On Thu, 2010-05-13 at 14:22 +0200, Ferenc Wagner wrote:
> I'd say we should setpgrp the container init, forward all signals we
> can to it, and have a configuration option for the set of signals
> which
> should be forwarded to the full process group of the container init.
> Or does it make sense t
On Thu, 2010-06-10 at 21:53 +0200, Daniel Lezcano wrote:
> > + if (setpgid(handler->pid, 0)) {
> > + SYSERROR("failed to create new process group");
> > + goto out_delete_net;
> > + }
> > + DEBUG("created new process group %d", handler->pid);
> > + ctty = ope
On Fri, 2010-06-11 at 14:26 -0700, Matt Helsley wrote:
> I think shells implementing job control do it in the parent (shell)
> rather than the child (job) purely out of convention. It might be good
They usually do it in both the parent and child.
> to follow a similar convention even if lxc is n
On Thu, 2010-07-01 at 10:58 -0500, Serge E. Hallyn wrote:
> 3. instead of keeping caps in pP and raising in pE when needed,
> a more privilege-separated approach could be used, where you
> have small privileged helpers which are called by the unprivileged
> main program. In this case, lxc-start wo
On 02/22/2011 12:47 PM, Maheswara Reddy C - ERS, HCL Tech wrote:
> Hi,
> Shall I program this way to create 10 namespaces, with each namespace run 2
> different processes or any better way.
>
> #include
> #include
> #include
>
> int main(int argc, char *argv[])
> {
>
> for(i=0;i<10;i++)
>
The default appender for logs is currently the file one: this
make macros from log.h unusable as long as lxc_log_init() hasn't
been called. This prevents errors from even being printed on
stderr in lxc_caps_init() for example.
Let's make stderr the default appender.
Signed-off-by:
On Fri, 2011-04-15 at 10:00 -0500, Rob Landley wrote:
> On 04/13/2011 12:49 PM, Francois-Xavier Bourlet wrote:
> > Hi,
> >
> > Here's a patch with the purpose adding a way to browse containers trough
> > liblxc.
>
> What does "browse" mean in this context?
>
By reading the code, "browse" seems
On Tue, 2011-08-23 at 13:37 +0400, Vladimir Smirnov wrote:
> Hello!
>
> In attachment there are 2 patches to fix some issues with inherited
> fd's. Instead of just exiting with error, maybe it's better to set
> O_CLOEXEC flag.
>
Hello Vladimir !
I agree that inherited descriptors probably deser
On Wed, 2011-08-24 at 14:17 +0400, Vladimir Smirnov wrote:
> Clone allows more flexible control. Currently, if there is any inherited fd,
> lxc-start exits with error. With clone it's possible not to pass open fd's to
> childs.
>
Hmm... when it comes to file descriptors, you have two flavours:
-
On Wed, 2011-08-24 at 14:17 +0400, Vladimir Smirnov wrote:
> Previous patch fixed behaviour with clone, so it's now safe just to set
> O_CLOEXEC flag on
> all inherited fd's.
>
The only use case I know about where a fd leak matters is
checkpoint/restart... I think the behaviour of lxc_check_inhe
now: since the container will start anyway, the user can look into /proc/../fd
or use lsof or whatever.
Signed-off-by: Greg Kurz
---
src/lxc/start.c | 20 +++-
1 files changed, 3 insertions(+), 17 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 6737a44..9481a8
On Fri, 2011-09-02 at 17:06 +0200, Nico wrote:
> Even with lxc, "ps xua..." show only processes in the cgroup, so yes
> /proc is already "virtualized". You're right about "free" reporting
> host values with lxc, but it's done in openvz, and I don't know about
> vservers.
Well, /proc is pid namespa
ff-by: Greg Kurz
---
configure.ac| 24
lxc.spec.in | 24 ++--
src/lxc/Makefile.am | 10 --
3 files changed, 38 insertions(+), 20 deletions(-)
diff --git a/configure.ac b/configure.ac
index 56c5f98..6fa8c4a 100644
- fix circular reference in lxc.pc
- ship lxc.pc with lxc-devel
Signed-off-by: Greg Kurz
---
configure.ac| 24
lxc.pc.in |2 +-
lxc.spec.in | 26 +++---
src/lxc/Makefile.am | 10 --
4 files changed, 40 inser
Commit 92c7f6295518decd3989b2790d75551e7d9a broke the following scipts:
- lxc-setcap
- lxc-setuid
- lxc-create
This patch adds the missing variables to be substitued by the configure
script.
Cheers.
Signed-off-by: Greg Kurz
---
src/lxc/lxc-create.in |1 +
src/lxc/lxc-setcap.in |4
On Tue, 2011-09-27 at 14:10 +0200, Frederic Crozat wrote:
> Le vendredi 26 août 2011 à 16:00 +0400, Alexey Shabalin a écrit :
> > 2011/8/26 Daniel Lezcano :
> > > On 08/23/2011 03:56 PM, Alexey Shabalin wrote:
> > >> Hello.
> > >> I think the directory /etc better suited for storing configuration f
On Wed, 2011-10-05 at 20:46 +0200, "Axel Schöner" wrote:
> I've submitted a patch-set a few days before, but i didn't get any feedback
> yet.
>
Hi Axel,
I guess there are too few people using lxc-attach for the moment...
> The reason for this patch is, by using "lxc-attach" to enter the namespa
On Thu, 2011-10-06 at 14:59 +0200, "Axel Schöner" wrote:
> Hi,
>
> the new patchset consists of 3 patches:
> patch_1of3_lxc_cgroup_append_task_helper_cgroup
> patch_2of3_lxc_cgroup_append_task_helper_namespace
> patch_3of3_lxc_cgroup_append_task_in_lxc_attach
>
> I hope it is much better now.
> T
id = getpid();
> +
> + /* Let's add the pid to the 'tasks' file */
> + if (lxc_cgroup_append_task(cgname, cpid)) {
> + SYSERROR("failed to attach pid '%d' to '%s'", cpid, cgname);
> + return -1;
> +
On Thu, 2011-10-06 at 15:00 +0200, "Axel Schöner" wrote:
> diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c
> index ed3d5a4..65cb101 100644
> --- a/src/lxc/lxc_attach.c
> +++ b/src/lxc/lxc_attach.c
> @@ -85,7 +85,7 @@ int main(int argc, char *argv[], char *envp[])
>
> curdir = get_
On Thu, 2011-10-06 at 15:12 -0700, martin.pe...@bull.com wrote:
> Marian,
> Thanks for the info. Paul Menage also directed me to
> contain...@lists.linux-foundation.org. I'm having a hard time finding
> out how to subscribe to that list. Do you know the procedure?
> Thanks,
> Martin
Hi Mart
On Tue, 2011-10-11 at 16:18 -0700, Matt Helsley wrote:
> lxc init modifies a different signal mask in the loop than the one it's
> installing with sigaction in the loop. It appears that either these
> lines should move outside the loop, or the intent was to clear the
> bits of the sa_mask instead o
e ops.
- lxc_arguments_dup() is merged in the pre-exec operation: this is a first
use for the execute op introduced just above. It's better to build the
arguments to execvp() where they're really used.
Signed-off-by: Greg Kurz
Cc: Cedric Le Goater
---
src/lxc/Makefile.am |
(!was_interrupted)
was_interrupted = sig;
}
I don't think we need to mess around with SIGILL,
SIGSEGV and SIGBUS.
Signed-off-by: Greg Kurz
---
src/lxc/lxc_init.c |3 ---
1 files changed, 0 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxc_init.c b/src/lxc/lxc_init.c
index a5
There are still some sequels from commit:
1c41ddcb4af633ac906f1d7c9ef1dc7d121d7850
Signed-off-by: Greg Kurz
---
src/lxc/lxc-create.in |1 +
src/lxc/lxc-ls.in |1 +
2 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/lxc/lxc-create.in b/src/lxc/lxc-create.in
index
nd by the way, system containers with network
support may rely on rsh-like services to do the trick).
The first two patches add a mainloop and logging features
to lxc-init, and the last patch brings lxc-rexec.
---
Greg Kurz (3):
lxc: introduce lxc-rexec
lxc-init: use lxc lo
The goal here is to be able to multiplex several event sources in
lxc-init. It will be a lot easier to add I/O driven features: for
example, a rexec-like service to start extra commands in a
container.
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le Goater
---
src/lxc/error.c| 23
attached to the container.
Caveats :
- environment and current dir is not propagated
- the container exits only when the last attached command dies
- attachement between containers is possible
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le Goater
---
configure.ac
Because there are no reasons that a vital component like lxc-init
doesn't log into a file.
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le Goater
---
src/lxc/execute.c | 22 -
src/lxc/lxc.h |1 +
src/lxc/lxc_execute.c |3 ++
src/lxc/lxc_init.c|
On Sat, 2011-10-29 at 20:26 +0200, Daniel Lezcano wrote:
> On 10/26/2011 05:13 PM, Greg Kurz wrote:
> > Often people want to launch a command in an already
> > running container. This can be achieved with the lxc-attach
> > command, provided you have a patched kernel with ful
On Thu, 2011-11-03 at 09:36 +0100, Cedric Le Goater wrote:
> > Hi Greg,
> >
> > I successfully applied the patches, but the compilation fails with:
> >
> > /home/dlezcano/work/src/lxc/src/lxc/lxc_init.c:164: undefined reference
> > to `lxc_error_set_and_log_siginfo'
> > /home/dlezcano/work/src/lxc/
The "" notation is preferrable if the header file is local.
Signed-off-by: Greg Kurz
---
src/lxc/genl.c |5 +++--
src/lxc/lxc_info.c |3 ++-
src/lxc/mainloop.h |2 +-
src/lxc/network.c |5 +++--
src/lxc/nl.c |3 ++-
src/lxc/restart.c |3 ++-
src/
To avoid name collisions between local and system header
files. For example, if you try to include the
system file, you end up including the one from lxc...
Signed-off-by: Greg Kurz
---
src/lxc/Makefile.am |7 ++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/src/lxc
included with
the <> notation.
With the following patches, I managed to build inside and outside
the source tree. No more collisions with system headers.
Daniel, plz tell me if you want me to repost a full serie ?
Cheers.
---
Greg Kurz (2):
lxc: use -iquote instead of -I
lxc: fix er
On Fri, 2011-11-04 at 11:18 +0100, Cedric Le Goater wrote:
> On 11/03/2011 05:41 PM, Greg Kurz wrote:
> > To avoid name collisions between local and system header
> > files. For example, if you try to include the
> > system file, you end up including the one from lxc...
>
On Fri, 2011-11-04 at 14:29 +0100, Daniel Lezcano wrote:
> On 10/06/2011 02:59 PM, "Axel Schöner" wrote:
> > Hi,
> >
> > the new patchset consists of 3 patches:
> > patch_1of3_lxc_cgroup_append_task_helper_cgroup
> > patch_2of3_lxc_cgroup_append_task_helper_namespace
> > patch_3of3_lxc_cgroup_appen
Because there are no reasons that a vital component like lxc-init
doesn't log into a file.
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le Goater
---
src/lxc/execute.c | 22 -
src/lxc/lxc.h |1 +
src/lxc/lxc_execute.c |3 ++
src/lxc/lxc_init.c|
The goal here is to be able to multiplex several event sources in
lxc-init. It will be a lot easier to add I/O driven features: for
example, a rexec-like service to start extra commands in a
container.
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le Goater
---
src/lxc/error.c| 23
This header doesn't bring much benefit, as there's only one user for
lxc_utmp_mainloop_add()... but it sure brings issues: it's completly
impossible to include the system header because of the -I
arguments generated by automake.
Signed-off-by: Greg Kurz
---
src/lxc/Makefile.am
attached to the container.
Caveats :
- environment and current dir is not propagated
- the container exits only when the last attached command dies
- attachement between containers is possible
ChangeLog:
- v2: fix link error
Signed-off-by: Greg Kurz
Signed-off-by: Cedric Le
ad of messing with automake
internals.
---
Greg Kurz (4):
lxc: introduce lxc-rexec (v2)
lxc: kill utmp.h header
lxc-init: use lxc logging infrastructure
lxc-init: use lxc_mainloop
src/lxc/Makefile.am |9 +
src/lxc/arguments.h |3
src/lxc/error.c | 23 ++
On Thu, 2011-11-10 at 08:48 +, Daniel Lezcano wrote:
> commit a2dea4ea209a8fcf6837668bbe59f350931d1c07
> Author: Greg Kurz
> Date: Thu Nov 10 09:41:46 2011 +0100
> lxc: use -iquote instead of -I
>
> To avoid name collisions between local and system heade
On 11/18/2011 06:40 AM, liu...@neusoft.com wrote:
> hello everyone!
> I'm a rookie on the LXC, and i want to know wheather
> application container can do the socket communication
> with the host or not ?
It depends on your kernel: you need at least 2.6.36 to do that.
> If yes, what need to config
On Thu, 2011-12-01 at 18:23 +0200, Vadym S. Khondar wrote:
> Hello everybody.
>
Hi,
> Not sure if I am posting on the right list with this question.
>
> I'm interested in project status on ia64 platform.
>
This sounds like you're on the right list. :)
> The latest tar.gzs have a check within
On Thu, 2011-12-01 at 23:59 +0200, Vadym S. Khondar wrote:
> > I guess something like this should fix the issue:
> >
> > --- a/src/lxc/namespace.c
> > +++ b/src/lxc/namespace.c
> > @@ -71,7 +71,7 @@ pid_t lxc_clone(int (*fn)(void *), void *arg, int
> > flags)
> > pid_t ret;
> >
> > #ifdef __i
On Sun, 2011-12-04 at 11:33 +0100, Daniel Lezcano wrote:
> On 11/08/2011 12:49 PM, Greg Kurz wrote:
> > The goal here is to be able to multiplex several event sources in
> > lxc-init. It will be a lot easier to add I/O driven features: for
> > example, a rexec-like service to
fered !
Signed-off-by: Greg Kurz
---
src/lxc/lxc_monitor.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/lxc/lxc_monitor.c b/src/lxc/lxc_monitor.c
index 1da0906..3802d2e 100644
--- a/src/lxc/lxc_monitor.c
+++ b/src/lxc/lxc_monitor.c
@@ -84,6 +84,8 @@ int main(int argc,
On Wed, 2011-12-07 at 13:28 +0100, Jäkel, Guido wrote:
> Dear Greg,
>
> great - thank you! I'm affected by this.
>
You're welcome.
> And may you also take a look on it concerning the possibility to invoke more
> than one process at a time?
>
> For the second, you get
>
> lxc-monitor:
This lxc-monitor limitation deserves some lines in the manpage, until
something is done to allow several monitors to run concurrently.
Signed-off-by: Greg Kurz
---
doc/lxc-monitor.sgml.in | 12
1 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/doc/lxc
On Wed, 2011-12-07 at 19:53 +0100, Guido Jäkel wrote:
> Yes, i found that. But with this i only might be able to start n containers
> with *one* invocation of the script - that's not what i want to reach in
> general.
>
> I'm sorry, but i re-read my script and found, that i'm using lxc-wait to
On Mon, 2011-12-12 at 11:01 +0800, yi...@neusoft.com wrote:
> Hi all
>
> These days I encouter a problem.
> When I use the lxc to running my app,the getpid() system call
> returns 2.But in my platform,
> I need the system wide PID instead for some purpose,such as
> integrade with native ap
Cheers.
> Cheers
> Xiaobiao
> - 原邮件 -
> 从: Greg Kurz
> 日期: 星期一, 十二月 12日, 2011 下午6:08
> 主题: Re: [lxc-devel] How to change to lxc internal PID to system wide
> PID
>
> > On Mon, 2011-12-12 at 11:01 +0800, yi...@neusoft.com wrote:
> > > Hi all
> > &g
52 matches
Mail list logo
