Revisions of lxc
Oleksandr Chumachenko (Ledest)
committed
(revision 48)
- update patches: * lxc-2.0.9-opensuse.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 47)
- update patches: * lxc-2.0.9-opensuse.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 46)
- update patches: * lxc-2.0.9-opensuse.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 45)
- update patches: * lxc-2.0.9-opensuse.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 44)
- add patches: * lxc-2.0.9-opensuse.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 43)
Oleksandr Chumachenko (Ledest)
committed
(revision 42)
- git 3feb871 - update to version 2.0.9
Oleksandr Chumachenko (Ledest)
committed
(revision 41)
Oleksandr Chumachenko (Ledest)
committed
(revision 40)
- git 44a43f5
Oleksandr Chumachenko (Ledest)
committed
(revision 39)
- git d3e7b8a - Fix libcap-progs dependency. The 'setcap' binary is located in /sbin instead of /usr/sbin but it's best to depend on the actual package instead since the location might change in the future. - removed apparmor-rpm-macros again, as it is not needed for the current %post solution - added Requires for apparmor-abstractions and BuildRequires for apparmor-rpm-macros to apply the fix for boo#1036360 - added correct reload of apparmor to %post
Oleksandr Chumachenko (Ledest)
committed
(revision 38)
- git fabc141
Oleksandr Chumachenko (Ledest)
committed
(revision 37)
- added workaround for #bsc1041291 to allow builds on Tumbleweed with gcc7, until this bug in gcc7 is fixed...
Oleksandr Chumachenko (Ledest)
committed
(revision 36)
- git e13ca52 - Update to version 2.0.8 * Security fix for CVE-2017-5985 * All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. * This may affect some automated environments that were relying on our default (very much insecure) users. Bugfixes: Make lxc-start-ephemeral Python 3.2-compatible Fix typo Allow build without sys/capability.h lxc-opensuse: fix default value for release code util: always malloc for setproctitle util: update setproctitle comments confile: clear lxc.network..ipv{4,6} when empty lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals Make lxc-net return non-zero on failure seccomp: allow x32 guests on amd64 hosts. Add HAVE_LIBCAP c/r: only supply --ext-mount-map for bind mounts Added 'mkdir -p' functionality in create_or_remove_cgroup Use LXC_ROOTFS_MOUNT in clonehostname hook squeeze is not a supported release anymore, drop the key start: dumb down SIGCHLD from WARN() to NOTICE() log: fix lxc_unix_epoch_to_utc() cgfsng: make trim() safer seccomp: set SCMP_FLTATR_ATL_TSKIP if available lxc-user-nic: re-order #includes lxc-user-nic: improve + bugfix lxc-user-nic: delete link on failure conf: only try to delete veth when privileged Fix lxc-containers to support multiple bridges Fix mixed tab/spaces in previous patch lxc-alpine: use dl-cdn.a.o as default mirror instead of random one lxc-checkconfig: verify new[ug]idmap are setuid-root [templates] archlinux: resolve conflicting files [templates] archlinux: noneed default_timezone variable python3: Deal with potential NULL char* lxc-download.in / allow setting keyserver from env lxc-download.in / Document keyserver change in help Change variable check to match existing style tree-wide: include directly conf/ile: make sure buffer is large enough tree-wide: include directly tests: Support running on IPv6 networks tests: Kill containers (don't wait for shutdown) Fix opening wrong file in suggest_default_idmap do not set the root password in the debian template do not set insecure passwords don't set a default password for altlinux, gentoo, openmandriva and pld tools: exit with return code of lxc_execute() Keep veth.pair.name on network shutdown Makefile: fix static clang init.lxc build Avoid waiting for bridge interface if disabled in sysconfig/lxc | lxc-net via USE_LXC_BRIDGE Increased buffer length in print_stats() avoid assigning to a variable which is not POSIX shell proof (bug #1498) remove obsolete note about api stability conf: less error prone pointer access conf: lxc_map_ids() non-functional changes caps: add lxc_{proc,file}_cap_is_set() conf: check for {filecaps,setuid} on new{g,u}idmap conf: improve log when mounting rootfs ls: simplify the judgment condition when list active containers fix typo introduced in #1509 attach|unshare: fix the wrong comment caps: skip file capability checks on android autotools: check for cap_get_file caps: return false if caps are not supported conf: non-functional changes to setup_pts() conf: use bind-mount for /dev/ptmx conf: non-functional changes utils: use loop device helpers from LXD create ISSUE_TEMPLATE.md cgroups: improve cgfsng debugging issue template: fix typo conf: close fd in lxc_setup_devpts() conf: non-functional changes utils: tweak lxc_mount_proc_if_needed() Change sshd template to work with Ubuntu 17.04 conf: order mount options conf: add MS_LAZYTIME to mount options monitor: report errno on exec() error af unix: allow for maximum socket name commands: avoid NULL pointer dereference commands: non-functional changes lxccontainer: avoid NULL pointer dereference monitor: simplify abstract socket logic precise is not the latest LTS, let's use xenial instead fix the wrong exit status conf: non-functional changes lxc_fill_autodev() conf: remove /dev/console from lxc_fill_autodev() conf: non-functional changes lxc_setup() conf: non-functional changes to console functions conf: improve lxc_setup_dev_console() conf: lxc_setup_ttydir_console() config: remove /dev/console bind mount doc: document console behavior utils: add lxc_unstack_mountpoint() conf: unstack all mounts atop /dev/console console: fail when we cannot allocate peer tty start: remove umount2() conf: non-functional changes utils: handle > 2^31 in lxc_unstack_mountpoint() Install systemd units for CentOS Merge ubuntu and debiancase start: add crucial details about lxc_spawn() - Deleted patches that have been backported before: - 0003-CVE-2017-5985-Ensure-target-netns-is-caller-owned.patch - 0001-tree-wide-include-sys-sysmacros.h-directly.patch - 0002-tree-wide-include-sys-sysmacros.h-directly.patch - added signature verification
Oleksandr Chumachenko (Ledest)
committed
(revision 35)
- git 2e6347d - remove patches: + lxc-2.0.0-ubuntu.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 34)
- git 20f3261 - remove patches: * 0001-tree-wide-include-sys-sysmacros.h-directly.patch * 0002-tree-wide-include-sys-sysmacros.h-directly.patch * 0003-CVE-2017-5985-Ensure-target-netns-is-caller-owned.patch
Oleksandr Chumachenko (Ledest)
committed
(revision 33)
- git d512bd5
Oleksandr Chumachenko (Ledest)
committed
(revision 32)
- remove patches: * lxc-1.1.2-opensuse.patch - all patches (00*.patch) are upstream already, thus deleted; patch lxc-aa_allow_incomplete-default.patch is now reworked and added as a drop-in file in /usr/share/lxc/config/common.conf.d/ - update to version 2.0.7 This is the seventh bugfix release for LXC 2.0. The main bugfixes in this release are: - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Supress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't try to get stuff from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo in calling dpkg with --print-foreign-architectures option - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers - commented out the patches, as they no longer apply cleanly
Oleksandr Chumachenko (Ledest)
committed
(revision 31)
Oleksandr Chumachenko (Ledest)
committed
(revision 30)
- git 9045b0d
Oleksandr Chumachenko (Ledest)
committed
(revision 29)
- git d686e93
Displaying revisions 1 - 20 of 48