[lxc-devel] The containers mini-summit at Linux Plumbers 2013 is now accepting talk proposals
Hey everyone, The Containers mini-summit at Linux Plumbers 2013 (Sep. 18-20, New Orleans, LA) is now accepting talk proposals. We currently have 150min (2.5h) of allocated time for the summit, so we'd prefer to have a bunch of very short talks rather than just a couple of longer talks. At the moment, we've put a few talks in the system to bootstrap the track: - On the road to LXC 1.0 (30min talk by Serge and I) - LXC and Android (15min talk by me) - User namespace work (30min session by Serge) - State of CRIU (Checkpoint Restart In Userspace) and integration with LXC (25min by the OpenVZ folks (if interested?) and Serge) That's 1h40 of scheduled talks, so we still have 50min to spare. We may also shorten some of the talks above if we get submerged by interesting proposals (I hear that getting a bigger time allocation at Plumbers while not impossible is rather unlikely...) I think the goal here is really to keep things short and interesting, leaving lengthy debates for the lobby or the bar after the mini-summit. If you're attending Plumbers 2013, please add your name on: http://wiki.linuxplumbersconf.org/2013:containers So we know you're there and can make sure you're included in any outside-the-summit discussions. If you want to present something, please head to: http://www.linuxplumbersconf.org/2013/ocw/events/LPC2013/proposals/new Make sure to add a note to your proposal with how much time you'd need. Please try to keep things short, shorter talks have higher chances of getting scheduled. Long discussion topics may be added to the wiki so we can remember to talk about this outside the mini-conference. Looking forward to seeing you at Plumbers! -- Stéphane Graber Ubuntu developer http://www.ubuntu.com signature.asc Description: Digital signature -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 1/1] userns: clear and save id_map
Otherwise (a) there is a memory leak when using user namespaces and
clearing a config, and (b) saving a container configuration file doesn't
maintain the userns mapping. For instance, if container c1 has
lxc.id_map configuration entries, then
python3
import lxc
c=lxc.Container("c1")
c.save_config("/tmp/config1")
should show 'lxc.id_map =' entries in /tmp/config1.
Reported-by: Dwight Engen
Signed-off-by: Serge Hallyn
---
src/lxc/conf.c| 13 +
src/lxc/confile.c | 6 ++
2 files changed, 19 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index dc521b5..21614d9 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
return 0;
}
+int lxc_clear_idmaps(struct lxc_conf *c)
+{
+ struct lxc_list *it, *next;
+
+ lxc_list_for_each_safe(it, &c->id_map, next) {
+ lxc_list_del(it);
+ free(it->elem);
+ free(it);
+ }
+ return 0;
+}
+
int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
{
struct lxc_list *it,*next;
@@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
lxc_clear_hooks(conf, "lxc.hook");
lxc_clear_mount_entries(conf);
lxc_clear_saved_nics(conf);
+ lxc_clear_idmaps(conf);
free(conf);
}
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a7db117..05370f0 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
}
lxc_list_for_each(it, &c->caps)
fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
+ lxc_list_for_each(it, &c->id_map) {
+ struct id_map *idmap = it->elem;
+ fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
+ idmap->type == ID_TYPE_UID ? 'u' : 'c', idmap->nsid,
+ idmap->hostid, idmap->range);
+ }
for (i=0; ihooks[i])
fprintf(fout, "lxc.hook.%s = %s\n",
--
1.8.3.2
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
Quoting Serge Hallyn (serge.hal...@ubuntu.com):
>
> Otherwise (a) there is a memory leak when using user namespaces and
> clearing a config, and (b) saving a container configuration file doesn't
> maintain the userns mapping. For instance, if container c1 has
> lxc.id_map configuration entries, then
>
> python3
> import lxc
> c=lxc.Container("c1")
> c.save_config("/tmp/config1")
>
> should show 'lxc.id_map =' entries in /tmp/config1.
>
> Reported-by: Dwight Engen
> Signed-off-by: Serge Hallyn
> ---
> src/lxc/conf.c| 13 +
> src/lxc/confile.c | 6 ++
> 2 files changed, 19 insertions(+)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index dc521b5..21614d9 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
> return 0;
> }
>
> +int lxc_clear_idmaps(struct lxc_conf *c)
> +{
> + struct lxc_list *it, *next;
> +
> + lxc_list_for_each_safe(it, &c->id_map, next) {
> + lxc_list_del(it);
> + free(it->elem);
> + free(it);
> + }
> + return 0;
> +}
> +
> int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
> {
> struct lxc_list *it,*next;
> @@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
> lxc_clear_hooks(conf, "lxc.hook");
> lxc_clear_mount_entries(conf);
> lxc_clear_saved_nics(conf);
> + lxc_clear_idmaps(conf);
> free(conf);
> }
> diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> index a7db117..05370f0 100644
> --- a/src/lxc/confile.c
> +++ b/src/lxc/confile.c
> @@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
> }
> lxc_list_for_each(it, &c->caps)
> fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
> + lxc_list_for_each(it, &c->id_map) {
> + struct id_map *idmap = it->elem;
> + fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
> + idmap->type == ID_TYPE_UID ? 'u' : 'c', idmap->nsid,
D'oh, that is supposed to be 'g' not 'c'.
If anyone has any comments beside that, please post. Else I will push
this and my two patches from friday "soonish".
> + idmap->hostid, idmap->range);
> + }
> for (i=0; i lxc_list_for_each(it, &c->hooks[i])
> fprintf(fout, "lxc.hook.%s = %s\n",
> --
> 1.8.3.2
>
>
> --
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> ___
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
On Mon, 15 Jul 2013 13:47:40 -0500
Serge Hallyn wrote:
>
> Otherwise (a) there is a memory leak when using user namespaces and
> clearing a config, and (b) saving a container configuration file
> doesn't maintain the userns mapping. For instance, if container c1
> has lxc.id_map configuration entries, then
>
> python3
> import lxc
> c=lxc.Container("c1")
> c.save_config("/tmp/config1")
>
> should show 'lxc.id_map =' entries in /tmp/config1.
>
> Reported-by: Dwight Engen
> Signed-off-by: Serge Hallyn
> ---
> src/lxc/conf.c| 13 +
> src/lxc/confile.c | 6 ++
> 2 files changed, 19 insertions(+)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index dc521b5..21614d9 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
> return 0;
> }
>
> +int lxc_clear_idmaps(struct lxc_conf *c)
> +{
> + struct lxc_list *it, *next;
> +
> + lxc_list_for_each_safe(it, &c->id_map, next) {
> + lxc_list_del(it);
> + free(it->elem);
> + free(it);
> + }
> + return 0;
> +}
> +
> int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
> {
> struct lxc_list *it,*next;
> @@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
> lxc_clear_hooks(conf, "lxc.hook");
> lxc_clear_mount_entries(conf);
> lxc_clear_saved_nics(conf);
> + lxc_clear_idmaps(conf);
> free(conf);
> }
> diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> index a7db117..05370f0 100644
> --- a/src/lxc/confile.c
> +++ b/src/lxc/confile.c
> @@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf
> *c) }
> lxc_list_for_each(it, &c->caps)
> fprintf(fout, "lxc.cap.drop = %s\n", (char
> *)it->elem);
> + lxc_list_for_each(it, &c->id_map) {
> + struct id_map *idmap = it->elem;
> + fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
> + idmap->type == ID_TYPE_UID ? 'u' : 'c',
> idmap->nsid,
> + idmap->hostid, idmap->range);
Hi Serge, I'm getting:
confile.c:1951:9: error: ‘struct id_map’ has no member named ‘type’
I think you wanted idmap->idtype :) With that change, it builds but I'm
getting a segfault when doing a lxc-clone -s -o ol64-01 -n ol64-02 (and
ol64-01 has lxc.id_map entries). Here is the gdb backtrace, I'll look
into it if you don't have time.
Starting program: /usr/bin/lxc-clone -s -o ol64-01 -n ol64-04
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Detaching after fork from child process 28359.
Detaching after fork from child process 28361.
Program received signal SIGSEGV, Segmentation fault.
0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, c=0x1b77400)
at confile.c:1950
1950confile.c: No such file or directory.
Missing separate debuginfos, use: debuginfo-install lxc-0.9.x-1.fc18.x86_64
(gdb) bt
#0 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, c=0x1b77400)
at confile.c:1950
#1 0x7f99e68a6c6b in lxcapi_save_config (c=0x1b764d0, alt_file=)
at lxccontainer.c:1214
#2 0x7f99e68a99b8 in lxcapi_clone (c=, newname=,
lxcpath=, flags=, bdevtype=0x0, bdevdata=0x0,
newsize=0, hookargs=0x0) at lxccontainer.c:1963
#3 0x00400d2f in main ()
> + }
> for (i=0; i lxc_list_for_each(it, &c->hooks[i])
> fprintf(fout, "lxc.hook.%s = %s\n",
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 15 Jul 2013 13:47:40 -0500
> Serge Hallyn wrote:
>
> >
> > Otherwise (a) there is a memory leak when using user namespaces and
> > clearing a config, and (b) saving a container configuration file
> > doesn't maintain the userns mapping. For instance, if container c1
> > has lxc.id_map configuration entries, then
> >
> > python3
> > import lxc
> > c=lxc.Container("c1")
> > c.save_config("/tmp/config1")
> >
> > should show 'lxc.id_map =' entries in /tmp/config1.
> >
> > Reported-by: Dwight Engen
> > Signed-off-by: Serge Hallyn
> > ---
> > src/lxc/conf.c| 13 +
> > src/lxc/confile.c | 6 ++
> > 2 files changed, 19 insertions(+)
> >
> > diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> > index dc521b5..21614d9 100644
> > --- a/src/lxc/conf.c
> > +++ b/src/lxc/conf.c
> > @@ -3123,6 +3123,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
> > return 0;
> > }
> >
> > +int lxc_clear_idmaps(struct lxc_conf *c)
> > +{
> > + struct lxc_list *it, *next;
> > +
> > + lxc_list_for_each_safe(it, &c->id_map, next) {
> > + lxc_list_del(it);
> > + free(it->elem);
> > + free(it);
> > + }
> > + return 0;
> > +}
> > +
> > int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
> > {
> > struct lxc_list *it,*next;
> > @@ -3226,5 +3238,6 @@ void lxc_conf_free(struct lxc_conf *conf)
> > lxc_clear_hooks(conf, "lxc.hook");
> > lxc_clear_mount_entries(conf);
> > lxc_clear_saved_nics(conf);
> > + lxc_clear_idmaps(conf);
> > free(conf);
> > }
> > diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> > index a7db117..05370f0 100644
> > --- a/src/lxc/confile.c
> > +++ b/src/lxc/confile.c
> > @@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf
> > *c) }
> > lxc_list_for_each(it, &c->caps)
> > fprintf(fout, "lxc.cap.drop = %s\n", (char
> > *)it->elem);
> > + lxc_list_for_each(it, &c->id_map) {
> > + struct id_map *idmap = it->elem;
> > + fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
> > + idmap->type == ID_TYPE_UID ? 'u' : 'c',
> > idmap->nsid,
> > + idmap->hostid, idmap->range);
>
> Hi Serge, I'm getting:
>
> confile.c:1951:9: error: ‘struct id_map’ has no member named ‘type’
>
> I think you wanted idmap->idtype :) With that change, it builds but I'm
Gah, I failed to scp before mailing.
> getting a segfault when doing a lxc-clone -s -o ol64-01 -n ol64-02 (and
> ol64-01 has lxc.id_map entries). Here is the gdb backtrace, I'll look
> into it if you don't have time.
That's because I needed 'g' instead of 'c' above.
With both of those fixed (which is what I'm running here) things seem
all right.
Sorry about all the goofs.
thanks,
-serge
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 1/1] userns: clear and save id_map (v2)
Otherwise (a) there is a memory leak when using user namespaces and
clearing a config, and (b) saving a container configuration file doesn't
maintain the userns mapping. For instance, if container c1 has
lxc.id_map configuration entries, then
python3
import lxc
c=lxc.Container("c1")
c.save_config("/tmp/config1")
should show 'lxc.id_map =' entries in /tmp/config1.
Changelog for v2:
1. fix incorrect saving of group types (s/'c'/'g')
2. fix typo -> idmap->type should be idmap->idtype
Reported-by: Dwight Engen
Signed-off-by: Serge Hallyn
---
src/lxc/conf.c| 13 +
src/lxc/confile.c | 6 ++
2 files changed, 19 insertions(+)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index a69c4f8..46320dd 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3079,6 +3079,18 @@ int lxc_clear_config_caps(struct lxc_conf *c)
return 0;
}
+int lxc_clear_idmaps(struct lxc_conf *c)
+{
+ struct lxc_list *it, *next;
+
+ lxc_list_for_each_safe(it, &c->id_map, next) {
+ lxc_list_del(it);
+ free(it->elem);
+ free(it);
+ }
+ return 0;
+}
+
int lxc_clear_cgroups(struct lxc_conf *c, const char *key)
{
struct lxc_list *it,*next;
@@ -3182,5 +3194,6 @@ void lxc_conf_free(struct lxc_conf *conf)
lxc_clear_hooks(conf, "lxc.hook");
lxc_clear_mount_entries(conf);
lxc_clear_saved_nics(conf);
+ lxc_clear_idmaps(conf);
free(conf);
}
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index a7db117..bb02e1c 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1945,6 +1945,12 @@ void write_config(FILE *fout, struct lxc_conf *c)
}
lxc_list_for_each(it, &c->caps)
fprintf(fout, "lxc.cap.drop = %s\n", (char *)it->elem);
+ lxc_list_for_each(it, &c->id_map) {
+ struct id_map *idmap = it->elem;
+ fprintf(fout, "lxc.id_map = %c %lu %lu %lu\n",
+ idmap->idtype == ID_TYPE_UID ? 'u' : 'g', idmap->nsid,
+ idmap->hostid, idmap->range);
+ }
for (i=0; ihooks[i])
fprintf(fout, "lxc.hook.%s = %s\n",
--
1.8.3.2
--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
Quoting Dwight Engen (dwight.en...@oracle.com): > Starting program: /usr/bin/lxc-clone -s -o ol64-01 -n ol64-04 > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > Detaching after fork from child process 28359. > Detaching after fork from child process 28361. > > Program received signal SIGSEGV, Segmentation fault. > 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, c=0x1b77400) > at confile.c:1950 > 1950 confile.c: No such file or directory. > Missing separate debuginfos, use: debuginfo-install lxc-0.9.x-1.fc18.x86_64 > (gdb) bt > #0 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, > c=0x1b77400) > at confile.c:1950 > #1 0x7f99e68a6c6b in lxcapi_save_config (c=0x1b764d0, > alt_file=) > at lxccontainer.c:1214 > #2 0x7f99e68a99b8 in lxcapi_clone (c=, newname= out>, > lxcpath=, flags=, bdevtype=0x0, > bdevdata=0x0, > newsize=0, hookargs=0x0) at lxccontainer.c:1963 > #3 0x00400d2f in main () Actually I think that looks a bit different from the segfault I was getting with my first version - please let me know if v2 still causes this for you. (I don't get it with non-snapped clones). The reason I needed this patch now was because with unprivileged lxc-create, the container config with id map gets saved and restored a few times during the course of container creation, so losing the id mapping was a blocker :) Hoping to send some fun patches soon. -serge -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
On Mon, 15 Jul 2013 16:45:36 -0500 Serge Hallyn wrote: > Quoting Dwight Engen (dwight.en...@oracle.com): > > Starting program: /usr/bin/lxc-clone -s -o ol64-01 -n ol64-04 > > [Thread debugging using libthread_db enabled] > > Using host libthread_db library "/lib64/libthread_db.so.1". > > Detaching after fork from child process 28359. > > Detaching after fork from child process 28361. > > > > Program received signal SIGSEGV, Segmentation fault. > > 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, > > c=0x1b77400) at confile.c:1950 > > 1950confile.c: No such file or directory. > > Missing separate debuginfos, use: debuginfo-install > > lxc-0.9.x-1.fc18.x86_64 (gdb) bt > > #0 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, > > c=0x1b77400) at confile.c:1950 > > #1 0x7f99e68a6c6b in lxcapi_save_config (c=0x1b764d0, > > alt_file=) at lxccontainer.c:1214 > > #2 0x7f99e68a99b8 in lxcapi_clone (c=, > > newname=, lxcpath=, flags= > out>, bdevtype=0x0, bdevdata=0x0, newsize=0, hookargs=0x0) at > > out>lxccontainer.c:1963 > > #3 0x00400d2f in main () > > Actually I think that looks a bit different from the segfault I was > getting with my first version - please let me know if v2 still > causes this for you. (I don't get it with non-snapped clones). v2 works fine for me with snapshoted clone, thanks! and Acked-by: Dwight Engen Tested-by: Dwight Engen I did notice something though: after the clone I ran uidmapshift -r to check the range of uid's in the cloned rootfs and there is one file that was out of range: it is the /etc/hostname that clone_update_rootfs() creates. For templates that already have this file, I think it will be fine but for those that don't the file will be created as the uid of the caller. I think maybe we should just call file_exists(path) before doing the fopen() in that flow, if you agree I can send a patch. > The reason I needed this patch now was because with unprivileged > lxc-create, the container config with id map gets saved and restored > a few times during the course of container creation, so losing the > id mapping was a blocker :) Yeah I guess that would be a necessary part :) > Hoping to send some fun patches soon. > > -serge -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 1/1] userns: clear and save id_map
Quoting Dwight Engen (dwight.en...@oracle.com): > On Mon, 15 Jul 2013 16:45:36 -0500 > Serge Hallyn wrote: > > > Quoting Dwight Engen (dwight.en...@oracle.com): > > > Starting program: /usr/bin/lxc-clone -s -o ol64-01 -n ol64-04 > > > [Thread debugging using libthread_db enabled] > > > Using host libthread_db library "/lib64/libthread_db.so.1". > > > Detaching after fork from child process 28359. > > > Detaching after fork from child process 28361. > > > > > > Program received signal SIGSEGV, Segmentation fault. > > > 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, > > > c=0x1b77400) at confile.c:1950 > > > 1950 confile.c: No such file or directory. > > > Missing separate debuginfos, use: debuginfo-install > > > lxc-0.9.x-1.fc18.x86_64 (gdb) bt > > > #0 0x7f99e689e08e in write_config (fout=fout@entry=0x1b79670, > > > c=0x1b77400) at confile.c:1950 > > > #1 0x7f99e68a6c6b in lxcapi_save_config (c=0x1b764d0, > > > alt_file=) at lxccontainer.c:1214 > > > #2 0x7f99e68a99b8 in lxcapi_clone (c=, > > > newname=, lxcpath=, flags= > > out>, bdevtype=0x0, bdevdata=0x0, newsize=0, hookargs=0x0) at > > > out>lxccontainer.c:1963 > > > #3 0x00400d2f in main () > > > > Actually I think that looks a bit different from the segfault I was > > getting with my first version - please let me know if v2 still > > causes this for you. (I don't get it with non-snapped clones). > > v2 works fine for me with snapshoted clone, thanks! and > > Acked-by: Dwight Engen > Tested-by: Dwight Engen Great, thanks. > I did notice something though: after the clone I ran uidmapshift -r to > check the range of uid's in the cloned rootfs and there is one file > that was out of range: it is the /etc/hostname that > clone_update_rootfs() creates. For templates that already have this > file, I think it will be fine but for those that don't the file will be > created as the uid of the caller. I think maybe we should just call > file_exists(path) before doing the fopen() in that flow, if you agree I > can send a patch. I think I follow but I'm not 100% sure: are you saying that /etc/hostname did not exist in your rootfs before the lxc-clone? Presumably then it doesn't need to exist, and you're suggesting we check whether it exists before updating? If so, that sounds good. Another option would be to run the clone_update_rootfs in a mapped userns, but it doesn't sound like this case warrants that - the files simply don't need to be updated. -serge -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
