diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2009-12-07 11:39:11 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2009-12-07 11:39:11 +0000 |
commit | 88877e72cc6d30cb381cc47589a49bb0f75e20f7 (patch) | |
tree | 090b15be0ab26327fbd77658f85c63ea58ba072b /app-emulation/lxc | |
parent | amd64/x86 stable, bug #295134 (diff) | |
download | historical-88877e72cc6d30cb381cc47589a49bb0f75e20f7.tar.gz historical-88877e72cc6d30cb381cc47589a49bb0f75e20f7.tar.bz2 historical-88877e72cc6d30cb381cc47589a49bb0f75e20f7.zip |
Backport fixes from upstream, including one to not break host systems if lxc-start is launched in the old (pre-0.6.4) way. Thanks to Andrian Nord in bug #296030.
Package-Manager: portage-2.2_rc56/cvs/Linux x86_64
Diffstat (limited to 'app-emulation/lxc')
-rw-r--r-- | app-emulation/lxc/ChangeLog | 13 | ||||
-rw-r--r-- | app-emulation/lxc/Manifest | 15 | ||||
-rw-r--r-- | app-emulation/lxc/files/0.6.2-as-needed.patch | 19 | ||||
-rw-r--r-- | app-emulation/lxc/files/lxc-0.6.4-fix-full-system.patch | 44 | ||||
-rw-r--r-- | app-emulation/lxc/files/lxc-0.6.4-lxc.network.pair.patch | 103 | ||||
-rw-r--r-- | app-emulation/lxc/files/lxc-0.6.4-move-rcfile.patch | 305 | ||||
-rw-r--r-- | app-emulation/lxc/lxc-0.6.3.ebuild | 57 | ||||
-rw-r--r-- | app-emulation/lxc/lxc-0.6.4-r1.ebuild | 77 |
8 files changed, 549 insertions, 84 deletions
diff --git a/app-emulation/lxc/ChangeLog b/app-emulation/lxc/ChangeLog index ed15375166c0..0785b60e6112 100644 --- a/app-emulation/lxc/ChangeLog +++ b/app-emulation/lxc/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for app-emulation/lxc # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/ChangeLog,v 1.5 2009/11/25 12:16:28 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/ChangeLog,v 1.6 2009/12/07 11:39:11 flameeyes Exp $ + +*lxc-0.6.4-r1 (07 Dec 2009) + + 07 Dec 2009; Diego E. Pettenò <flameeyes@gentoo.org> + -files/0.6.2-as-needed.patch, -lxc-0.6.3.ebuild, +lxc-0.6.4-r1.ebuild, + +files/lxc-0.6.4-fix-full-system.patch, + +files/lxc-0.6.4-lxc.network.pair.patch, + +files/lxc-0.6.4-move-rcfile.patch: + Backport fixes from upstream, including one to not break host systems if + lxc-start is launched in the old (pre-0.6.4) way. Thanks to Andrian Nord + in bug #296030. 25 Nov 2009; Diego E. Pettenò <flameeyes@gentoo.org> lxc-0.6.4.ebuild, metadata.xml: diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 51c38f229f95..e69d2567a16a 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,17 +1,18 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -AUX 0.6.2-as-needed.patch 617 RMD160 8c2630bfea0328dc425246b460b26325bbfce631 SHA1 2c55557770add433ebe6d46f0bd3118bea46411e SHA256 f69b355fc9e21a17cc860e5dfc1c3add4554ef6b915394e8588f1e3f3fc21b1c -DIST lxc-0.6.3.tar.gz 463945 RMD160 291a53a5a91b358a2702158647b3322ff33c70ce SHA1 a535a0c0f9c06ebc666dac8dcea570e80a208645 SHA256 d13b3b3d98e65711ebb55429b116bae9615766b63927c8bf8c2dabe5f1aace4d +AUX lxc-0.6.4-fix-full-system.patch 1741 RMD160 049dea2e10d4df6abf758bf70bd18ea571648e74 SHA1 a1431cbb18eefffa42ca6f22920f38d8b5fdb25b SHA256 7e2f3609dd9c84d555ebd772ffad521fc19ca2f712d49fe1fa3ffa0fa1350339 +AUX lxc-0.6.4-lxc.network.pair.patch 3787 RMD160 79dcc4b4e6e8c8710d295e2b6b9273d9764160df SHA1 24c75f18bee91fe797e8242d0b0e80ed6cf494eb SHA256 aa3e64248ae37b1d1eb1e74499641cff06cab71dcc3b4a985dec2345998a2f19 +AUX lxc-0.6.4-move-rcfile.patch 8502 RMD160 594a72a5f8272302492a5467de0d1854d81a1dea SHA1 03ae85bcdb2d8951647d539cee16bdf9fe336489 SHA256 52d570bb1feaedf88a643899bd64408da7e8803f88479e4549abe5e7cd1ffec2 DIST lxc-0.6.4.tar.gz 288214 RMD160 542fc7968ef735ab30f45a2c93c51f355c29314e SHA1 d3b00458691d02d0d31bc2943a07c5c52cfc39a9 SHA256 3ff249246e0a8805db1d3619219c61e3489b5d774cc6c227e8371c7038ed2d04 -EBUILD lxc-0.6.3.ebuild 1747 RMD160 b759ff354519f031e5ef7aa4f57e07422d56a509 SHA1 960c3d2801bfd4e2b76ec80d761f3bff4284ed95 SHA256 99d47f673caf65bd7df519467379aeb037d33a3580c7659bdbfc70a3c5aa0fcc +EBUILD lxc-0.6.4-r1.ebuild 1975 RMD160 a36b7a07f35f3db2fdd7f57b3f677d43859fd11b SHA1 20a16f98420602e5c4901aa401a6f849c9ab5d6a SHA256 fc4d87fa42535c5f463dbcf46b8288cb1786e4dd29fa2cee7bb42a7bc94fdc03 EBUILD lxc-0.6.4.ebuild 1831 RMD160 e5ca087c9931bef84db5962d096a0420f4f4eeaa SHA1 bc7bde8946c650e3c61e36c4e501800565748d2e SHA256 5dc0a197b1e756a15f7a3ede2e060db65469a492b92238b84ffed9d736b72479 -MISC ChangeLog 1128 RMD160 1a21ba32fbf62a1eb52735b5e8d734075b64f67c SHA1 dee3b44a92001b3fc35f6b3d64ff46c4effe26e3 SHA256 b3561268e1fc84cca26626c8c5077cf81ac5ef254bd8adbe6281b238c7edb34d +MISC ChangeLog 1578 RMD160 c8ddfe3e100de52b5e52d079f4a9d78c457d3530 SHA1 21623b987ebabf2a3fce1d3645b6a1f3feb7b096 SHA256 9bffde55035969342a8e7bdf399c7d1b35a325c4db6e6058b37fe2c6abc7d6cf MISC metadata.xml 521 RMD160 a545e00e2df3202e465b684e7581fa541ba2165f SHA1 023dbfe77bba8e848659d38de3287eb8eb1f3832 SHA256 a8f5a0f955bef325605cc123abd008ed57f89e7b6601dad56ca49a6e977eabbc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (GNU/Linux) -iEYEARECAAYFAksNICoACgkQAiZjviIA2XjATwCdETYSVcWpu6mxOpqjAtdiPHHQ -p18An1oQ5RiJRalftpl8uoK/5LaEUUTx -=hDS0 +iEYEARECAAYFAksc6TkACgkQAiZjviIA2XgUfgCeJjfvH1WRAfGwJfsjWu4F/SjF +RHUAoPPwt5SqBCkK3dZ8mh8N9Eh23n64 +=GusL -----END PGP SIGNATURE----- diff --git a/app-emulation/lxc/files/0.6.2-as-needed.patch b/app-emulation/lxc/files/0.6.2-as-needed.patch deleted file mode 100644 index 45e6c4cfa7c9..000000000000 --- a/app-emulation/lxc/files/0.6.2-as-needed.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -Naur lxc-0.6.2.orig/src/lxc/Makefile.am lxc-0.6.2/src/lxc/Makefile.am ---- lxc-0.6.2.orig/src/lxc/Makefile.am 2009-05-21 11:26:06.527984732 +0200 -+++ lxc-0.6.2/src/lxc/Makefile.am 2009-05-21 11:30:21.774641310 +0200 -@@ -1,7 +1,6 @@ - INCLUDES= -I$(top_srcdir)/src -DLXCPATH="\"@LXCPATH@\"" \ - -DLXCBINDIR="\"$(bindir)\"" \ - -DLXCLIBEXECDIR="\"$(libexecdir)\"" --AM_LDFLAGS= -lutil - lib_LTLIBRARIES = liblxc.la - pkginclude_HEADERS = \ - error.h \ -@@ -51,6 +50,7 @@ - cr_plugin_columbia.c lxc_plugin.h - - liblxc_la_LDFLAGS = -release @PACKAGE_VERSION@ -+liblxc_la_LIBADD = -lutil - - bin_SCRIPTS = \ - lxc-ps \ diff --git a/app-emulation/lxc/files/lxc-0.6.4-fix-full-system.patch b/app-emulation/lxc/files/lxc-0.6.4-fix-full-system.patch new file mode 100644 index 000000000000..553bf20e08bd --- /dev/null +++ b/app-emulation/lxc/files/lxc-0.6.4-fix-full-system.patch @@ -0,0 +1,44 @@ +From f2ae79a04567fb8c1181f4d3331d2b7a48889cf3 Mon Sep 17 00:00:00 2001 +From: Andrian Nord <nightnord@gmail.com> +Date: Thu, 26 Nov 2009 15:46:25 +0000 +Subject: "Default" configuration may destroy host system + +If you're running (by mistake or typo) (via lxc-start) container that does not +exists it will run with lxc.rootfs=/, meaning that /sbin/init will +restart initialization procedure, efficiently messing host's system, +that may lead to unpredictable results or even destroy (make inaccessible) host +system (by reseting network configuration or something like that). + +(Actually, it _did_ destroy system of everyone who tested this). + +Actually, I finally lost any meaning of having such a feature for +full-system containers. You may not use hosts's FS - it's described at +above. You may not use some temporary directory - that's nonsense. + +This patch forbinds starting container via lxc-start without rcfile and +custom start program, but probably it fixes only small part of problem. +I really don't see much sense in such a feature without ability of +overriding 'default' setting with command line switches. Anyway, default +behaviour should be as save as possible. + +Signed-off-by: Andrian Nord <NightNord@gmail.com> +Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> +--- +diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c +index b8d03e8..d2471eb 100644 +--- a/src/lxc/lxc_start.c ++++ b/src/lxc/lxc_start.c +@@ -173,6 +173,11 @@ int main(int argc, char *argv[]) + return err; + } + ++ if (!rcfile && !strcmp("/sbin/init", args[0])) { ++ ERROR("no configuration file for '/sbin/init' (may crash the host)"); ++ return err; ++ } ++ + if (my_args.daemonize) { + + /* do not chdir as we want to open the log file, +-- +cgit v0.8.3 diff --git a/app-emulation/lxc/files/lxc-0.6.4-lxc.network.pair.patch b/app-emulation/lxc/files/lxc-0.6.4-lxc.network.pair.patch new file mode 100644 index 000000000000..9c7ab1ab2158 --- /dev/null +++ b/app-emulation/lxc/files/lxc-0.6.4-lxc.network.pair.patch @@ -0,0 +1,103 @@ +From 8634bc197f742267b2eabd8543265ba93177b529 Mon Sep 17 00:00:00 2001 +From: Michael Tokarev <mjt@tls.msk.ru> +Date: Thu, 26 Nov 2009 15:46:23 +0000 +Subject: allow lxc.network.pair to specify host-side name for veth interface + +Currently we allocate veth device with random name on host side, +so that things like firewall rules or accounting does not work +at all. Fix this by recognizing yet anothe keyword to specify +the host-side device name: lxc.network.pair, and use it instead +of random name if specified. + +Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> +Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> +--- +diff --git a/src/lxc/conf.c b/src/lxc/conf.c +index 9c3a558..523270e 100644 +--- a/src/lxc/conf.c ++++ b/src/lxc/conf.c +@@ -829,14 +829,19 @@ int lxc_conf_init(struct lxc_conf *conf) + + static int instanciate_veth(struct lxc_netdev *netdev) + { +- char veth1[IFNAMSIZ]; ++ char veth1buf[IFNAMSIZ], *veth1; + char veth2[IFNAMSIZ]; + int ret = -1; + +- snprintf(veth1, sizeof(veth1), "vethXXXXXX"); +- snprintf(veth2, sizeof(veth2), "vethXXXXXX"); ++ if (netdev->pair) ++ veth1 = netdev->pair; ++ else { ++ snprintf(veth1buf, sizeof(veth1buf), "vethXXXXXX"); ++ mktemp(veth1buf); ++ veth1 = veth1buf; ++ } + +- mktemp(veth1); ++ snprintf(veth2, sizeof(veth2), "vethXXXXXX"); + mktemp(veth2); + + if (!strlen(veth1) || !strlen(veth2)) { +diff --git a/src/lxc/conf.h b/src/lxc/conf.h +index 0b8d732..bb38206 100644 +--- a/src/lxc/conf.h ++++ b/src/lxc/conf.h +@@ -73,6 +73,7 @@ struct lxc_route6 { + * Defines a structure to configure a network device + * @link : lxc.network.link, name of bridge or host iface to attach if any + * @name : lxc.network.name, name of iface on the container side ++ * @pair : lxc.network.pair, name of host-side iface in case of veth etc + * @flags : flag of the network device (IFF_UP, ... ) + * @ipv4 : a list of ipv4 addresses to be set on the network device + * @ipv6 : a list of ipv6 addresses to be set on the network device +@@ -83,6 +84,7 @@ struct lxc_netdev { + int ifindex; + char *link; + char *name; ++ char *pair; + char *hwaddr; + char *mtu; + struct lxc_list ipv4; +diff --git a/src/lxc/confile.c b/src/lxc/confile.c +index 39a8e2c..3a9a86d 100644 +--- a/src/lxc/confile.c ++++ b/src/lxc/confile.c +@@ -49,6 +49,7 @@ static int config_network_type(const char *, char *, struct lxc_conf *); + static int config_network_flags(const char *, char *, struct lxc_conf *); + static int config_network_link(const char *, char *, struct lxc_conf *); + static int config_network_name(const char *, char *, struct lxc_conf *); ++static int config_network_pair(const char *, char *, struct lxc_conf *); + static int config_network_hwaddr(const char *, char *, struct lxc_conf *); + static int config_network_mtu(const char *, char *, struct lxc_conf *); + static int config_network_ipv4(const char *, char *, struct lxc_conf *); +@@ -73,6 +74,7 @@ static struct config config[] = { + { "lxc.network.flags", config_network_flags }, + { "lxc.network.link", config_network_link }, + { "lxc.network.name", config_network_name }, ++ { "lxc.network.pair", config_network_pair }, + { "lxc.network.hwaddr", config_network_hwaddr }, + { "lxc.network.mtu", config_network_mtu }, + { "lxc.network.ipv4", config_network_ipv4 }, +@@ -221,6 +223,18 @@ static int config_network_name(const char *key, char *value, + return network_ifname(&netdev->name, value); + } + ++static int config_network_pair(const char *key, char *value, ++ struct lxc_conf *lxc_conf) ++{ ++ struct lxc_netdev *netdev; ++ ++ netdev = network_netdev(key, value, &lxc_conf->network); ++ if (!netdev) ++ return -1; ++ ++ return network_ifname(&netdev->pair, value); ++} ++ + static int config_network_hwaddr(const char *key, char *value, + struct lxc_conf *lxc_conf) + { +-- +cgit v0.8.3 diff --git a/app-emulation/lxc/files/lxc-0.6.4-move-rcfile.patch b/app-emulation/lxc/files/lxc-0.6.4-move-rcfile.patch new file mode 100644 index 000000000000..6d2bb09843ea --- /dev/null +++ b/app-emulation/lxc/files/lxc-0.6.4-move-rcfile.patch @@ -0,0 +1,305 @@ +From fae349da89b9ad063f0080970558b7f02ce233c2 Mon Sep 17 00:00:00 2001 +From: Daniel Lezcano <daniel.lezcano@free.fr> +Date: Thu, 26 Nov 2009 15:46:24 +0000 +Subject: pass lxc_conf to the lxc_start function instead of the rcfile + +The rcfile is parsed in the lxc_start function. This is not the place +to do that. Let's the caller to do that. + +In the meantime, we have the lxc_conf structure filled right before +calling the lxc_start function so we can do some sanity check on the +configuration to not break the system when we launch the container. + +Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> +--- +diff --git a/src/lxc/commands.c b/src/lxc/commands.c +index 02239e5..4c48571 100644 +--- a/src/lxc/commands.c ++++ b/src/lxc/commands.c +@@ -135,7 +135,7 @@ static int trigger_command(int fd, struct lxc_request *request, + static void command_fd_cleanup(int fd, struct lxc_handler *handler, + struct lxc_epoll_descr *descr) + { +- lxc_console_remove_fd(fd, &handler->conf.tty_info); ++ lxc_console_remove_fd(fd, &handler->conf->tty_info); + lxc_mainloop_del_handler(descr, fd); + close(fd); + } +diff --git a/src/lxc/console.c b/src/lxc/console.c +index 52f6cec..96a6edd 100644 +--- a/src/lxc/console.c ++++ b/src/lxc/console.c +@@ -98,7 +98,7 @@ extern int lxc_console_callback(int fd, struct lxc_request *request, + struct lxc_handler *handler) + { + int ttynum = request->data; +- struct lxc_tty_info *tty_info = &handler->conf.tty_info; ++ struct lxc_tty_info *tty_info = &handler->conf->tty_info; + + if (ttynum > 0) { + if (ttynum > tty_info->nbtty) +diff --git a/src/lxc/lxc.h b/src/lxc/lxc.h +index 66cb3b8..8cf21c1 100644 +--- a/src/lxc/lxc.h ++++ b/src/lxc/lxc.h +@@ -31,6 +31,7 @@ extern "C" { + #include <lxc/state.h> + + struct lxc_msg; ++struct lxc_conf; + + /** + Following code is for liblxc. +@@ -44,7 +45,7 @@ struct lxc_msg; + * @argv : an array of char * corresponding to the commande line + * Returns 0 on sucess, < 0 otherwise + */ +-extern int lxc_start(const char *name, char *const argv[], const char *rcfile); ++extern int lxc_start(const char *name, char *const argv[], struct lxc_conf *); + + /* + * Stop the container previously started with lxc_start, all +diff --git a/src/lxc/lxc_execute.c b/src/lxc/lxc_execute.c +index 846a96f..40a4b93 100644 +--- a/src/lxc/lxc_execute.c ++++ b/src/lxc/lxc_execute.c +@@ -31,10 +31,11 @@ + #include <sys/stat.h> + #include <sys/param.h> + +-#include <lxc/log.h> +-#include <lxc/confile.h> +-#include <lxc/lxc.h> + ++#include "lxc.h" ++#include "log.h" ++#include "conf.h" ++#include "confile.h" + #include "arguments.h" + #include "config.h" + +@@ -83,6 +84,7 @@ int main(int argc, char *argv[]) + { + static char **args; + char *rcfile; ++ struct lxc_conf conf; + + if (lxc_arguments_parse(&my_args, argc, argv)) + return -1; +@@ -111,6 +113,16 @@ int main(int argc, char *argv[]) + } + } + +- return lxc_start(my_args.name, args, my_args.rcfile); ++ if (lxc_conf_init(&conf)) { ++ ERROR("failed to initialze configuration"); ++ return -1; ++ } ++ ++ if (rcfile && lxc_config_read(rcfile, &conf)) { ++ ERROR("failed to read configuration file"); ++ return -1; ++ } ++ ++ return lxc_start(my_args.name, args, &conf); + } + +diff --git a/src/lxc/lxc_start.c b/src/lxc/lxc_start.c +index cf87abf..b8d03e8 100644 +--- a/src/lxc/lxc_start.c ++++ b/src/lxc/lxc_start.c +@@ -40,12 +40,13 @@ + #include <netinet/in.h> + #include <net/if.h> + +-#include <lxc/lxc.h> +-#include <lxc/log.h> +-#include <lxc/utils.h> +- +-#include "arguments.h" ++#include "log.h" ++#include "lxc.h" ++#include "conf.h" ++#include "utils.h" + #include "config.h" ++#include "confile.h" ++#include "arguments.h" + + lxc_log_define(lxc_start, lxc); + +@@ -132,6 +133,7 @@ int main(int argc, char *argv[]) + }; + + char *rcfile = NULL; ++ struct lxc_conf conf; + + if (lxc_arguments_parse(&my_args, argc, argv)) + return err; +@@ -161,6 +163,16 @@ int main(int argc, char *argv[]) + } + } + ++ if (lxc_conf_init(&conf)) { ++ ERROR("failed to initialze configuration"); ++ return err; ++ } ++ ++ if (rcfile && lxc_config_read(rcfile, &conf)) { ++ ERROR("failed to read configuration file"); ++ return err; ++ } ++ + if (my_args.daemonize) { + + /* do not chdir as we want to open the log file, +@@ -187,7 +199,7 @@ int main(int argc, char *argv[]) + + save_tty(&tios); + +- err = lxc_start(my_args.name, args, rcfile); ++ err = lxc_start(my_args.name, args, &conf); + + restore_tty(&tios); + +diff --git a/src/lxc/start.c b/src/lxc/start.c +index 7143421..7e9d924 100644 +--- a/src/lxc/start.c ++++ b/src/lxc/start.c +@@ -230,7 +230,7 @@ static int console_init(char *console, size_t size) + return 0; + } + +-struct lxc_handler *lxc_init(const char *name, const char *rcfile) ++struct lxc_handler *lxc_init(const char *name, struct lxc_conf *conf) + { + struct lxc_handler *handler; + +@@ -240,36 +240,20 @@ struct lxc_handler *lxc_init(const char *name, const char *rcfile) + + memset(handler, 0, sizeof(*handler)); + ++ handler->conf = conf; ++ + /* Begin the set the state to STARTING*/ + if (lxc_set_state(name, handler, STARTING)) { + ERROR("failed to set state '%s'", lxc_state2str(STARTING)); + goto out_free; + } + +- if (lxc_conf_init(&handler->conf)) { +- ERROR("failed to initialize the configuration"); +- goto out_aborting; +- } +- +- if (rcfile) { +- if (access(rcfile, F_OK)) { +- ERROR("failed to access '%s'", rcfile); +- goto out_aborting; +- } +- +- if (lxc_config_read(rcfile, &handler->conf)) { +- ERROR("failed to read '%s'", rcfile); +- goto out_aborting; +- } +- } +- +- if (console_init(handler->conf.console, +- sizeof(handler->conf.console))) { ++ if (console_init(conf->console, sizeof(conf->console))) { + ERROR("failed to initialize the console"); + goto out_aborting; + } + +- if (lxc_create_tty(name, &handler->conf)) { ++ if (lxc_create_tty(name, conf)) { + ERROR("failed to create the ttys"); + goto out_aborting; + } +@@ -294,7 +278,7 @@ out: + return handler; + + out_delete_tty: +- lxc_delete_tty(&handler->conf.tty_info); ++ lxc_delete_tty(&conf->tty_info); + out_aborting: + lxc_set_state(name, handler, ABORTING); + out_free: +@@ -313,7 +297,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler) + lxc_unlink_nsgroup(name); + + if (handler) { +- lxc_delete_tty(&handler->conf.tty_info); ++ lxc_delete_tty(&handler->conf->tty_info); + free(handler); + } + +@@ -366,7 +350,7 @@ static int do_start(void *arg) + } + + /* Setup the container, ip, names, utsname, ... */ +- if (lxc_setup(name, &handler->conf)) { ++ if (lxc_setup(name, handler->conf)) { + ERROR("failed to setup the container"); + goto out_warn_father; + } +@@ -414,14 +398,14 @@ int lxc_spawn(const char *name, struct lxc_handler *handler, char *const argv[]) + } + + clone_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|CLONE_NEWNS; +- if (!lxc_list_empty(&handler->conf.network)) { ++ if (!lxc_list_empty(&handler->conf->network)) { + + clone_flags |= CLONE_NEWNET; + + /* that should be done before the clone because we will + * fill the netdev index and use them in the child + */ +- if (lxc_create_network(&handler->conf.network)) { ++ if (lxc_create_network(&handler->conf->network)) { + ERROR("failed to create the network"); + goto out_close; + } +@@ -447,7 +431,7 @@ int lxc_spawn(const char *name, struct lxc_handler *handler, char *const argv[]) + + /* Create the network configuration */ + if (clone_flags & CLONE_NEWNET) { +- if (lxc_assign_network(&handler->conf.network, handler->pid)) { ++ if (lxc_assign_network(&handler->conf->network, handler->pid)) { + ERROR("failed to create the configured network"); + goto out_abort; + } +@@ -486,13 +470,13 @@ out_abort: + goto out_close; + } + +-int lxc_start(const char *name, char *const argv[], const char *rcfile) ++int lxc_start(const char *name, char *const argv[], struct lxc_conf *conf) + { + struct lxc_handler *handler; + int err = -1; + int status; + +- handler = lxc_init(name, rcfile); ++ handler = lxc_init(name, conf); + if (!handler) { + ERROR("failed to initialize the container"); + return -1; +diff --git a/src/lxc/start.h b/src/lxc/start.h +index 3390411..ba55562 100644 +--- a/src/lxc/start.h ++++ b/src/lxc/start.h +@@ -34,10 +34,10 @@ struct lxc_handler { + int sigfd; + char nsgroup[MAXPATHLEN]; + sigset_t oldmask; +- struct lxc_conf conf; ++ struct lxc_conf *conf; + }; + +-extern struct lxc_handler *lxc_init(const char *name, const char *rcfile); ++extern struct lxc_handler *lxc_init(const char *name, struct lxc_conf *); + extern int lxc_spawn(const char *name, struct lxc_handler *handler, + char *const argv[]); + +-- +cgit v0.8.3 diff --git a/app-emulation/lxc/lxc-0.6.3.ebuild b/app-emulation/lxc/lxc-0.6.3.ebuild deleted file mode 100644 index b05c600fd155..000000000000 --- a/app-emulation/lxc/lxc-0.6.3.ebuild +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/lxc-0.6.3.ebuild,v 1.2 2009/11/14 19:23:22 swegener Exp $ - -EAPI="2" - -inherit autotools eutils linux-info - -DESCRIPTION="Linux Resource Containers Userspace Tools" -HOMEPAGE="http://lxc.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" -LICENSE="LGPL-2.1" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="" - -RDEPEND="sys-libs/libcap" -DEPEND="${RDEPEND} - sys-kernel/linux-headers - app-text/docbook-sgml-utils" - -# TODO: -# - add checks for the various kernel features which have to be enabled - -CONFIG_CHECK="CGROUPS CGROUP_NS NAMESPACES UTS_NS IPC_NS USER_NS PID_NS NET_NS" - -src_prepare() { - epatch "${FILESDIR}/0.6.2-as-needed.patch" - eautoreconf -} - -src_configure() { - econf --localstatedir=/var --bindir=/usr/sbin --disable-static -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - dodoc AUTHORS ChangeLog CONTRIBUTING MAINTAINERS NEWS README TODO doc/FAQ.txt || die - - # The default files installed in /etc/lxc are just samples; - # install them as documentation instead. - mv "${D}"/etc/lxc "${D}"/usr/share/doc/${PF}/config-examples || die - keepdir /etc/lxc /var/lib/lxc - - rm "${D}"/usr/sbin/lxc-{setcap,ls} - - find "${D}" -name '*.la' -delete -} - -pkg_postinst() { - ewarn "You may have to enable more than the kernel features this ebuild" - ewarn "already checked for, depending on what you want to use." - elog "If you want network you definetely have to enable the veth module" - elog "and possibly also the macvlan (depending on how you want to do it)." - elog "If you want the to be able to freeze containers you will also want" - elog "the cgroup freezer." -} diff --git a/app-emulation/lxc/lxc-0.6.4-r1.ebuild b/app-emulation/lxc/lxc-0.6.4-r1.ebuild new file mode 100644 index 000000000000..24ae5f97d000 --- /dev/null +++ b/app-emulation/lxc/lxc-0.6.4-r1.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/lxc-0.6.4-r1.ebuild,v 1.1 2009/12/07 11:39:11 flameeyes Exp $ + +EAPI="2" + +inherit eutils linux-info versionator base + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="http://lxc.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +KEYWORDS="~amd64 ~x86" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="+doc examples" + +RDEPEND="sys-libs/libcap" + +DEPEND="${RDEPEND} + doc? ( app-text/docbook-sgml-utils ) + >=sys-kernel/linux-headers-2.6.29" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_NS ~CPUSETS ~CGROUP_CPUACCT + ~RESOURCE_COUNTERS ~CGROUP_MEM_RES_CTLR + ~CGROUP_SCHED + + ~NAMESPACES + ~IPC_NS ~USER_NS ~PID_NS + + ~SECURITY_FILE_CAPABILITIES + ~DEVPTS_MULTIPLE_INSTANCES + ~CGROUP_FREEZER + ~UTS_NS ~NET_NS + ~VETH ~MACVLAN" + +ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES: needed for pts inside container" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" + +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" + +ERROR_VETH="CONFIG_VETH: needed for internal (inter-container) networking" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" + +PATCHES=( + "${FILESDIR}"/${P}-lxc.network.pair.patch + "${FILESDIR}"/${P}-move-rcfile.patch + "${FILESDIR}"/${P}-fix-full-system.patch +) + +src_configure() { + econf \ + --localstatedir=/var \ + --bindir=/usr/sbin \ + --docdir=/usr/share/doc/${PF} \ + --with-config-path=/etc/lxc \ + $(use_enable doc) \ + $(use_enable examples) \ + || die "configure failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "install failed" + + dodoc AUTHORS CONTRIBUTING MAINTAINERS \ + NEWS TODO README doc/FAQ.txt || die "dodoc failed" + + rm -r "${D}"/etc/lxc "${D}"/usr/sbin/lxc-{setcap,ls} + + keepdir /etc/lxc + + find "${D}" -name '*.la' -delete +} |