge Hallyn <serge.hallyn@...>
  Date:   2014-10-26 (Sun, 26 Oct 2014)

  Changed paths:
    M src/lxc/conf.c

  Log Message:
  -----------
  do_rootfs_setup: fix return bugs

Fix return value on bind mount failure.

If we've already mounted the rootfs, exit after the bind mount
rather than re-trying the rootfs mount.  The only case where
this happens is when root is starting a container in a user
namespace and with a block device backing store.

In that case, pre-mount hooks will be executed in the initial
user namespace.  That may be worth fixing.  Or it may be what
we want.  We should think about it and fix it.

Signed-off-by: Serge Hallyn <serge.hallyn@...>

  Commit: bf1e86368272a7c342ad1eea6d61ac3694e182bf
      https://github.com/lxc/lxc/commit/bf1e86368272a7c342ad1eea6d61ac3694e182bf
  Author: Dark Templar <dark_templar@...>
(Continue reading)

Serge Hallyn | 27 Oct 04:08 2014

[PATCH 1/1] do_rootfs_setup: fix return bugs

Fix return value on bind mount failure.

If we've already mounted the rootfs, exit after the bind mount
rather than re-trying the rootfs mount.  The only case where
this happens is when root is starting a container in a user
namespace and with a block device backing store.

In that case, pre-mount hooks will be executed in the initial
user namespace.  That may be worth fixing.  Or it may be what
we want.  We should think about it and fix it.

Signed-off-by: Serge Hallyn <serge.hallyn <at> ubuntu.com>
---
 src/lxc/conf.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 9ba18fe..dc790a3 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
 <at>  <at>  -3984,8 +3984,9  <at>  <at>  int do_rootfs_setup(struct lxc_conf *conf, const char *name, const char *lxcpath
 		const char *path = conf->rootfs.mount;
 		if (mount(path, path, "rootfs", MS_BIND, NULL) < 0) {
 			ERROR("Failed to bind-mount container / onto itself");
-			return false;
+			return -1;
 		}
+		return 0;
 	}

(Continue reading)


Gmane