lxc: bump to 4.0.2
Signed-off-by: Robert Marko <robert.marko@sartura.hr> Signed-off-by: Marijan Svalina <marijan.svalina@sartura.hr> Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
This commit is contained in:
parent
34a4678db3
commit
9f43594e3a
|
@ -32,6 +32,7 @@ config LXC_BUSYBOX_OPTIONS
|
||||||
select BUSYBOX_CONFIG_XZ
|
select BUSYBOX_CONFIG_XZ
|
||||||
select BUSYBOX_CONFIG_GETOPT
|
select BUSYBOX_CONFIG_GETOPT
|
||||||
select BUSYBOX_CONFIG_FEATURE_GETOPT_LONG
|
select BUSYBOX_CONFIG_FEATURE_GETOPT_LONG
|
||||||
|
select BUSYBOX_CONFIG_MOUNTPOINT
|
||||||
help
|
help
|
||||||
Select needed busybox options for lxc-create utility. This include XZ tar
|
Select needed busybox options for lxc-create utility. This include XZ tar
|
||||||
compression, long option support for tar and built-in getopt support.
|
compression, long option support for tar and built-in getopt support.
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#
|
#
|
||||||
# Copyright (C) 2013-2015 OpenWrt.org
|
# Copyright (C) 2013-2015 OpenWrt.org
|
||||||
|
# Copyright (C) 2020 Sartura
|
||||||
#
|
#
|
||||||
# This is free software, licensed under the GNU General Public License v2.
|
# This is free software, licensed under the GNU General Public License v2.
|
||||||
# See /LICENSE for more information.
|
# See /LICENSE for more information.
|
||||||
|
@ -8,12 +9,12 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=lxc
|
PKG_NAME:=lxc
|
||||||
PKG_VERSION:=2.1.1
|
PKG_VERSION:=4.0.2
|
||||||
PKG_RELEASE:=5
|
PKG_RELEASE:=1
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||||
PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/
|
PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/
|
||||||
PKG_HASH:=68663a67450a8d6734e137eac54cc7077209fb15c456eec401a2c26e6386eff6
|
PKG_HASH:=ca336dcdf303fea5ff231d89a9b6278b061c4cffb14f0db0a71a15bdd95a5cb0
|
||||||
|
|
||||||
PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0
|
PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0
|
||||||
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
|
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
|
||||||
|
@ -45,7 +46,7 @@ define Package/lxc/Default
|
||||||
SECTION:=utils
|
SECTION:=utils
|
||||||
CATEGORY:=Utilities
|
CATEGORY:=Utilities
|
||||||
TITLE:=LXC userspace tools
|
TITLE:=LXC userspace tools
|
||||||
URL:=http://lxc.sourceforge.net/
|
URL:=https://linuxcontainers.org/
|
||||||
endef
|
endef
|
||||||
|
|
||||||
define Package/lxc
|
define Package/lxc
|
||||||
|
@ -124,7 +125,7 @@ define Package/liblxc
|
||||||
SECTION:=libs
|
SECTION:=libs
|
||||||
CATEGORY:=Libraries
|
CATEGORY:=Libraries
|
||||||
TITLE:=LXC userspace library
|
TITLE:=LXC userspace library
|
||||||
DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp
|
DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp +libopenssl
|
||||||
endef
|
endef
|
||||||
|
|
||||||
define Package/lxc-lua
|
define Package/lxc-lua
|
||||||
|
@ -150,6 +151,9 @@ CONFIGURE_ARGS += \
|
||||||
--enable-lua=yes \
|
--enable-lua=yes \
|
||||||
--with-lua-pc="$(STAGING_DIR)/usr/lib/pkgconfig/lua.pc"
|
--with-lua-pc="$(STAGING_DIR)/usr/lib/pkgconfig/lua.pc"
|
||||||
|
|
||||||
|
TARGET_CFLAGS += -Wno-format-nonliteral
|
||||||
|
TARGET_LDFLAGS += -lgcc_eh
|
||||||
|
|
||||||
ifeq ($(CONFIG_LXC_SECCOMP),y)
|
ifeq ($(CONFIG_LXC_SECCOMP),y)
|
||||||
CONFIGURE_ARGS += --enable-seccomp
|
CONFIGURE_ARGS += --enable-seccomp
|
||||||
else
|
else
|
||||||
|
|
|
@ -58,3 +58,14 @@ stop() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#Export systemd cgroups
|
||||||
|
boot() {
|
||||||
|
if [ ! -d /sys/fs/cgroup/systemd ]; then
|
||||||
|
mkdir -p /sys/fs/cgroup/systemd
|
||||||
|
mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,none,name=systemd cgroup /sys/fs/cgroup/systemd
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -d /run ]; then
|
||||||
|
ln -s /var/run /run
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
From c8f05589644d6b719e5a2c7fc548604f248be9be Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
|
|
||||||
Date: Sun, 29 Jul 2018 17:44:06 +0200
|
|
||||||
Subject: [PATCH] nl: avoid NULL pointer dereference
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
It's a valid case to call nla_put() with NULL data and 0 len. It's done e.g. in
|
|
||||||
the nla_put_attr().
|
|
||||||
|
|
||||||
There has to be a check for data in nla_put() as passing NULL to the memcpy()
|
|
||||||
is not allowed. Even if length is 0, both pointers have to be valid.
|
|
||||||
|
|
||||||
For a reference see C99 standard (7.21.1/2), it says: "pointer arguments on
|
|
||||||
such a call shall still have valid values".
|
|
||||||
|
|
||||||
Reported-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
|
|
||||||
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
||||||
[christian.brauner@ubuntu.com: adapted commit message]
|
|
||||||
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
|
||||||
---
|
|
||||||
src/lxc/nl.c | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
--- a/src/lxc/nl.c
|
|
||||||
+++ b/src/lxc/nl.c
|
|
||||||
@@ -61,7 +61,8 @@ static int nla_put(struct nlmsg *nlmsg,
|
|
||||||
rta = NLMSG_TAIL(nlmsg->nlmsghdr);
|
|
||||||
rta->rta_type = attr;
|
|
||||||
rta->rta_len = rtalen;
|
|
||||||
- memcpy(RTA_DATA(rta), data, len);
|
|
||||||
+ if (data && len)
|
|
||||||
+ memcpy(RTA_DATA(rta), data, len);
|
|
||||||
nlmsg->nlmsghdr->nlmsg_len = tlen;
|
|
||||||
return 0;
|
|
||||||
}
|
|
|
@ -1,10 +0,0 @@
|
||||||
--- a/src/lxc/storage/aufs.h
|
|
||||||
+++ b/src/lxc/storage/aufs.h
|
|
||||||
@@ -24,7 +24,6 @@
|
|
||||||
#ifndef __LXC_AUFS_H
|
|
||||||
#define __LXC_AUFS_H
|
|
||||||
|
|
||||||
-#define _GNU_SOURCE
|
|
||||||
#include <stdbool.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdint.h>
|
|
|
@ -1,11 +0,0 @@
|
||||||
--- a/src/lxc/confile_utils.c
|
|
||||||
+++ b/src/lxc/confile_utils.c
|
|
||||||
@@ -677,7 +677,7 @@
|
|
||||||
char *endptr = NULL;
|
|
||||||
|
|
||||||
if (strncmp(*value, "unlimited", sizeof("unlimited") - 1) == 0) {
|
|
||||||
- *res = RLIM_INFINITY;
|
|
||||||
+ *res = (unsigned long)RLIM_INFINITY;
|
|
||||||
*value += sizeof("unlimited") - 1;
|
|
||||||
return true;
|
|
||||||
}
|
|
|
@ -1,13 +1,23 @@
|
||||||
|
From 9f550ca53801b2b9c6c1c7a4d02ad525c704b145 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Robert Marko <robert.marko@sartura.hr>
|
||||||
|
Date: Thu, 14 May 2020 13:40:53 +0200
|
||||||
|
Subject: [PATCH] Remove distro check
|
||||||
|
|
||||||
|
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
|
||||||
|
---
|
||||||
|
configure.ac | 28 ----------------------------
|
||||||
|
1 file changed, 28 deletions(-)
|
||||||
|
|
||||||
--- a/configure.ac
|
--- a/configure.ac
|
||||||
+++ b/configure.ac
|
+++ b/configure.ac
|
||||||
@@ -47,34 +47,6 @@ AC_GNU_SOURCE
|
@@ -64,34 +64,6 @@ fi
|
||||||
LT_INIT
|
LT_INIT
|
||||||
AC_SUBST([LIBTOOL_DEPS])
|
AC_SUBST([LIBTOOL_DEPS])
|
||||||
|
|
||||||
-# Detect the distribution. This is used for the default configuration and
|
-# Detect the distribution. This is used for the default configuration and
|
||||||
-# for some distro-specific build options.
|
-# for some distro-specific build options.
|
||||||
-AC_MSG_CHECKING([host distribution])
|
-AC_MSG_CHECKING([host distribution])
|
||||||
-AC_ARG_WITH(distro, AS_HELP_STRING([--with-distro=DISTRO], [Specify the Linux distribution to target: One of redhat, oracle, centos, fedora, suse, gentoo, debian, arch, slackware, plamo, paldo, openmandriva, pardus, sparclinux, altlinux.]))
|
-AC_ARG_WITH(distro, AS_HELP_STRING([--with-distro=DISTRO], [Specify the Linux distribution to target: One of redhat, redhatenterpriseserver, oracle, centos, fedora, suse, gentoo, debian, arch, slackware, plamo, paldo, openmandriva, pardus, sparclinux, altlinux.]))
|
||||||
-if type lsb_release >/dev/null 2>&1 && test "z$with_distro" = "z"; then
|
-if type lsb_release >/dev/null 2>&1 && test "z$with_distro" = "z"; then
|
||||||
- with_distro=`lsb_release -is`
|
- with_distro=`lsb_release -is`
|
||||||
-fi
|
-fi
|
|
@ -1,6 +1,6 @@
|
||||||
--- a/src/lxc/utils.h
|
--- a/src/lxc/utils.h
|
||||||
+++ b/src/lxc/utils.h
|
+++ b/src/lxc/utils.h
|
||||||
@@ -59,11 +59,7 @@ extern int mkdir_p(const char *dir, mode_t mode);
|
@@ -35,11 +35,7 @@ extern int mkdir_p(const char *dir, mode
|
||||||
extern char *get_rundir(void);
|
extern char *get_rundir(void);
|
||||||
|
|
||||||
/* Define getline() if missing from the C library */
|
/* Define getline() if missing from the C library */
|
||||||
|
@ -11,5 +11,5 @@
|
||||||
-#endif
|
-#endif
|
||||||
+#include "../include/getline.h"
|
+#include "../include/getline.h"
|
||||||
|
|
||||||
/* Define setns() if missing from the C library */
|
static inline int lxc_set_cloexec(int fd)
|
||||||
#ifndef HAVE_SETNS
|
{
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
--- a/src/lxc/tools/lxc-checkconfig.in
|
--- a/src/lxc/cmd/lxc-checkconfig.in
|
||||||
+++ b/src/lxc/tools/lxc-checkconfig.in
|
+++ b/src/lxc/cmd/lxc-checkconfig.in
|
||||||
@@ -3,6 +3,17 @@
|
@@ -4,6 +4,17 @@
|
||||||
# Allow environment variables to override config
|
# Allow environment variables to override config
|
||||||
: ${CONFIG:=/proc/config.gz}
|
: ${CONFIG:=/proc/config.gz}
|
||||||
: ${MODNAME:=configs}
|
: ${MODNAME:=configs}
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
--- a/templates/lxc-download.in
|
--- a/templates/lxc-download.in
|
||||||
+++ b/templates/lxc-download.in
|
+++ b/templates/lxc-download.in
|
||||||
@@ -505,20 +505,7 @@ fi
|
@@ -506,20 +506,7 @@ fi
|
||||||
# Unpack the rootfs
|
# Unpack the rootfs
|
||||||
echo "Unpacking the rootfs"
|
echo "Unpacking the rootfs"
|
||||||
|
|
||||||
-EXCLUDES=""
|
-EXCLUDES=""
|
||||||
-excludelist=$(relevant_file excludes)
|
-excludelist=$(relevant_file excludes)
|
||||||
-if [ -f "${excludelist}" ]; then
|
-if [ -f "${excludelist}" ]; then
|
||||||
- while read -r line; do
|
- while read -r line; do
|
||||||
- EXCLUDES="${EXCLUDES} --exclude=${line}"
|
- EXCLUDES="${EXCLUDES} --exclude=${line}"
|
||||||
- done < "${excludelist}"
|
- done < "${excludelist}"
|
||||||
-fi
|
-fi
|
||||||
-
|
-
|
||||||
-# Do not surround ${EXCLUDES} by quotes. This does not work. The solution could
|
-# Do not surround ${EXCLUDES} by quotes. This does not work. The solution could
|
||||||
|
@ -17,8 +17,8 @@
|
||||||
-# is to use a function wrapper, but the latter can't be used here as the args
|
-# is to use a function wrapper, but the latter can't be used here as the args
|
||||||
-# are dynamic. We thus need to ignore the warning brought by shellcheck.
|
-# are dynamic. We thus need to ignore the warning brought by shellcheck.
|
||||||
-# shellcheck disable=SC2086
|
-# shellcheck disable=SC2086
|
||||||
-tar --anchored ${EXCLUDES} --numeric-owner -xpJf \
|
-tar --anchored ${EXCLUDES} --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
|
||||||
+tar --numeric-owner -xpJf \
|
+tar --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
|
||||||
"${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
|
|
||||||
|
|
||||||
mkdir -p "${LXC_ROOTFS}/dev/pts/"
|
mkdir -p "${LXC_ROOTFS}/dev/pts/"
|
||||||
|
|
||||||
|
|
|
@ -1,95 +0,0 @@
|
||||||
From f48b5fd8ab03c200eaf5e3a9b03bcd01b2659cf3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
||||||
Date: Thu, 2 Nov 2017 16:00:33 +0100
|
|
||||||
Subject: [PATCH] Fix compilation on toolchain without prlimit
|
|
||||||
|
|
||||||
Some toolchains which are not bionic like uclibc does not support
|
|
||||||
prlimit or prlimit64. In this case, return an error.
|
|
||||||
Moreover, if prlimit64 is available, use lxc implementation of prlimit.
|
|
||||||
|
|
||||||
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
||||||
---
|
|
||||||
configure.ac | 4 ++++
|
|
||||||
src/lxc/Makefile.am | 6 ++++++
|
|
||||||
src/lxc/conf.c | 12 +++++++++---
|
|
||||||
3 files changed, 19 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 642b78e7e1..63df7466cb 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -643,6 +643,10 @@ AC_CHECK_FUNCS([prlimit],
|
|
||||||
AM_CONDITIONAL(HAVE_PRLIMIT, true)
|
|
||||||
AC_DEFINE(HAVE_PRLIMIT,1,[Have prlimit]),
|
|
||||||
AM_CONDITIONAL(HAVE_PRLIMIT, false))
|
|
||||||
+AC_CHECK_FUNCS([prlimit64],
|
|
||||||
+ AM_CONDITIONAL(HAVE_PRLIMIT64, true)
|
|
||||||
+ AC_DEFINE(HAVE_PRLIMIT64,1,[Have prlimit64]),
|
|
||||||
+ AM_CONDITIONAL(HAVE_PRLIMIT64, false))
|
|
||||||
|
|
||||||
# Check for some libraries
|
|
||||||
AC_SEARCH_LIBS(sem_open, [rt pthread])
|
|
||||||
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
|
|
||||||
index fff32ae4f3..8f0c11ecae 100644
|
|
||||||
--- a/src/lxc/Makefile.am
|
|
||||||
+++ b/src/lxc/Makefile.am
|
|
||||||
@@ -45,7 +45,10 @@ noinst_HEADERS += \
|
|
||||||
../include/ifaddrs.h \
|
|
||||||
../include/openpty.h \
|
|
||||||
../include/lxcmntent.h
|
|
||||||
+endif
|
|
||||||
+
|
|
||||||
if !HAVE_PRLIMIT
|
|
||||||
+if HAVE_PRLIMIT64
|
|
||||||
noinst_HEADERS += ../include/prlimit.h
|
|
||||||
endif
|
|
||||||
endif
|
|
||||||
@@ -142,7 +145,10 @@ liblxc_la_SOURCES += \
|
|
||||||
../include/ifaddrs.c ../include/ifaddrs.h \
|
|
||||||
../include/openpty.c ../include/openpty.h \
|
|
||||||
../include/lxcmntent.c ../include/lxcmntent.h
|
|
||||||
+endif
|
|
||||||
+
|
|
||||||
if !HAVE_PRLIMIT
|
|
||||||
+if HAVE_PRLIMIT64
|
|
||||||
liblxc_la_SOURCES += ../include/prlimit.c ../include/prlimit.h
|
|
||||||
endif
|
|
||||||
endif
|
|
||||||
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
|
|
||||||
index 44d9784303..8a66f2d02c 100644
|
|
||||||
--- a/src/lxc/conf.c
|
|
||||||
+++ b/src/lxc/conf.c
|
|
||||||
@@ -100,13 +100,14 @@
|
|
||||||
|
|
||||||
#if IS_BIONIC
|
|
||||||
#include <../include/lxcmntent.h>
|
|
||||||
-#ifndef HAVE_PRLIMIT
|
|
||||||
-#include <../include/prlimit.h>
|
|
||||||
-#endif
|
|
||||||
#else
|
|
||||||
#include <mntent.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#if !defined(HAVE_PRLIMIT) && defined(HAVE_PRLIMIT64)
|
|
||||||
+#include <../include/prlimit.h>
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
lxc_log_define(lxc_conf, lxc);
|
|
||||||
|
|
||||||
#if HAVE_LIBCAP
|
|
||||||
@@ -2457,10 +2458,15 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#if HAVE_PRLIMIT || HAVE_PRLIMIT64
|
|
||||||
if (prlimit(pid, resid, &lim->limit, NULL) != 0) {
|
|
||||||
ERROR("failed to set limit %s: %s", lim->resource, strerror(errno));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
+#else
|
|
||||||
+ ERROR("Cannot set limit %s as prlimit is missing", lim->resource);
|
|
||||||
+ return -1;
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
return 0;
|
|
||||||
}
|
|
Loading…
Reference in New Issue