[lxc-devel] [GIT] lxc branch, master, updated. 305bc646f5a579fb258a66dd34f4d9488d0d08fe
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "lxc".
The branch, master has been updated
via 305bc646f5a579fb258a66dd34f4d9488d0d08fe (commit)
via 2b30b861579107f638d0c5b6ce22dbedf99fa4b7 (commit)
via 7adff31cbb521d52c31a3e6e2447db8bcd8e3784 (commit)
via 91480a0f0a62732f3115d556b689d62d574294ae (commit)
via 563f2f2ccd2891661836c96f92f047a735355c1b (commit)
via 3bdf52d753ecf347b3b5cbff97675032f2de3e5e (commit)
via e0f888d910c2680acf6267391f88ab75ef66771f (commit)
from f78a1f32f41f6acbbf0b78e6498736dbd22e2301 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -
commit 305bc646f5a579fb258a66dd34f4d9488d0d08fe
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
Fail gracefully with attach
Fail when we try to attach to an non existing container
Signed-off-by: Daniel Lezcano
commit 2b30b861579107f638d0c5b6ce22dbedf99fa4b7
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
change to the same directory when attaching
This patch will try to change the default "/" directory to the
directory we were before attaching. In order to work correctly,
the path has to exist in the container, that makes sense with a
shared file system without rootfs.
Signed-off-by: Daniel Lezcano
commit 7adff31cbb521d52c31a3e6e2447db8bcd8e3784
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
fork/exec after attach
The command to attach has to be fork/exec.
Signed-off-by: Daniel Lezcano
commit 91480a0f0a62732f3115d556b689d62d574294ae
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
restart the container at reboot
When the reboot is detected, reboot the container.
That needs to set all file descriptor opened by lxc-start
to be flagged with the close-on-exec flag, otherwise when
re-execing ourself, we inherit our own fd.
Signed-off-by: Daniel Lezcano
commit 563f2f2ccd2891661836c96f92f047a735355c1b
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
shutdown the container when powering off the container
This patch allows to shutdown the container when the system
is powered off in the container.
Signed-off-by: Daniel Lezcano
commit 3bdf52d753ecf347b3b5cbff97675032f2de3e5e
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
Store the container name in the handler
Store the container in the handler, so it is accessible
everywhere.
Signed-off-by: Daniel Lezcano
commit e0f888d910c2680acf6267391f88ab75ef66771f
Author: Daniel Lezcano
Date: Thu Apr 8 09:44:23 2010 +0200
count the number of tasks in the container
This patch adds a function to count the number of tasks in the
container. The result is not reliable as it may change with a fork
or an exit, but in some cases, for example, there is only one task, or
the container is frozen, the result is accurate.
Signed-off-by: Daniel Lezcano
---
Summary of changes:
src/lxc/Makefile.am |6 +-
src/lxc/cgroup.c | 27 +++
src/lxc/cgroup.h |2 +-
src/lxc/commands.c|7 ++
src/lxc/conf.c|6 --
src/lxc/conf.h|1 +
src/lxc/confile.c | 30 ++--
src/lxc/lxc.h |3 +-
src/lxc/lxc_attach.c | 78 -
src/lxc/lxc_start.c | 19 --
src/lxc/mainloop.c|6 ++
src/lxc/start.c | 26 ++-
src/lxc/start.h |1 +
src/lxc/utmp.c| 157 +
src/lxc/{version.c => utmp.h} |9 +--
15 files changed, 331 insertions(+), 47 deletions(-)
create mode 100644 src/lxc/utmp.c
copy src/lxc/{version.c => utmp.h} (86%)
hooks/post-receive
--
lxc
--
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] detecting reboot/halt...
I come across a series of patches to implement reboot/halt of a container. Patches were discussed before, but I had no time to look at that stuff in more detail... The problem. The current detection is based on the content of container's /var/run/utmp. This is goood provided the container actually touches that file, but this is not true for "single-application" containers, i.e. the ones without full init.d system. There are only two reliable ways to get this to work: it's either catching sys_reboot() (for which kernel support/changes is needed), or replacing poweroff or halt (or introducing a separate utility) which will notify the parent process about the event in some way (sending signal, connecting to a socket, writing something to a pipe and the like). I remember something of that sort were proposed too, but I can't find the details now. Are there some patches or git branch with that stuff? Thanks! /mjt -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] detecting reboot/halt...
08.04.2010 11:56, Michael Tokarev wrote: [] > The problem. The current detection is based on the > content of container's /var/run/utmp. This is goood > provided the container actually touches that file, > but this is not true for "single-application" > containers, i.e. the ones without full init.d > system. And one more problem: this does not work if the container mounts a separate tmpfs on top of /var/run (which is quite typical nowadays). (Sure it can be mounted from the outside too, in which case the detection will work, but the point is that this detection is quite fragile). /mjt -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH] Unshare user namespace as well
Unshare user namespace to make sure setrlimit and other per-user limits are
accounted properly in containers
Signed-off-by: Mikhail Gusarov
---
src/lxc/start.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 3b5023c..f1ae2fa 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -450,7 +450,7 @@ int lxc_spawn(const char *name, struct lxc_handler
*handler, char *const argv[])
return -1;
}
- clone_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS;
+ clone_flags =
CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS|CLONE_NEWUSER;
if (!lxc_list_empty(&handler->conf->network)) {
clone_flags |= CLONE_NEWNET;
--
1.7.0
--
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] detecting reboot/halt...
Michael Tokarev wrote: > I come across a series of patches to implement > reboot/halt of a container. Patches were discussed > before, but I had no time to look at that stuff in > more detail... > The problem. The current detection is based on the > content of container's /var/run/utmp. This is goood > provided the container actually touches that file, > but this is not true for "single-application" > containers, i.e. the ones without full init.d > system. Mmmh, yes that's something I thought about but I assumed an application container will not do 'shutdown' or/and run as root. But maybe I missed one kind of application, do you have in mind a particular one ? > There are only two reliable ways to get this to work: > it's either catching sys_reboot() (for which kernel > support/changes is needed), or replacing poweroff or > halt (or introducing a separate utility) which will > notify the parent process about the event in some > way (sending signal, connecting to a socket, writing > something to a pipe and the like). The first solution (catch at the kernel level) is a better solution covering all the cases. Adding extra utilities is not easy to manage because of the OS update and package dependencies. > I remember something of that sort were proposed > too, but I can't find the details now. Are there > some patches or git branch with that stuff? Yep, I did a quick hack in sys_reboot sending a SIGPWR to the parent of the pid namespace when this one is not the init_pid_ns, but I didn't had time to propose/send an acceptable version and argue for it on lkml@/contain...@. Furthermore, before sending a patch to the kernel, we have to be sure this problem can't be solved from userspace first. Thanks -- Daniel -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] detecting reboot/halt...
Michael Tokarev wrote: > 08.04.2010 11:56, Michael Tokarev wrote: > [] >> The problem. The current detection is based on the >> content of container's /var/run/utmp. This is goood >> provided the container actually touches that file, >> but this is not true for "single-application" >> containers, i.e. the ones without full init.d >> system. > > And one more problem: this does not work if the container > mounts a separate tmpfs on top of /var/run (which is > quite typical nowadays). (Sure it can be mounted from > the outside too, in which case the detection will work, > but the point is that this detection is quite fragile). That's correct. Good point. Let's assume the current shutdown/reboot handling code is a transient code solving a part of the problem and let's move this discussion to the containers@ mailing list, and add the missing feature in the kernel. -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] detecting reboot/halt...
Twas brillig at 10:38:05 08.04.2010 UTC+02 when dlezc...@fr.ibm.com did gyre and gimble: DL> Yep, I did a quick hack in sys_reboot sending a SIGPWR to the DL> parent of the pid namespace when this one is not the init_pid_ns, DL> but I didn't had time to propose/send an acceptable version and DL> argue for it on lkml@/contain...@. Furthermore, before sending a DL> patch to the kernel, we have to be sure this problem can't be DL> solved from userspace first. It should be possible to preload library that intercepts sys_reboot in init. Though it will work only for dynamically-linked init. Proper solution is patching the kernel, unless there is a way to reliably intercept syscalls somehow. -- http://fossarchy.blogspot.com/ pgpzQdCkC9JSU.pgp Description: PGP signature -- Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH] Unshare user namespace as well
Mikhail Gusarov wrote:
> Unshare user namespace to make sure setrlimit and other per-user limits are
> accounted properly in containers
>
> Signed-off-by: Mikhail Gusarov
> ---
> src/lxc/start.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index 3b5023c..f1ae2fa 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -450,7 +450,7 @@ int lxc_spawn(const char *name, struct lxc_handler
> *handler, char *const argv[])
> return -1;
> }
>
> - clone_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS;
> + clone_flags =
> CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS|CLONE_NEWUSER;
> if (!lxc_list_empty(&handler->conf->network)) {
>
> clone_flags |= CLONE_NEWNET;
Thanks Mikhail for the patch. I will apply it.
--
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
