aboutsummaryrefslogtreecommitdiffstats
path: root/main/lxc
diff options
context:
space:
mode:
Diffstat (limited to 'main/lxc')
-rw-r--r--main/lxc/0001-Support-openvswitch-bridges.patch138
-rw-r--r--main/lxc/0002-fix-typo.patch27
-rw-r--r--main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch134
-rw-r--r--main/lxc/APKBUILD30
4 files changed, 9 insertions, 320 deletions
diff --git a/main/lxc/0001-Support-openvswitch-bridges.patch b/main/lxc/0001-Support-openvswitch-bridges.patch
deleted file mode 100644
index 09f91349f5..0000000000
--- a/main/lxc/0001-Support-openvswitch-bridges.patch
+++ /dev/null
@@ -1,138 +0,0 @@
-From 8acaf18100f3c974cd4a204d531fe0077e95829c Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@ubuntu.com>
-Date: Mon, 21 Jul 2014 17:48:55 -0500
-Subject: [PATCH 1/3] Support openvswitch bridges
-
-We detect whether ovs-vsctl is available. If so, then we support
-adding network interfaces to openvswitch bridges with it.
-
-Note that with this patch, veths do not appear to be removed from the
-openvswitch bridge. This seems a bug in openvswitch, as the veths
-in fact do disappear from the system. If lxc is required to remove
-the port from the bridge manually, that becomes more complicated
-for unprivileged containers, as it would require a setuid-root
-wrapper to be called at shutdown.
-
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-(cherry picked from commit 0d2047716ad6967eb4714b2448a89593dc266cef)
----
- configure.ac | 11 +++++++++++
- src/lxc/Makefile.am | 4 ++++
- src/lxc/network.c | 43 +++++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 58 insertions(+)
-
-diff --git a/configure.ac b/configure.ac
-index 6ec5740..e0efae7 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -192,6 +192,16 @@ fi
-
- AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
-
-+# Openvswitch
-+AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl])
-+if test "x$OVS_CTL_PATH" != "x"; then
-+ enable_ovs="yes"
-+ AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH")
-+else
-+ enable_ovs="no"
-+fi
-+AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"])
-+
- # Apparmor
- AC_ARG_ENABLE([apparmor],
- [AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
-@@ -740,6 +750,7 @@ Environment:
- - rpath: $enable_rpath
- - GnuTLS: $enable_gnutls
- - Bash integration: $enable_bash
-+ - Openvswitch: $enable_ovs
-
- Security features:
- - Apparmor: $enable_apparmor
-diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
-index 92841aa..ddeb37e 100644
---- a/src/lxc/Makefile.am
-+++ b/src/lxc/Makefile.am
-@@ -129,6 +129,10 @@ if ENABLE_APPARMOR
- AM_CFLAGS += -DHAVE_APPARMOR
- endif
-
-+if HAVE_OVS
-+AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\"
-+endif
-+
- if ENABLE_CGMANAGER
- AM_CFLAGS += -DHAVE_CGMANAGER
- endif
-diff --git a/src/lxc/network.c b/src/lxc/network.c
-index a9900de..4270619 100644
---- a/src/lxc/network.c
-+++ b/src/lxc/network.c
-@@ -48,6 +48,7 @@
- #include "nl.h"
- #include "network.h"
- #include "conf.h"
-+#include "utils.h"
-
- #if HAVE_IFADDRS_H
- #include <ifaddrs.h>
-@@ -1170,6 +1171,45 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest)
- return ip_route_dest_add(AF_INET6, ifindex, dest);
- }
-
-+#ifdef HAVE_OVS
-+static bool is_ovs_bridge(const char *bridge)
-+{
-+ char brdirname[22 + IFNAMSIZ + 1] = {0};
-+ struct stat sb;
-+
-+ snprintf(brdirname, 22 +IFNAMSIZ + 1, "/sys/class/net/%s/bridge", bridge);
-+ if (stat(brdirname, &sb) == -1 && errno == ENOENT)
-+ return true;
-+ return false;
-+}
-+
-+static int attach_to_ovs_bridge(const char *bridge, const char *nic)
-+{
-+ pid_t pid;
-+ const char *progname;
-+
-+ pid = fork();
-+ if (pid < 0)
-+ return -1;
-+ if (pid > 0)
-+ return wait_for_pid(pid);
-+
-+ progname = strrchr(OVS_CTL_PATH, '/');
-+ if (!progname) // not sane, should we just fail?
-+ progname = OVS_CTL_PATH;
-+ if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL))
-+ exit(1);
-+ // not reached
-+ exit(1);
-+}
-+#else
-+static inline bool is_ovs_bridge(const char *bridge) { return false; }
-+static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
-+{
-+ retun -1;
-+}
-+#endif
-+
- /*
- * There is a lxc_bridge_attach, but no need of a bridge detach
- * as automatically done by kernel when a netdev is deleted.
-@@ -1186,6 +1226,9 @@ int lxc_bridge_attach(const char *bridge, const char *ifname)
- if (!index)
- return -EINVAL;
-
-+ if (is_ovs_bridge(bridge))
-+ return attach_to_ovs_bridge(bridge, ifname);
-+
- fd = socket(AF_INET, SOCK_STREAM, 0);
- if (fd < 0)
- return -errno;
---
-2.1.2
-
diff --git a/main/lxc/0002-fix-typo.patch b/main/lxc/0002-fix-typo.patch
deleted file mode 100644
index 828e6cb7e9..0000000000
--- a/main/lxc/0002-fix-typo.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From b63fcfdcdcb17474c5ee1a8a62c9a4618cac4410 Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@ubuntu.com>
-Date: Wed, 23 Jul 2014 10:19:24 -0500
-Subject: [PATCH 2/3] fix typo
-
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-(cherry picked from commit f50b163d1d565a9c5f3fbab725b999c5746961ad)
----
- src/lxc/network.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lxc/network.c b/src/lxc/network.c
-index 4270619..dfab159 100644
---- a/src/lxc/network.c
-+++ b/src/lxc/network.c
-@@ -1206,7 +1206,7 @@ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
- static inline bool is_ovs_bridge(const char *bridge) { return false; }
- static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
- {
-- retun -1;
-+ return -1;
- }
- #endif
-
---
-2.1.2
-
diff --git a/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch b/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch
deleted file mode 100644
index ff6085d686..0000000000
--- a/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch
+++ /dev/null
@@ -1,134 +0,0 @@
-From 26e73e11dcf4c59f90dea06fa36749be06202d04 Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@ubuntu.com>
-Date: Fri, 22 Aug 2014 20:29:23 +0000
-Subject: [PATCH 3/3] Update the openvswitch bridge attach code
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-1. don't determine ovs-vsctl path at configure time, do it at runtime
-
-2. lxc-user-nic: set a sane path to protect from unpriv users
-
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-Acked-by: Stéphane Graber <stgraber@ubuntu.com>
-(cherry picked from commit 6ad22d063aa0fdbd77425acd7f9c9de79e5aff3e)
----
- configure.ac | 11 -----------
- src/lxc/Makefile.am | 4 ----
- src/lxc/lxc_user_nic.c | 5 +++++
- src/lxc/network.c | 20 +++++++-------------
- 4 files changed, 12 insertions(+), 28 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index e0efae7..6ec5740 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -192,16 +192,6 @@ fi
-
- AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
-
--# Openvswitch
--AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl])
--if test "x$OVS_CTL_PATH" != "x"; then
-- enable_ovs="yes"
-- AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH")
--else
-- enable_ovs="no"
--fi
--AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"])
--
- # Apparmor
- AC_ARG_ENABLE([apparmor],
- [AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
-@@ -750,7 +740,6 @@ Environment:
- - rpath: $enable_rpath
- - GnuTLS: $enable_gnutls
- - Bash integration: $enable_bash
-- - Openvswitch: $enable_ovs
-
- Security features:
- - Apparmor: $enable_apparmor
-diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
-index ddeb37e..92841aa 100644
---- a/src/lxc/Makefile.am
-+++ b/src/lxc/Makefile.am
-@@ -129,10 +129,6 @@ if ENABLE_APPARMOR
- AM_CFLAGS += -DHAVE_APPARMOR
- endif
-
--if HAVE_OVS
--AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\"
--endif
--
- if ENABLE_CGMANAGER
- AM_CFLAGS += -DHAVE_CGMANAGER
- endif
-diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
-index 64e9d1a..b2a583c 100644
---- a/src/lxc/lxc_user_nic.c
-+++ b/src/lxc/lxc_user_nic.c
-@@ -590,6 +590,11 @@ int main(int argc, char *argv[])
- char *vethname = NULL;
- int pid;
-
-+ /* set a sane path, because we are setuid-root */
-+ if (setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1) < 0) {
-+ fprintf(stderr, "Failed to set PATH, exiting\n");
-+ exit(1);
-+ }
- if ((me = get_username()) == NULL) {
- fprintf(stderr, "Failed to get username\n");
- exit(1);
-diff --git a/src/lxc/network.c b/src/lxc/network.c
-index dfab159..32edfc4 100644
---- a/src/lxc/network.c
-+++ b/src/lxc/network.c
-@@ -1171,7 +1171,6 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest)
- return ip_route_dest_add(AF_INET6, ifindex, dest);
- }
-
--#ifdef HAVE_OVS
- static bool is_ovs_bridge(const char *bridge)
- {
- char brdirname[22 + IFNAMSIZ + 1] = {0};
-@@ -1186,7 +1185,12 @@ static bool is_ovs_bridge(const char *bridge)
- static int attach_to_ovs_bridge(const char *bridge, const char *nic)
- {
- pid_t pid;
-- const char *progname;
-+ char *cmd;
-+
-+ cmd = on_path("ovs-vsctl");
-+ if (!cmd)
-+ return -1;
-+ free(cmd);
-
- pid = fork();
- if (pid < 0)
-@@ -1194,21 +1198,11 @@ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
- if (pid > 0)
- return wait_for_pid(pid);
-
-- progname = strrchr(OVS_CTL_PATH, '/');
-- if (!progname) // not sane, should we just fail?
-- progname = OVS_CTL_PATH;
-- if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL))
-+ if (execlp("ovs-vsctl", "ovs-vsctl", "add-port", bridge, nic, NULL))
- exit(1);
- // not reached
- exit(1);
- }
--#else
--static inline bool is_ovs_bridge(const char *bridge) { return false; }
--static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
--{
-- return -1;
--}
--#endif
-
- /*
- * There is a lxc_bridge_attach, but no need of a bridge detach
---
-2.1.2
-
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD
index 63b3a7d98c..35c10eda24 100644
--- a/main/lxc/APKBUILD
+++ b/main/lxc/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=lxc
-pkgver=1.0.7
+pkgver=1.1.0
_mypkgver=${pkgver/_rc/.rc}
pkgrel=0
pkgdesc="linux containers - tools"
@@ -10,7 +10,8 @@ arch="all"
license="GPL"
depends="bash"
depends_dev="libcap-dev"
-makedepends="$depends_dev lvm2 util-linux automake autoconf libtool lua5.2-dev"
+makedepends="$depends_dev lvm2 util-linux automake autoconf libtool lua5.2-dev
+ linux-headers"
install=""
options="suid"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm lua5.2-lxc:_lua52
@@ -18,10 +19,6 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm lua5.2-lxc:_lua52
source="https://github.com/lxc/lxc/archive/lxc-$_mypkgver.tar.gz
version.patch
lxc.initd
-
- 0001-Support-openvswitch-bridges.patch
- 0002-fix-typo.patch
- 0003-Update-the-openvswitch-bridge-attach-code.patch
"
_builddir="${srcdir}/lxc-lxc-${_mypkgver}"
@@ -89,21 +86,12 @@ dev() {
"$pkgdir"/usr/bin/ || return 1
}
-md5sums="debba05a5d84b632d88a70c36cf97c03 lxc-1.0.7.tar.gz
+md5sums="02a7865eede1cba5a6bb97c2f5e41b37 lxc-1.1.0.tar.gz
79e90616b5049a472ccdcb5b1dcdd8b1 version.patch
-2c21cb054c7f373318e373cfa9e4f78c lxc.initd
-0800600ea0e9a0a4eab5822e8f14d6a2 0001-Support-openvswitch-bridges.patch
-82f16afb2cec1dfca66e4057daf02694 0002-fix-typo.patch
-fc502befeee596d5a1cf78d4f294a3e9 0003-Update-the-openvswitch-bridge-attach-code.patch"
-sha256sums="a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b78ca39a30f8956b0a8f2 lxc-1.0.7.tar.gz
+2c21cb054c7f373318e373cfa9e4f78c lxc.initd"
+sha256sums="216e806f7e18e5bfbc782493a9e44fc255f24a587d6faee94cda848a0b949155 lxc-1.1.0.tar.gz
b6d85fb23940d2511b3951de56b2532843c0e03ec1613548366361cc0c1a46b9 version.patch
-97606cf912818f7ba099d72cb42b25fee44789c1bfd67f1c0150253e86dc6979 lxc.initd
-a415aa17655788a49627eb2e06fd06b3f73dfea283a9c67c9bf7029430fcca88 0001-Support-openvswitch-bridges.patch
-e6502aa038b18dc4dff7eea6d916215babb8ce775d7c79b2fb7669edcc23ea97 0002-fix-typo.patch
-3a63dda403a2fab04fa5d2c9e7762efdcb911cbd913399b8226abdec6643fec9 0003-Update-the-openvswitch-bridge-attach-code.patch"
-sha512sums="e6ff42a7b41177e1be0d2cd47d4c554565c7fc35355f3aa8aeba00d4adc7a0f364ecd060ddb6c97b2fe5968329c4e4c4b3cb022bffd2da145f30880f077264a8 lxc-1.0.7.tar.gz
+97606cf912818f7ba099d72cb42b25fee44789c1bfd67f1c0150253e86dc6979 lxc.initd"
+sha512sums="160da88d6dc96cd9f0679f948bfed057c024adcd459fa4b79e872d12284fa3774ac33a13923c6e150072886a371ccfcdf7ab2c4587efa7f6175fc91a67525c4a lxc-1.1.0.tar.gz
e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def version.patch
-bcf73032f2c7d17d457bcd5405071a869dcdeef36ef6b9bf5e13f21d5b4c5e1548a09114dd032863ba91358b74b2a72598bf01e53520185492593c2f4db15ffc lxc.initd
-636dc009496f8648ba10aec6b590c2d1f5db17bf76161fec2b38a7a994198d2ac9c1af7e342f4d3e695d53951b5309447f20155fb79e00489a2f5c0513d08d89 0001-Support-openvswitch-bridges.patch
-dc5f5f230df91ea951e231aaedebab8217bcf6a676e2da88f4db3e0b36cdd922fb888c0f6a0eb34d5065add9c002b080c9ac687f9cd16875bd18d4f120f56d6e 0002-fix-typo.patch
-c7089b58dc7c4d2fc8cb245c7eb43930bd9e821e136e5461c3f79af063c640076c07d92afd5675cc57bb832e85690d917b87b337d075505a65e154efa7c45bc0 0003-Update-the-openvswitch-bridge-attach-code.patch"
+bcf73032f2c7d17d457bcd5405071a869dcdeef36ef6b9bf5e13f21d5b4c5e1548a09114dd032863ba91358b74b2a72598bf01e53520185492593c2f4db15ffc lxc.initd"