gt;
> Signed-off-by: Daniel Lezcano
Acked-by: Serge Hallyn
I'm curious, whatcha got in mind?
> ---
> src/lxc/confile.c | 12
> 1 files changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/src/lxc/confile.c b/src/lxc/confile.c
> index 791f04f..d6
Quoting David Serrano (dserra...@gmail.com):
> On Sat, May 14, 2011 at 00:15, Serge Hallyn
> wrote:
> >
> > I'm curious, whatcha got in mind?
>
> I don't think you have to have something in mind to implement this.
> Just that old motto "Be lenient
Quoting Daniel Lezcano (daniel.lezc...@free.fr):
> Hi Serge,
>
> your patch was doing a nested call to the setmntent which is not reentrant.
>
> Fixed with the patch in attachment. Some other nits fixed too.
Looks good, thanks.
Acked-by: Serge Hallyn
Once this all settles
Quoting Michael H. Warfield (m...@wittsend.com):
...
> F15 systemd: Passed.
> F12 single mount: Passed.
> F13 single mount: Passed.
> F14 single mount: Passed.
> F14 libcgroup:Failed.
>
> I had the default /etc/cgconfig.conf file and here are the results:
>
> [root@berserker-base ~]# cat
Quoting Bruno Prémont (bonb...@linux-vserver.org):
> On Thu, 11 August 2011 Daniel Lezcano wrote:
> > On 08/11/2011 06:30 PM, Bruno Prémont wrote:
> > > On Wed, 10 August 2011 Daniel Lezcano wrote:
> > >> On 08/10/2011 10:10 PM, Bruno Prémont wrote:
> > >>> Hi Daniel,
> > >>>
> > >>> [I'm adding
[ Here is the patch which you'd need to be able to add the boot
check against pid_ns ]
This will allow us to check whether a task has privilege over the
pid namespace.
Signed-off-by: Serge Hallyn
---
include/linux/pid_namespace.h |9 +++--
kernel/nsproxy.c |
On 12/04/2011 04:28 AM, Daniel Lezcano wrote:
> On 11/16/2011 05:49 PM, Christian Seiler wrote:
>> Hi,
>>
>> I've run into the same problem as was discussed in BUG #3411497 [1] and on
>> the users mailing list [2]. To solve this, I've decided to implement the
>> patch that was proposed on the maili
On 12/04/2011 05:18 PM, Daniel Lezcano wrote:
> On 12/05/2011 12:11 AM, Serge Hallyn wrote:
>> On 12/04/2011 04:28 AM, Daniel Lezcano wrote:
>>> On 11/16/2011 05:49 PM, Christian Seiler wrote:
>>>> Hi,
>>>>
>>>> I've run into the sa
Hi - thanks for the update. Assuming the only thing you changed was
catching the errno (there's no changelog but I assume so and don't
want to take another close look),
Acked-by: Serge Hallyn
Let's apply and finally close this mysterious and aggravating (for some)
chapter! :)
Hi Guido,
the ideas are interesting, and the fifo might be a nice feature to add
separately if someone wanted to work on the patch. However, in my view
this particular patch is an ugly hack to work around an ugly kernel
deficiency which hopefully will be fixed in the kernel (when I get
around to
Quoting Ward, David - 0663 - MITLL (david.w...@ll.mit.edu):
> It's a bit difficult for me to follow patches when they are going to two
> separate mailing lists. Would it be possible to limit patches to the
> lxc-devel list, please? I think that is the intended place for them.
Hmm. Oops, I'm n
Otherwise code like https://code.launchpad.net/~frankban/lpsetup/lp-lxc-ip
can trivially make this code (get_init_pid() in this case) overflow.
This is on top of the patchset I sent yesterday.
Signed-off-by: Serge Hallyn
---
src/lxc/cgroup.c | 67
Quoting Frederic Crozat (fcro...@suse.com):
> Hi,
>
> it looks like the current detection of already started container doesn't
> work properly (cgroups is trying to be moved before socket command is
> created), making Serge fix (97d3756cbe10) useless.
I see what was happening. You're right, more
User namespaces in recent kernels will probably not be usable for
containers. Eric is heavily developing them right now, and hopefully
in the next 6-12 months they'll be fully supported.
So if you can't run an older kernel, I guess I'd recommend running a
custom avahi package without the 3-task l
Quoting Matthijs Kooijman (matth...@stdin.nl):
> Hi folks,
>
> while writing scripts, I occasionally miss an lxc-config command, that
> can parse (and possibly also write) the lxc config files for me in a
> robust way. Sure, it's an easy format to just grep and sed over (or at
> least it looks lik
Quoting William Dauchy (wdau...@gmail.com):
> Hello,
>
> I tested lxc0.8 rc1 and saw that cgroups are now created in
> /cgroup/lxc/, so lxc-create will create the cgroups in this directory
> as a cgroups hierarchy.
> It makes the thing unusable when using cgroups capabilities that does
> not suppo
Otherwise things like '*:*' in config can get expanded if there is a
matching filename in cwd.
Signed-off-by: Serge Hallyn
---
src/lxc/lxc-clone.in |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxc-clone.in b/src/lxc/lxc-clone.in
index 28c47e8..c9a8
Quoting Frederic Crozat (fcro...@suse.com):
> Le mardi 15 mai 2012 à 10:34 -0400, st...@linuxsuite.org a écrit :
> > Howdy!
> >
> > On debian squeeze with LXC version 0.7.2 , I can mount sysfs in the
> > container..
> >
> > Isn't this a serious security issue? IE. messing with files i
Quoting Christian Seiler (christ...@iwakd.de):
> Add a tool that switches context to enter the network namespace and then
> execute an arbitrary command. Since we don't change mount / pid namespaces,
> this allows the user to use the host's networking tools such as iputils,
> iptables, netstat to q
Quoting Christian Seiler (christ...@iwakd.de):
> Hi again,
>
> >> Extending lxc-attach would also be fine by me - is anybody already
> >> working on this? If not, I'd be willing to do that.
> >
> > It's on the todo list at the moment, I don't believe anyone is
> > actively working on it at the mom
Quoting Christian Seiler (christ...@iwakd.de):
> Hi,
>
> >> - they unshare the mount namespace and remount /sys - apparently, in
> >>contrast to /proc, which depends on the current process's context,
> >>/sys depends on the context of the process mounting it
> >
> > Both actually depend
Quoting Christian Seiler (christ...@iwakd.de):
> + int flags[] = { CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWNET, CLONE_NEWIPC,
> CLONE_NEWUTS };
...
> -static char *namespaces_list[] = {
> - "MOUNT", "PID", "UTSNAME", "IPC",
> - "USER", "NETWORK"
> -};
> -static int cloneflags_list[] = {
>
Quoting Christian Seiler (christ...@iwakd.de):
> This patch adds the -s/--namespaces option to lxc-attach that works
> analogously to lxc-unshare, allowing the user to select the namespaces the
> process should be attached to.
>
> Signed-off-by: Christian Seiler
Other than the comments in the pr
ped (without having lxc-attach fail, unlike for other namespaces) if the
> kernel lacks support.
>
> Signed-off-by: Christian Seiler
> Cc: Stéphane Graber
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
One comment below. With the change below (or without, if you feel
strongly about it
o some of the namespaces.
>
> Signed-off-by: Christian Seiler
> Cc: Stéphane Graber
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Thanks, Christian, looks good.
Acked-by: Serge E. Hallyn
> ---
> doc/lxc-attach.sgml.in | 42 +
Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> >Note that for now the same thing will happen with pid. I don't think
> >CLONE_NEWUSER needs to be special cased. Likewise, someone may want
> >to use this lxc on an older kernel without any setns support at all.
>
> I'm not sure th
Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> >That sounds good, but then to do it right the "which namespaces were
> >unshared by the container" shouldn't be hardcoded in. Unfortunately,
> >without the /proc/self/ns/ links there's no way to tell, so we can't
> >answer your quest
Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> >>What about if we update the command interface to add an additional
> >>command along the lines of LXC_COMMAND_GET_NSFLAGS or similar, which
> >>returns the bitmask of CLONE_* used for starting the container? Then
> >>we would have th
an Seiler
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Acked-by: Serge Hallyn
> ---
> src/lxc/commands.c | 30 ++
> src/lxc/commands.h |2 ++
> src/lxc/start.c| 34 --
> src/lxc/start.h|1 +
>
Quoting Christian Seiler (christ...@iwakd.de):
> In order to be able to reuse code in lxc-attach, the functions
> lxc_namespace_2_cloneflag and lxc_fill_namespace_flags are moved from
> lxc_unshare.c to namespace.c.
>
> Signed-off-by: Christian Seiler
> Cc: Daniel Lezcano
to attach to.
>
> Signed-off-by: Christian Seiler
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Looks nice, thanks.
Acked-by: Serge Hallyn
> ---
> src/lxc/attach.c | 42 +-
> src/lxc/attach.h |2 +-
> src/lxc/lxc_attach.
to for example attach to just the network namespace and
> use the host's (and not the container's) network tools to reconfigure the
> network of the container.
>
> Signed-off-by: Christian Seiler
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Acked-by: Serge Hall
o some of the namespaces.
>
> Signed-off-by: Christian Seiler
> Acked-by: Serge Hallyn
Note there is no reason to resend this patch for this, but do you think
it would be worthwhile to warn if the user specified -R, but CLONE_NEWNS
was already in the mount flags?
> Cc: Danie
> Signed-off-by: Stéphane Graber
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Acked-by: Serge Hallyn
thanks,
-serge
>
> ---
> doc/lxc-start.sgml.in | 15 ---
> src/lxc/arguments.h |3 ---
> src/lxc/conf.h|1 -
> src/lxc/lxc_start.c | 1
Commits 15da01b3938d7ba45472e6c9d3b183a94dd86ca9 and
2e44ed1e647d9fd1544b7ad855bda22ca71abd12 conflicted and resulted in
some duplicate functionality. Drop the poorer version of that block.
Signed-off-by: Serge Hallyn
---
templates/lxc-ubuntu.in | 28
1 file
Quoting Stéphane Graber (stgra...@ubuntu.com):
> On 05/25/2012 11:24 AM, Christian Seiler wrote:
> > Hi,
> >
> >> Have you looked at the lxc-shutdown script we have in Ubuntu and the
> >> integration we have with upstart?
> >
> > No, not yet, but I'll look at it later.
> >
> >> lxc-shutdown send
By default we use mnt, but that means that lxc fstab entries do not work
when placed under the container's /mnt/.
Switching the default away from /mnt would work too, if noone
objects. (I see no downside, but figured I'd play it safe for now)
Signed-off-by: Serge Hallyn
---
tem
Quoting richard -rw- weinberger (richard.weinber...@gmail.com):
> On Tue, May 29, 2012 at 10:36 AM, richard -rw- weinberger
> wrote:
> > Found the problem, patch is in the way!
> >
>
> *grr*, forgot that this list is moderated.
>
> --
>
> Using this patch is it possible to catch usage errors li
Quoting Ryota Ozaki (ozaki.ry...@gmail.com):
> The original code assumes that 1st column is mount type,
> however, 3rd column is really mount type. Fix it.
>
> Signed-off-by: Ryota Ozaki
As the person probably responsible for that mistake,
Acked-by: Serge Hallyn
> ---
>
Quoting Jin Chen (ciccin...@gmail.com):
> Another question.
>
> If I start a ubuntu template lxc container tm1 and do "lxc-start-ephemeral
> -o tm1", overlayfs mount will not include those ramfs (e.g. /proc, /sys,
> /run) in original container root directory, right ? Actually, I think this
> scri
Quoting Stéphane Graber (stgra...@ubuntu.com):
> On 05/25/2012 04:17 AM, Matthijs Kooijman wrote:
> > Hi Stéphane,
> >
> >> - stop: Is run after the container died
> >> [...]
> >> Potential other hooks include pre-start and post-stop
> > What would be the difference between stop and post-stop, if
and to make automated testing easier.
I tried my hand at implementing the start of that at
https://code.launchpad.net/~serge-hallyn/+junk/lxcwithapi .
The api is in src/lxc/lxccontainer.h, and the testcases in src/tests show
how to use it. For instance, you could
struct lxc_contain
Hi,
lxc-unshare currently is broken if you don't provide a command to run. The
fix is trivial, but which default behavior do we prefer: always require
a command, or do we pick something ("/bin/sh"?) to run if no command is
provided? I prefer to require a command, but history suggests that I can
It segfaults otherwise, trying to execute &NULL.
(i.e. lxc-unshare -s MOUNT)
Signed-off-by: Serge Hallyn
---
src/lxc/lxc_unshare.c |8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c
index 0baccb0..5f342f2 100644
-
Otherwise a container name starting with a dash confuses ls.
Signed-off-by: Serge Hallyn
---
src/lxc/lxc-ls.in |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lxc/lxc-ls.in b/src/lxc/lxc-ls.in
index 11a3b45..ea38054 100644
--- a/src/lxc/lxc-ls.in
+++ b/src/lxc/lxc
Just wait until the lock is available. That is a nicer behavior for
concurrent (scripted) lxc-create's.
Signed-off-by: Serge Hallyn
---
templates/lxc-altlinux.in |4 ++--
templates/lxc-debian.in |4 ++--
templates/lxc-fedora.in |4 ++--
templates/lxc-len
t
lxc.hook.start = /start
lxc.hook.post-stop = /var/lib/lxc/p1/post-stop
to my /var/lib/lxc/p1/config, and the hooks get executed as expected.
Comments on the patch, the hooks we want, and the questions raised above
would be appreciated.
Signed-off-by: Serge Hallyn
---
, please let me know. Otherwise, I'll do Smack and SELinux.
Signed-off-by: Serge Hallyn
---
configure.ac| 10
src/lxc/Makefile.am | 11 +++--
src/lxc/apparmor.c | 134 +++
src/lxc/apparmor.h | 16 ++
src/lxc/conf.c
Quoting Jäkel, Guido (g.jae...@dnb.de):
> Hello Developers,
>
> using Gentoo's lxc-0.8.0_rc1-r4 with a Kernel gentoo-sources-3.3.5 I
> observe the following issue concerning the cgroupfs:
>
> For reasons of compatibility I have still mounted the controllers of the
> cgroupfs at a single mo
Hi,
any comments on this patch? If there are no major objections to the
fundamental patch (the lxc.conf entries and the basic hooks), I will go
ahead and get it into our ubuntu package to get it some more testing.
thanks,
-serge
Quoting Serge Hallyn (serge.hal...@canonical.com):
> This pa
Hi Daniel,
I've refreshed github.com/hallyn/lxc from your upstream tree, gone back
through our current ubuntu lxc package, and pushed all the patches from
debian and ubuntu which seemed appropriate. The result builds and
passes my containers tests (at lp:~serge-hallyn/+junk/lxc-test). Mo
I don't know of a generic way this could be done in lxc. However, for your
specific containers, you could redirect console to a file and have a script
watch for a login prompt there?
-serge
Quoting Jäkel, Guido (g.jae...@dnb.de):
> Hi,
>
> i would like to have an discussion about an additional
Quoting Jäkel, Guido (g.jae...@dnb.de):
> Dear Serge,
>
> >I don't know of a generic way this could be done in lxc.
>
> But it is desirable, right?
Well in a sense it's equivalent to the halting problem. A solution
to which is desirable but not achievable. We've had similar discussions
about s
Quoting Stefan Schlesinger (s...@ono.at):
>
> On Jun 28, 2012, at 5:35 PM, Ward, David - 0663 - MITLL wrote:
> > Just FYI, current git now allows you to list running containers
> > only with the '--active' flag to lxc-ls.
>
> The current version in Git also lists 'lost+found' as a virtual machine
owever,when I use lxc in centos and redhat,after I execute lxc-setcap,l
> can execute lxc-execute without privilege.
>
> 2012/6/29 Serge Hallyn
>
> > Quoting Sam Wang (zhefw...@gmail.com):
> > > I know it can not work with shell scripts and it can not work with bina
orts fewer capabilities, then a
cap_get_flag for an unsupported capability returns -EINVAL.
Recognize that, and don't fail when initializing capabilities when this
happens, rather accept that we've reached the last capability.
Signed-off-by: Serge Hallyn
Reported-by: Sam Wang
---
s
Quoting Stéphane Graber (stgra...@ubuntu.com):
> On 06/29/2012 11:41 AM, Serge Hallyn wrote:
> > The following patch allows me to run lxc-execute -n p1 -- /bin/ls
> > as unprivileged user. I've pushed it to git://github.com/hallyn/lxc.git.
> > Thanks,
her accept that we've reached the last capability.
Changelog: remove unused lastcap variable (thanks stgraber)
Signed-off-by: Serge Hallyn
---
src/lxc/caps.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/lxc/caps.c b/src/lxc/caps.c
index 10a0b4a..94c13
Quoting J. Xiao (j...@linux.vnet.ibm.com):
> I checked all the capabilities are up before opening shmmax file.
> If I seteuid to 0, the open succeeds. There seems to be a difference
> between having a root euid and a regular user having root capabilities
> in terms of writing to shmmax file.
Yup
ot;shmall has been setup to %lu\n", shmall);
> +
> + return 0;
> +}
> +
> +
> static int setup_hw_addr(char *hwaddr, const char *ifname)
> {
> struct sockaddr sockaddr;
> @@ -2047,6 +2160,16 @@ int lxc_setup(const char *name, struct lxc_conf
> *lxc_
Quoting j...@linux.vnet.ibm.com (j...@linux.vnet.ibm.com):
> From: Jian Xiao
>
> Signed-off-by: Jian Xiao
Thanks, Jian. Looks great.
Acked-by: Serge Hallyn
-serge
> ---
> src/lxc/conf.c| 77
> +
> src
Quoting Jan Kiszka (jan.kis...@siemens.com):
> Allow to specify a timeout for waiting on state changes via lxc-wait.
> Helpful for scripts that need to handle errors or excessive delays in
> state changing procedures.
Hi,
in our lxc-api tree
(https://code.launchpad.net/~ubuntu-lxc/ubuntu/quantal
Quoting Jan Kiszka (jan.kis...@siemens.com):
> Analogously to lxc.network.script.up, add the ability to register a down
> script. It is called before the guest network is finally destroyed,
> allowing to clean up resources that are not reset/destroyed
> automatically. Parameters of the down script
Quoting Jan Kiszka (jan.kis...@siemens.com):
> On 2012-07-09 19:28, Serge Hallyn wrote:
> > Quoting Jan Kiszka (jan.kis...@siemens.com):
> >> Allow to specify a timeout for waiting on state changes via lxc-wait.
> >> Helpful for scripts that need to handle errors or exc
Quoting Stuart Yoder (b08...@gmail.com):
> Hi. Are there regression tests available to verify lxc? Have
> googled, poked around in the source forge project pages, but so far am
> not seeing anything.
1. at https://code.launchpad.net/~serge-hallyn/+junk/lxc-test I have a high
level t
Quoting Axel Neumann (neum...@cgws.de):
> Hello,
>
> First, thanks a lot for your good work!
> We are using LXC in the CONFINE project (confine-project.eu) to provide
> researchers with a virtualized linux evironment in a distributed testbed.
>
> We found a problem when a container config looks
Otherwise after cloning an lvm+xfs container you can't run the
original and clone at the same time.
Based on a patch by Maurizio Sambati posted at
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1013549
Signed-off-by: Serge Hallyn
---
src/lxc/lxc-clone.in |8 +++-
1 file chang
(applied to git://github.com/hallyn/lxc#upstream.1.withpatches)
The 'lxc.mount =' entry can have more than one space, or tabs, before the =.
We only need to disambiguate from 'lxc.mount.entry'. So just check for a
space or tab after mount.
Signed-off-by: Serge Hallyn
---
Quoting Android Computing (andr.comput...@gmail.com):
> Hello,
> I was wondering if anyone could guide me through something.
> I am trying to boot two linux containers in android.
> 1. I start container a1 with a lxc-start -n a1 -d
> The container starts and then nothing happens.
> 2. I enter "e
first step. You can also get
source for an ubuntu package based on this patch at
https://code.launchpad.net/~serge-hallyn/ubuntu/quantal/lxc/lxc-seccomp
Signed-off-by: Serge Hallyn
---
README | 24 ++
configure.ac | 10 +
src/lxc/Makefile.am |9
For instance
lxc.include = /var/lib/lxc/commonopts
in /var/lib/lxc/q1/config would cause the configuration in
/var/lib/lxc/commonopts to be loaded when container q1 starts.
Signed-off-by: Serge Hallyn
---
src/lxc/confile.c |8
1 file changed, 8 insertions(+)
diff --git a/src/lxc
If user calls 'lxc-create -t ubuntu -- -h' (as opposed to
'lxc-create -t ubuntu -h') then the ubuntu template will print its
help then exit 0. Then lxc-create does not cleanup. So detect this
in lxc-create.
---
src/lxc/lxc-create.in | 12
1 file changed, 12 insertions(+)
diff --g
Quoting Jan Kiszka (jan.kis...@siemens.com):
> On 2012-07-09 21:16, Serge Hallyn wrote:
> > Quoting Jan Kiszka (jan.kis...@siemens.com):
> >> On 2012-07-09 19:28, Serge Hallyn wrote:
> >>> Quoting Jan Kiszka (jan.kis...@siemens.com):
> >>>> Allow to s
Quoting Jan Kiszka (jan.kis...@siemens.com):
> On 2012-08-21 15:11, Serge Hallyn wrote:
> > Quoting Jan Kiszka (jan.kis...@siemens.com):
> >> On 2012-07-09 21:16, Serge Hallyn wrote:
> >>> Quoting Jan Kiszka (jan.kis...@siemens.com):
> >>>> On 2012-07-
Quoting me sdkie (mesd...@gmail.com):
> Colinux have to update the Linux kernel for all the new kernel releases.
> Cant we add some code in Mainline Linux kernel which will reduce this work
> as we will get the support to Colinux directly from original Linux kernel ?.
All the kernel features are t
Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> > My github tree is my staging tree for things I'd like to have merged into
> > lxc.sf.net, so hopefully when Daniel has time again he'll take it. (I
> > posted it to my tree after the last time Daniel merged)
>
> Btw. could you also
Christian,
would you mind resending real quick? I'm not sure I have the final version
(and the online mail list archive isn't working for me atm)
--
Live Security Virtual Conference
Exclusive live event will cover all th
Quoting Christian Seiler (christ...@iwakd.de):
> Serge,
>
> Here you go, I've rebased the patches against Daniel's current master
> branch, so that they properly apply.
>
> Christian
>
Thanks. I've applied v2 to the ubuntu package, and v3 to my github
branch. (The ubuntu package is missing so
an Seiler
> Cc: Daniel Lezcano
> Cc: Serge Hallyn
Daniel - fwiw I did ack all of these in the original thread. I'm adding
my acks to the commits in my github tree.
> ---
> src/lxc/commands.c | 30 ++
> src/lxc/commands.h |
When passing '--userdata somefile' to the ubuntu-cloud template, a user
may pass a relative pathname. The template uses the filename after
changing current directory, so store the full pathname for the userdata
file instead of a potential relative pathname.
Signed-off-by: Se
From: Scott Moser
Fix for quantal images which do not have the user 'ubuntu' present.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1045955
Signed-off-by: Serge Hallyn
---
templates/lxc-ubuntu-cloud.in | 109 +
1 file c
ting idea. I kind of like it. We could trivially add
an upstart job to send the notification on runlevel 2 entry.
What do other people think?
> Signed-off-by: Christian Seiler
> Cc: Serge Hallyn
> Cc: Guido Jäkel
> ---
> src/lxc/Makefil
sed to
> lxc.notification.enabled, is deliberate in order to make this extensible. If
> at some point there is some kind of standardized system for these types of
> notifications, it will be simple to just add a new value for the
> lxc.notification.type option.
>
> Signed-off-by: Christian
Quoting Stéphane Graber (stgra...@ubuntu.com):
> On 12-09-19 10:12 AM, Christian Seiler wrote:
> > Hi,
> >
> >>> - is now in /run instead of /dev
> >>
> >> I don't think that part's going to work... Most distros mount /run as
> >> tmpfs at boot time which will hide anything you're putting in the
Quoting Dwight Engen (dwight.en...@oracle.com):
>
> Fix determination of $oldroot from the config file. The old code had the '
> in the wrong place and didn't account for whitespace between the = and
> the rootfs.
>
> Set $rootfs based on $oldroot instead of forcing it to be in
> $lxc_path/$lxc_n
Quoting Dwight Engen (dwight.en...@oracle.com):
>
> This is a new template to create containers based on an Oracle Linux
> rootfs image. The path to the rootfs must be given to the template,
> and if it resides on a btrfs will be snapshoted rather than copied.
>
> Signed-off-by: Dwight Engen
Hi
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 1 Oct 2012 12:27:16 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > >
> > > This is a new template to create containers based on an Oracle Linux
> > > ro
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Tue, 2 Oct 2012 09:16:22 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > On Mon, 1 Oct 2012 12:27:16 -0500
> > > Serge Hallyn wrote:
> > >
> > &
s=up
but the oracle container was set to lxc.network.link=virbr0. Since I
didn't have libvirt installed, the resulting container fails to start.
When I switch the link over, it starts beautifully.
I'm not sure how you'll want to do it - just not
rm -f $cfg_dir/config
and then only
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Fri, 5 Oct 2012 16:52:27 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > >
> > > This is a new template to create containers based on Oracle Linux.
> > > A ve
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 8 Oct 2012 14:35:10 -0500
> Serge Hallyn wrote:
...
> > Ubuntu by default creates a lxcbr0 bridge (NATed to the default nic).
> > So /etc/lxc/lxc.conf is ubuntu-specific because how to set such a
> > bridge up
Quoting Dwight Engen (dwight.en...@oracle.com):
> Make the oracle template honor the lxc.network.type and
> lxc.network.link configuration items if a "base" configuration file is
> passed to lxc-create. If no configuration file is passed, the template
> falls back to the default name created by lib
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Thu, 11 Oct 2012 10:10:03 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > Make the oracle template honor the lxc.network.type and
> > > lxc.network.link configuration ite
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Thu, 11 Oct 2012 11:48:41 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > On Thu, 11 Oct 2012 10:10:03 -0500
> > > Serge Hallyn wrote:
> > >
> > &
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Thu, 11 Oct 2012 13:04:27 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > On Thu, 11 Oct 2012 11:48:41 -0500
> > > Serge Hallyn wrote:
> > >
> > &
Quoting Dwight Engen (dwight.en...@oracle.com):
> This allows a distro to put the distro specific default network
> configuration (for example bridge device, link type), or other lxc
> configuration in the case that -f is not passed by the user to
> lxc-create, in which case lxc-create will use the
Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 15 Oct 2012 12:42:57 -0500
> Serge Hallyn wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > This allows a distro to put the distro specific default network
> > > configuration (for exam
Thanks, Dwight, works like a charm for me. I've pulled patches 1-4 into
my github tree, and have asked Stephane to review for the official
staging tree.
-serge
Quoting Dwight Engen (dwight.en...@oracle.com):
>
> Make the oracle template honor the lxc.network.type and
> lxc.network.link configur
Quoting Dwight Engen (dwight.en...@oracle.com):
> This allows a distro to put the distro specific default network
> configuration (for example bridge device, link type), or other lxc
> configuration in the case that -f is not passed by the user to
> lxc-create, in which case lxc-create will use the
Quoting Dwight Engen (dwight.en...@oracle.com):
>
> RPM doesn't like "-" in the version number and gives:
> "error: line 24: Illegal char '-' in: Version: 0.8.0-rc2"
> Other packages (bind-utils for example) have used . instead
> of - as a seperator.
>
> Signed-off-by: Dwight Engen
Acked-by: Se
1 - 100 of 1316 matches
Mail list logo