doc: Try to clear some confusion about lxc.conf Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

lxc.conf: note the 'lxc.network.type = none' option Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

doc: Update lxc.conf(5) * Update Japanese lxc.conf(5) for commit 508c263ee6ed2fac73f6979af287caba38963b4b * Remove duplicate line in English lxc.conf(5) Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

This change introduce mac address templating. By setting lxc.network.hwaddr to something like fe:xx:xx:xx:xx:xx each "x" will be replaced by a random value. If less significant bit of first byte is "templated", it will be set to 0. This change introduce also a common randinit() function that could be used to initialize random generator. Signed-off-by: gza <lxc@zitta.fr> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>

ensure all config items are duplicated on clone/write_config Since previously I had found a config item that wasn't being propagated by lxc-clone, I went through all the config items and made sure that: a) Each item is documented in lxc.conf b) Each item is written out by write_config The only one that isn't is lxc.include, which by its nature only pulls in other config item types. Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

add lxc.haltsignal for soft shutdown - use this in the busybox template since busybox's init expects to receive SIGUSR1 to halt - fix lxc.stopsignal to be output by write_config so lxcapi_clone() and lxcapi_save_config() will output it Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

autostart: Define lxc.start.* and lxc.group First patch in the set of changes required for container autostart. This commit adds the new configuration keys and parsers that will then be used by lxc-start and lxc-stop. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> Acked-by: Dwight Engen <dwight.engen@oracle.com>

Fix typos identified by lintian Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

fix errors when using docbook2man docbook2man picks up some errors that docbook2x does not, fixing them isn't harmful to docbook2x. The only real change is adding <para> and <citerefentry> tags. Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

doc: Fix some typos Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Automatic mounting: document options in lxc.conf(5) manpage Signed-off-by: Christian Seiler <christian@iwakd.de> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

refactor AppArmor into LSM backend, add SELinux support Currently, a maximum of one LSM within LXC will be initialized and used. If in the future stacked LSMs become a reality, we can support it without changing the configuration syntax and add support for more than a single LSM at a time to the lsm code. Generic LXC code should note that lsm_process_label_set() will take effect "now" for AppArmor, and upon exec() for SELinux. - fix Oracle template mounting of proc and sysfs, needed when using SELinux Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Fix some typos Signed-off-by: KATOH Yasufumi karma@jazz.email.ne.jp Acked-by: Stéphane Graber <stgraber@ubuntu.com>

introduce lxc.cap.keep The lxc configuration file currently supports 'lxc.cap.drop', a list of capabilities to be dropped (using the bounding set) from the container. The problem with this is that over time new capabilities are added. So an older container configuration file may, over time, become insecure. Walter has in the past suggested replacing lxc.cap.drop with lxc.cap.preserve, which would have the inverse sense - any capabilities in that set would be kept, any others would be dropped. Realistically both have the same problem - the sendmail capabilities bug proved that running code with unexpectedly dropped privilege can be dangerous. This patch gives the admin a choice: You can use either lxc.cap.keep or lxc.cap.drop, not both. Both continue to be ignored if a user namespace is in use. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

licensing: Add missing headers and FSF address Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Fix some typos Signed-off-by: Dmitry Shachnev <mitya57@ubuntu.com> Reported-by: Vincent Ladeuil Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Remove all trailing whitespaces Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

lxc.conf.sgml.in: note the arguments and environment variables passed to hooks Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

lxc.conf.sgml.in: fill in missing configuration file statements Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

document clone hooks Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

doc/lxc.conf minor clarifications Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

fix building docs Commit 69fe23ff added checking for the older docbook2man back into configure, but this breaks building the docs on at least Oracle Linux and Fedora when docbook2X is not installed as docbook2man will be found but the docs don't actually build with that tool. This change makes it so the docs can be built with either the older docbook2man or the newer 2X tools by using configure to set the dtd string to an appropriate value depending on use of docbook2man or db2x_docbook2man. Also fixed a small error in lxc-destroy.sgml.in that was noticed by the old tools. Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

lxc.conf: Add reference to capabilities manpage This adds a reference to capabilities(7) to the lxc.conf manpage. Signed-off-by: Tomáš Pospíšek <tpo_deb@sourcepole.ch> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Change author email address Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr>

default kmsg symlinking to on, and document lxc.kmsg Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Add lxc.stopsignal config option I remember discussion about implementing proper way to shutdown guests using different signals, so here's a patch proposal. It allows to use specific signal numbers to shutdown guests gracefully, for example SIGRTMIN+4 starts poweroff.target in systemd. Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

make [ug]id map ordering consistent with /proc/<nr>/[ug]id_map The id ordering and case of u,g is also consistent with uidmapshift, reducing confusion. doc: Moved example to the the EXAMPLES section, and used values corresponding to the defaults in the pending shadow-utils subuid patch. Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Implement userid mappings (enable user namespaces) The 3.8 kernel now supporst uid mappings, so I believe it's appropriate to proceed with this patchset. The container config supports new entries of the form: lxc.id_map = U 100000 0 10000 lxc.id_map = G 100000 0 10000 meaning map 'virtual' uids (in the container) 0-10000 to uids 100000-110000 on the host, and same for gids. So long as there are mappings specified in the container config, then CONFIG_NEWUSER will be used when the container is cloned. This means that container setup is no longer done with root privilege on the host, only root privilege in the container. Therefore cgroup setup is moved from the init task to the monitor task. To use this patchset, you currently need to either use the raring kernel at ppa:serge-hallyn/usern-natty, or build your own kernel from either git://kernel.ubuntu.com/serge/quantal-userns.git. (Alternatively you can use Eric's tree at the latest userns-always-map-* branch at git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git but you will likely want to at least enable tmpfs mounts in user namespaces) You also need to chown the files in the container rootfs into the mapped range. There is a utility at https://code.launchpad.net/~serge-hallyn/+junk/nsexec to do this. uidmapshift does the chowning, while the container-userns-convert script nicely wraps that program. So I simply sudo lxc-create -t ubuntu -n r1 sudo container-userns-convert r1 200000 will create a container which is shifted so uid 0 in the container is uid 200000 on the host. TODO: when doing setuid(0), need to only do that if 0 is one of the ids we map to. Similarly, when dropping capabilities, need to only not do that if 0 is one of the ids we map to. However, the question of what to do for 'weird' containers in private user namespaces is one I'm punting for later. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

MAKEDEV call, add autodev hooks, add environment variables for hook scripts. Ok... Here's the patch again. Since Serge is removing the loglevel structure member, this patch no longer references that element. From the original description: 1) Removes run_makedev() and the call to it from conf.c per discussion. 2) Adds an lxc.hook.autodev hook. Note: This hook is very close (one routine level abstracted) from where the run_makedev was called. Anyone really rrreeeaaalllyyy needing MAKEDEV can add it in with a small shim script to do whatever they want under whatever distro they're using, so no functionality is lost there. 3) Added a number of environment variables for all the hook scripts to reference to assist in execution. Things like LXC_ROOTFS_MOUNT could be very useful but others were added as well. Room for more if anyone has an itch. All in one spot in lxc_start.c. 4) clearenv and putenv( "container=lxc" ) calls were moved to just after the "start" hook in the container just prior to actually firing up the container so we could use environment variables prior to that and have them flushed them before firing up init. Nice side effect is that you can define environment variables and then call lxc-start and have them show up in those hooks scripts. 5) I actually DID update the man page for lxc.conf! I guess I lied when I said I wouldn't get that done. [... and ...] I added the rcfile to the lxc_conf structure as suggested and moved the setenv bundle from lxc-start.c over to start.c just prior to calling run_lxc_hooks for the pre-start hook. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Remove all trailing whitespaces. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

lxc.conf.sgml.in: Fix typo Fix a typo in the previous lxc.conf.sgml.in change. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Add lxc.autodev Add a container config option to mount and populate /dev in a container. We might want to add options to specify a max size for /dev other than the default 100k, and to specify other devices to create. And maybe someone can think of a better name than autodev. Changelog: Don't error out if we couldn't mknod a /dev/ttyN. Changelog: Describe the option in lxc.conf manpage. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Update documentation to Docbook 4.5 The package 'docbook-tools' [1] required to format Docbook 3.0 into man pages has been obsoleted a long time ago and can no longer be downloaded from its former homepage. Recent versions of that package -- now called 'docbook2X' --, cannot deal with that old markup format anymore (and don't support the '-w all' command line switch either). To remedy these issues, all SGML files have been updated to Docbook 4.5 so that recent versions of docbook2man can process them. [1] http://sources.redhat.com/docbook-tools/ [2] http://docbook2x.sourceforge.net/ Signed-off-by: Peter Simons <simons@cryp.to> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Revert "Update documentation to Docbook 4.5" This reverts commit 9a84044bc97098821cce2721ea40a1368f17a091. The changes made the branch to fail to build on Ubuntu/Debian, so reverting the commits and re-opening the pull request. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Update documentation to Docbook 4.5 The package 'docbook-tools' [1] required to format Docbook 3.0 into man pages has been obsoleted a long time ago and can no longer be downloaded from its former homepage. Recent versions of that package -- now called 'docbook2X' --, cannot deal with that old markup format anymore (and don't support the '-w all' command line switch either). To remedy these issues, all SGML files have been updated to Docbook 4.5 so that recent versions of docbook2man can process them. [1] http://sources.redhat.com/docbook-tools/ [2] http://docbook2x.sourceforge.net/ Signed-off-by: Peter Simons <simons@cryp.to>

premount hook is implemented in git Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

document lxc.hooks in lxc.conf manpage Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Add network-down script Analogously to lxc.network.script.up, add the ability to register a down script. It is called before the guest network is finally destroyed, allowing to clean up resources that are not reset/destroyed automatically. Parameters of the down script are identical to the up script except for the execution context "down". Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Change ipv4 addresses in the configuration examples Use non-routed, private IPv4 address in documentation examples (Closes: #571525). Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

Update manpages to reflect some updated options. (which reminds me a lxc-clone manpage still needs to be written) Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

.gateway options Man for the gateway option. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

explicitly do not use the console If the keyword 'none' is specified for the console name, lxc will ignore creating a console. That allows to have a rootfs but without a console. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

update configuration wrt to the broadcast address Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

update the man page with the net script hook Update the man page wrt the hook script added for the host side network configuration. Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr>

update the lxc.conf man page Update the man page regarding the image or block device supported as a rootfs. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

configure container architecture When a container is installed with 32bits binaries while we are running on a 64bits host, inside the container we are seen as 64bits arch. That leads to some problems for the package updates because the scripts will download 64bits packages instead of 32bits. This patch defines a configuration variable to set the architecture of the container. lxc.arch = i686 | x86 | x86_64 | amd64 Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

add lxc.console documentation Add missing documenation about the console output. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

change pivotdir default to mnt The mnt directory has a good chance to already exist in the new root filesystem, so creation and removal can be avoided. This also eases use of read only root filesystems (no configuration necessary). Signed-off-by: Ferenc Wagner <wferi@niif.hu> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

document rootfs options Signed-off-by: Ferenc Wagner <wferi@niif.hu> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

man update lxc.conf reformating given examples and add reference to examples directory. Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

version 0.6.5 Increment to 0.6.5 version. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

drop capabilities Hello everyone! I've written a patch which adds a new config keyword 'lxc.cap.drop'. This keyword allows to specify capabilities which are dropped before executing the container binary. Example: lxc.cap.drop = sys_chroot lxc.cap.drop = mknod lxc.cap.drop = sys_module or specify in a single line: lxc.cap.drop = sys_chroot mknod sys_module Reworked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Michael Holzt <lxc@my.fqdn.org> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

fix manpage typo Fix and clarify some parts of the lxc.conf man page. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

add macvlan vepa and bridge mode The future kernel 2.6.33 will incorporate the macvlan bridge mode where all the macvlan will be able to communicate if they are using the same physical interface. This is an interesting feature to have containers to communicate together. If we are outside of the container, we have to setup a macvlan on the same physical interface than the containers and use it to communicate with them. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

update the man pages Update the man pages regarding the modifications around the configuration option, volatile containers and new configuration file format. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

Rewriting the pts section man for lxc.conf I think this explanation is better. Signed-off-by: Christophe Quintard <christophe.quintard@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

change man pages to use a seealso file for references the common references to lxc man pages are now placed in one file "see_also.sgml.in" Note that the few man pages that refer to man pages that are not lxc ones have two "See Also" paragraph. Signed-off-by: Michel Normand <normand@fr.ibm.com> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

Update the man according new devpts instance From: Daniel Lezcano <dlezcano@fr.ibm.com> Update the man page with the new devpts instance option. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

From: Daniel Lezcano <daniel.lezcano@free.fr> Console support for the system container. Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

Fix some typos From: Daniel Lezcano <dlezcano@fr.ibm.com> Fixed some typos in the man pages Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

Added the man page lxc.conf.5 From: Daniel Lezcano <dlezcano@fr.ibm.com> Added the man page for the lxc.conf configuration file. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>