main/lxc: backport openvswitch bridge support

remove unused patches while at it
author: Natanael Copa <ncopa@alpinelinux.org> 2014-10-13 14:57:15 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2014-10-13 15:02:44 +0000
commit: 11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c (patch)
tree: dadfc43f408aeaae81dbaf2bec5ece38d2ca3268 /main/lxc
parent: 49a7c9a6c3fe1437e7d51d5a30c5cd4e39370b3d (diff)
download: aports-11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c.tar.bz2
aports-11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c.tar.xz
10 files changed, 317 insertions, 739 deletions
diff --git a/main/lxc/0001-Support-openvswitch-bridges.patch b/main/lxc/0001-Support-openvswitch-bridges.patch
new file mode 100644
index 000000000..09f91349f
--- /dev/null
+++ b/main/lxc/0001-Support-openvswitch-bridges.patch
@@ -0,0 +1,138 @@
+From 8acaf18100f3c974cd4a204d531fe0077e95829c Mon Sep 17 00:00:00 2001
+From: Serge Hallyn <serge.hallyn@ubuntu.com>
+Date: Mon, 21 Jul 2014 17:48:55 -0500
+Subject: [PATCH 1/3] Support openvswitch bridges
+
+We detect whether ovs-vsctl is available.  If so, then we support
+adding network interfaces to openvswitch bridges with it.
+
+Note that with this patch, veths do not appear to be removed from the
+openvswitch bridge.  This seems a bug in openvswitch, as the veths
+in fact do disappear from the system.  If lxc is required to remove
+the port from the bridge manually, that becomes more complicated
+for unprivileged containers, as it would require a setuid-root
+wrapper to be called at shutdown.
+
+Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
+(cherry picked from commit 0d2047716ad6967eb4714b2448a89593dc266cef)
+---
+ configure.ac        | 11 +++++++++++
+ src/lxc/Makefile.am |  4 ++++
+ src/lxc/network.c   | 43 +++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 58 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 6ec5740..e0efae7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -192,6 +192,16 @@ fi
+ 
+ AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
+ 
++# Openvswitch
++AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl])
++if test "x$OVS_CTL_PATH" != "x"; then
++	enable_ovs="yes"
++	AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH")
++else
++	enable_ovs="no"
++fi
++AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"])
++
+ # Apparmor
+ AC_ARG_ENABLE([apparmor],
+ 	[AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
+@@ -740,6 +750,7 @@ Environment:
+  - rpath: $enable_rpath
+  - GnuTLS: $enable_gnutls
+  - Bash integration: $enable_bash
++ - Openvswitch: $enable_ovs
+ 
+ Security features:
+  - Apparmor: $enable_apparmor
+diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
+index 92841aa..ddeb37e 100644
+--- a/src/lxc/Makefile.am
++++ b/src/lxc/Makefile.am
+@@ -129,6 +129,10 @@ if ENABLE_APPARMOR
+ AM_CFLAGS += -DHAVE_APPARMOR
+ endif
+ 
++if HAVE_OVS
++AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\"
++endif
++
+ if ENABLE_CGMANAGER
+ AM_CFLAGS += -DHAVE_CGMANAGER
+ endif
+diff --git a/src/lxc/network.c b/src/lxc/network.c
+index a9900de..4270619 100644
+--- a/src/lxc/network.c
++++ b/src/lxc/network.c
+@@ -48,6 +48,7 @@
+ #include "nl.h"
+ #include "network.h"
+ #include "conf.h"
++#include "utils.h"
+ 
+ #if HAVE_IFADDRS_H
+ #include <ifaddrs.h>
+@@ -1170,6 +1171,45 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest)
+ 	return ip_route_dest_add(AF_INET6, ifindex, dest);
+ }
+ 
++#ifdef HAVE_OVS
++static bool is_ovs_bridge(const char *bridge)
++{
++	char brdirname[22 + IFNAMSIZ + 1] = {0};
++	struct stat sb;
++
++	snprintf(brdirname, 22 +IFNAMSIZ + 1, "/sys/class/net/%s/bridge", bridge);
++	if (stat(brdirname, &sb) == -1 && errno == ENOENT)
++		return true;
++	return false;
++}
++
++static int attach_to_ovs_bridge(const char *bridge, const char *nic)
++{
++	pid_t pid;
++	const char *progname;
++
++	pid = fork();
++	if (pid < 0)
++		return -1;
++	if (pid > 0)
++		return wait_for_pid(pid);
++
++	progname = strrchr(OVS_CTL_PATH, '/');
++	if (!progname) // not sane, should we just fail?
++		progname = OVS_CTL_PATH;
++	if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL))
++		exit(1);
++	// not reached
++	exit(1);
++}
++#else
++static inline bool is_ovs_bridge(const char *bridge) { return false; }
++static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
++{
++	retun -1;
++}
++#endif
++
+ /*
+  * There is a lxc_bridge_attach, but no need of a bridge detach
+  * as automatically done by kernel when a netdev is deleted.
+@@ -1186,6 +1226,9 @@ int lxc_bridge_attach(const char *bridge, const char *ifname)
+ 	if (!index)
+ 		return -EINVAL;
+ 
++	if (is_ovs_bridge(bridge))
++		return attach_to_ovs_bridge(bridge, ifname);
++
+ 	fd = socket(AF_INET, SOCK_STREAM, 0);
+ 	if (fd < 0)
+ 		return -errno;
+-- 
+2.1.2
+
diff --git a/main/lxc/0001-lua-Do-not-link-Lua-module-to-the-Lua-core-library.patch b/main/lxc/0001-lua-Do-not-link-Lua-module-to-the-Lua-core-library.patch
deleted file mode 100644
index 02a5b02f6..000000000
--- a/main/lxc/0001-lua-Do-not-link-Lua-module-to-the-Lua-core-library.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From aa0337f7856feefab804c8a7bba4eaca205d3bab Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Thu, 20 Feb 2014 09:48:37 +0000
-Subject: [PATCH 1/2] lua: Do not link Lua module to the Lua core library
-
-Modules should not link to the Lua core library.
-
-See http://lua-users.org/wiki/BuildingModules under
-"Do Not Link Modules to the Lua Core Libraries"
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
----
- src/lua-lxc/Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lua-lxc/Makefile.am b/src/lua-lxc/Makefile.am
-index 7bbaf61..540238f 100644
---- a/src/lua-lxc/Makefile.am
-+++ b/src/lua-lxc/Makefile.am
-@@ -18,7 +18,7 @@ core_so_LDFLAGS = \
- 	-L$(top_srcdir)/src/lxc \
- 	-Wl,-soname,core.so.$(firstword $(subst ., ,$(VERSION)))
- 
--core_so_LDADD = -llxc $(LUA_LIBS)
-+core_so_LDADD = -llxc
- 
- lxc.lua:
- 
--- 
-1.8.5.4
-
diff --git a/main/lxc/0002-fix-typo.patch b/main/lxc/0002-fix-typo.patch
new file mode 100644
index 000000000..828e6cb7e
--- /dev/null
+++ b/main/lxc/0002-fix-typo.patch
@@ -0,0 +1,27 @@
+From b63fcfdcdcb17474c5ee1a8a62c9a4618cac4410 Mon Sep 17 00:00:00 2001
+From: Serge Hallyn <serge.hallyn@ubuntu.com>
+Date: Wed, 23 Jul 2014 10:19:24 -0500
+Subject: [PATCH 2/3] fix typo
+
+Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
+(cherry picked from commit f50b163d1d565a9c5f3fbab725b999c5746961ad)
+---
+ src/lxc/network.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lxc/network.c b/src/lxc/network.c
+index 4270619..dfab159 100644
+--- a/src/lxc/network.c
++++ b/src/lxc/network.c
+@@ -1206,7 +1206,7 @@ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
+ static inline bool is_ovs_bridge(const char *bridge) { return false; }
+ static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
+ {
+-	retun -1;
++	return -1;
+ }
+ #endif
+ 
+-- 
+2.1.2
+
diff --git a/main/lxc/0002-lxc-alpine-add-support-for-architecture-arm.patch b/main/lxc/0002-lxc-alpine-add-support-for-architecture-arm.patch
deleted file mode 100644
index f4bfad2fc..000000000
--- a/main/lxc/0002-lxc-alpine-add-support-for-architecture-arm.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 882bdfc07672202fbade0d8e38d26cf0a5309b5d Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Thu, 20 Feb 2014 10:30:22 +0000
-Subject: [PATCH 2/2] lxc-alpine: add support for architecture arm
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
----
- templates/lxc-alpine.in | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
-index afda971..d8c6674 100644
---- a/templates/lxc-alpine.in
-+++ b/templates/lxc-alpine.in
-@@ -368,6 +368,9 @@ case "$arch" in
-         ;;
-     x86_64|"")
-         ;;
-+    arm*)
-+        apk_arch=armhf
-+        ;;
-     *)
-         die "unsupported architecture: $arch"
-         ;;
--- 
-1.8.5.4
-
diff --git a/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch b/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch
new file mode 100644
index 000000000..ff6085d68
--- /dev/null
+++ b/main/lxc/0003-Update-the-openvswitch-bridge-attach-code.patch
@@ -0,0 +1,134 @@
+From 26e73e11dcf4c59f90dea06fa36749be06202d04 Mon Sep 17 00:00:00 2001
+From: Serge Hallyn <serge.hallyn@ubuntu.com>
+Date: Fri, 22 Aug 2014 20:29:23 +0000
+Subject: [PATCH 3/3] Update the openvswitch bridge attach code
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+1. don't determine ovs-vsctl path at configure time, do it at runtime
+
+2. lxc-user-nic: set a sane path to protect from unpriv users
+
+Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
+Acked-by: Stéphane Graber <stgraber@ubuntu.com>
+(cherry picked from commit 6ad22d063aa0fdbd77425acd7f9c9de79e5aff3e)
+---
+ configure.ac           | 11 -----------
+ src/lxc/Makefile.am    |  4 ----
+ src/lxc/lxc_user_nic.c |  5 +++++
+ src/lxc/network.c      | 20 +++++++-------------
+ 4 files changed, 12 insertions(+), 28 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index e0efae7..6ec5740 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -192,16 +192,6 @@ fi
+ 
+ AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
+ 
+-# Openvswitch
+-AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl])
+-if test "x$OVS_CTL_PATH" != "x"; then
+-	enable_ovs="yes"
+-	AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH")
+-else
+-	enable_ovs="no"
+-fi
+-AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"])
+-
+ # Apparmor
+ AC_ARG_ENABLE([apparmor],
+ 	[AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
+@@ -750,7 +740,6 @@ Environment:
+  - rpath: $enable_rpath
+  - GnuTLS: $enable_gnutls
+  - Bash integration: $enable_bash
+- - Openvswitch: $enable_ovs
+ 
+ Security features:
+  - Apparmor: $enable_apparmor
+diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
+index ddeb37e..92841aa 100644
+--- a/src/lxc/Makefile.am
++++ b/src/lxc/Makefile.am
+@@ -129,10 +129,6 @@ if ENABLE_APPARMOR
+ AM_CFLAGS += -DHAVE_APPARMOR
+ endif
+ 
+-if HAVE_OVS
+-AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\"
+-endif
+-
+ if ENABLE_CGMANAGER
+ AM_CFLAGS += -DHAVE_CGMANAGER
+ endif
+diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
+index 64e9d1a..b2a583c 100644
+--- a/src/lxc/lxc_user_nic.c
++++ b/src/lxc/lxc_user_nic.c
+@@ -590,6 +590,11 @@ int main(int argc, char *argv[])
+ 	char *vethname = NULL;
+ 	int pid;
+ 
++	/* set a sane path, because we are setuid-root */
++	if (setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 1) < 0) {
++		fprintf(stderr, "Failed to set PATH, exiting\n");
++		exit(1);
++	}
+ 	if ((me = get_username()) == NULL) {
+ 		fprintf(stderr, "Failed to get username\n");
+ 		exit(1);
+diff --git a/src/lxc/network.c b/src/lxc/network.c
+index dfab159..32edfc4 100644
+--- a/src/lxc/network.c
++++ b/src/lxc/network.c
+@@ -1171,7 +1171,6 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest)
+ 	return ip_route_dest_add(AF_INET6, ifindex, dest);
+ }
+ 
+-#ifdef HAVE_OVS
+ static bool is_ovs_bridge(const char *bridge)
+ {
+ 	char brdirname[22 + IFNAMSIZ + 1] = {0};
+@@ -1186,7 +1185,12 @@ static bool is_ovs_bridge(const char *bridge)
+ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
+ {
+ 	pid_t pid;
+-	const char *progname;
++	char *cmd;
++
++	cmd = on_path("ovs-vsctl");
++	if (!cmd)
++		return -1;
++	free(cmd);
+ 
+ 	pid = fork();
+ 	if (pid < 0)
+@@ -1194,21 +1198,11 @@ static int attach_to_ovs_bridge(const char *bridge, const char *nic)
+ 	if (pid > 0)
+ 		return wait_for_pid(pid);
+ 
+-	progname = strrchr(OVS_CTL_PATH, '/');
+-	if (!progname) // not sane, should we just fail?
+-		progname = OVS_CTL_PATH;
+-	if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL))
++	if (execlp("ovs-vsctl", "ovs-vsctl", "add-port", bridge, nic, NULL))
+ 		exit(1);
+ 	// not reached
+ 	exit(1);
+ }
+-#else
+-static inline bool is_ovs_bridge(const char *bridge) { return false; }
+-static inline int attach_to_ovs_bridge(const char *bridge, const char *nic)
+-{
+-	return -1;
+-}
+-#endif
+ 
+ /*
+  * There is a lxc_bridge_attach, but no need of a bridge detach
+-- 
+2.1.2
+
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD
index 184c7f72f..f1ceb2902 100644
--- a/main/lxc/APKBUILD
+++ b/main/lxc/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=lxc
 pkgver=1.0.6
 _mypkgver=${pkgver/_rc/.rc}
-pkgrel=0
+pkgrel=1
 pkgdesc="linux containers - tools"
 url="http://lxc.sourceforge.net/"
 arch="all"
@@ -18,6 +18,11 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm lua5.2-lxc:_lua52
 source="https://github.com/lxc/lxc/archive/lxc-$_mypkgver.tar.gz
 	version.patch
 	lxc.initd
+
+	0001-Support-openvswitch-bridges.patch
+	0002-fix-typo.patch
+	0003-Update-the-openvswitch-bridge-attach-code.patch
+
 	"
 
 _builddir="${srcdir}/lxc-lxc-${_mypkgver}"
@@ -87,10 +92,19 @@ dev() {
 
 md5sums="3949cd916a120f40c2355c9a5b65cd51  lxc-1.0.6.tar.gz
 79e90616b5049a472ccdcb5b1dcdd8b1  version.patch
-1268d4b3e6ed004a47216b8714d09bfd  lxc.initd"
+1268d4b3e6ed004a47216b8714d09bfd  lxc.initd
+0800600ea0e9a0a4eab5822e8f14d6a2  0001-Support-openvswitch-bridges.patch
+82f16afb2cec1dfca66e4057daf02694  0002-fix-typo.patch
+fc502befeee596d5a1cf78d4f294a3e9  0003-Update-the-openvswitch-bridge-attach-code.patch"
 sha256sums="2aea199a89e2cd946f93406af6c3f62844f36954b79a6991b36d2c33022cb11c  lxc-1.0.6.tar.gz
 b6d85fb23940d2511b3951de56b2532843c0e03ec1613548366361cc0c1a46b9  version.patch
-bc108a722dc359a24c48837ef7012c776b1d20a533ae0e2231f75081dad4e2f5  lxc.initd"
+bc108a722dc359a24c48837ef7012c776b1d20a533ae0e2231f75081dad4e2f5  lxc.initd
+a415aa17655788a49627eb2e06fd06b3f73dfea283a9c67c9bf7029430fcca88  0001-Support-openvswitch-bridges.patch
+e6502aa038b18dc4dff7eea6d916215babb8ce775d7c79b2fb7669edcc23ea97  0002-fix-typo.patch
+3a63dda403a2fab04fa5d2c9e7762efdcb911cbd913399b8226abdec6643fec9  0003-Update-the-openvswitch-bridge-attach-code.patch"
 sha512sums="fe85ccb57865d86704df6b4b79d60f31892785b07dc9dd2580cc6c384c89c29c23516e906b7a16bc03c6582c1fb2432bb8ff11bd17c09efa8f6a035fb41f46b1  lxc-1.0.6.tar.gz
 e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def  version.patch
-6618ceb59f1927bb82ad1a0fe0a7d4c452ced7855d8f0953556fce9154f30a4c5afbd7a2ab07fb26e6e793b07d4c8f906f8dc27c1defe0580dcf1545c80d1d60  lxc.initd"
+6618ceb59f1927bb82ad1a0fe0a7d4c452ced7855d8f0953556fce9154f30a4c5afbd7a2ab07fb26e6e793b07d4c8f906f8dc27c1defe0580dcf1545c80d1d60  lxc.initd
+636dc009496f8648ba10aec6b590c2d1f5db17bf76161fec2b38a7a994198d2ac9c1af7e342f4d3e695d53951b5309447f20155fb79e00489a2f5c0513d08d89  0001-Support-openvswitch-bridges.patch
+dc5f5f230df91ea951e231aaedebab8217bcf6a676e2da88f4db3e0b36cdd922fb888c0f6a0eb34d5065add9c002b080c9ac687f9cd16875bd18d4f120f56d6e  0002-fix-typo.patch
+c7089b58dc7c4d2fc8cb245c7eb43930bd9e821e136e5461c3f79af063c640076c07d92afd5675cc57bb832e85690d917b87b337d075505a65e154efa7c45bc0  0003-Update-the-openvswitch-bridge-attach-code.patch"
diff --git a/main/lxc/alpine-template-backport.patch b/main/lxc/alpine-template-backport.patch
deleted file mode 100644
index 158efcf42..000000000
--- a/main/lxc/alpine-template-backport.patch
+++ /dev/null
@@ -1,201 +0,0 @@
-diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
-index 962d274..ce7226f 100644
---- a/templates/lxc-alpine.in
-+++ b/templates/lxc-alpine.in
-@@ -1,20 +1,99 @@
- #!/bin/sh
- 
-+key_sha256sums="9c102bcc376af1498d549b77bdbfa815ae86faa1d2d82f040e616b18ef2df2d4  alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub
-+2adcf7ce224f476330b5360ca5edb92fd0bf91c92d83292ed028d7c4e26333ab  alpine-devel@lists.alpinelinux.org-4d07755e.rsa.pub"
-+
-+get_static_apk () {
-+    wget="wget -q -O -"
-+    pkglist=alpine-keys:apk-tools-static
-+    auto_repo_dir=
-+
-+    if [ -z "$repository" ]; then
-+        url=http://wiki.alpinelinux.org/cgi-bin/dl.cgi
-+        if [ -z "$release" ]; then
-+            echo -n "Determining the latest release... "
-+            release=$($wget $url/.latest.$apk_arch.txt | \
-+                cut -d " " -f 3 | cut -d / -f 1 | uniq)
-+            if [ -z "$release" ]; then
-+                echo failed
-+                return 1
-+            fi
-+            echo $release
-+        fi
-+        auto_repo_dir=$release/main
-+        repository=$url/$auto_repo_dir
-+        pkglist=$pkglist:alpine-mirrors
-+    fi
-+
-+    rootfs="$1"
-+    echo "Using static apk from $repository/$apk_arch"
-+    wget="$wget $repository/$apk_arch"
-+
-+    # parse APKINDEX to find the current versions
-+    static_pkgs=$($wget/APKINDEX.tar.gz | \
-+        tar -Oxz APKINDEX | \
-+        awk -F: -v pkglist=$pkglist '
-+            BEGIN { split(pkglist,pkg) }
-+            $0 != "" { f[$1] = $2 }
-+            $0 == "" { for (i in pkg)
-+                           if (pkg[i] == f["P"])
-+                               print(f["P"] "-" f["V"] ".apk") }')
-+    [ "$static_pkgs" ] || return 1
-+
-+    mkdir -p "$rootfs" || return 1
-+    for pkg in $static_pkgs; do
-+        echo "Downloading $pkg"
-+        $wget/$pkg | tar -xz -C "$rootfs"
-+    done
-+
-+    # clean up .apk meta files
-+    rm -f "$rootfs"/.[A-Z]*
-+
-+    # verify checksum of the key
-+    keyname=$(echo $rootfs/sbin/apk.static.*.pub | sed 's/.*\.SIGN\.RSA\.//')
-+    checksum=$(echo "$key_sha256sums" |  grep -w "$keyname")
-+    if [ -z "$checksum" ]; then
-+        echo "ERROR: checksum is missing for $keyname"
-+        return 1
-+    fi
-+    (cd $rootfs/etc/apk/keys && echo "$checksum" | sha256sum -c -) || return 1
-+
-+    # verify the static apk binary signature
-+    APK=$rootfs/sbin/apk.static
-+    openssl dgst -verify $rootfs/etc/apk/keys/$keyname \
-+        -signature "$APK.SIGN.RSA.$keyname" "$APK" || return 1
-+
-+    if [ "$auto_repo_dir" ]; then
-+        mirror_list=$rootfs/usr/share/alpine-mirrors/MIRRORS.txt
-+        mirror_count=$(wc -l $mirror_list | cut -d " " -f 1)
-+        repository=$(sed $(expr $RANDOM % $mirror_count + 1)\!d \
-+            $mirror_list)$auto_repo_dir
-+        echo "Selecting mirror $repository"
-+    fi
-+}
-+
- install_alpine() {
-     rootfs="$1"
-     shift
-     mkdir -p "$rootfs"/etc/apk || return 1
--    cp -r ${keys_dir:-/etc/apk/keys} "$rootfs"/etc/apk/
-+    : ${keys_dir:=/etc/apk/keys}
-+    if ! [ -d "$rootfs"/etc/apk/keys ] && [ -d "$keys_dir" ]; then
-+        cp -r "$keys_dir" "$rootfs"/etc/apk/keys
-+    fi
-     if [ -n "$repository" ]; then
-         echo "$repository" > "$rootfs"/etc/apk/repositories
-     else
-         cp /etc/apk/repositories "$rootfs"/etc/apk/repositories || return 1
-+        if [ -n "$release" ]; then
-+            sed -i -e "s:/[^/]\+/\([^/]\+\)$:/$release/\1:" \
-+                "$rootfs"/etc/apk/repositories
-+        fi
-     fi
-     opt_arch=
-     if [ -n "$apk_arch" ]; then
-         opt_arch="--arch $apk_arch"
-     fi
--    ${APK:-apk} add -U --initdb --root $rootfs $opt_arch "$@" alpine-base
-+    $APK add -U --initdb --root $rootfs $opt_arch "$@" alpine-base
- }
- 
- configure_alpine() {
-@@ -109,6 +188,7 @@ EOF
- lxc.tty = 4
- lxc.pts = 1024
- lxc.utsname = $hostname
-+lxc.cap.drop = sys_module mac_admin mac_override sys_time
- 
- # When using LXC with apparmor, uncomment the next line to run unconfined:
- #lxc.aa_profile = unconfined
-@@ -129,7 +209,7 @@ lxc.cgroup.devices.allow = c 1:8 rwm
- lxc.cgroup.devices.allow = c 136:* rwm
- lxc.cgroup.devices.allow = c 5:2 rwm
- # rtc
--lxc.cgroup.devices.allow = c 254:0 rwm
-+lxc.cgroup.devices.allow = c 254:0 rm
- 
- # mounts point
- lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
-@@ -148,8 +228,10 @@ die() {
- 
- usage() {
-     cat >&2 <<EOF
--Usage: $(basename $0) [-h|--help] [-r|--repository <url>] [-a|--arch <arch>]
--                   -p|--path <path> -n|--name <name> [PKG...]
-+Usage: $(basename $0) [-h|--help] [-r|--repository <url>]
-+                   [-R|--release <release>] [-a|--arch <arch>]
-+                   [--rootfs <rootfs>] -p|--path <path> -n|--name <name>
-+                   [PKG...]
- EOF
- }
- 
-@@ -165,6 +247,14 @@ optarg_check() {
- }
- 
- default_path=@LXCPATH@
-+release=
-+arch=$(uname -m)
-+
-+# template mknods, requires root
-+if [ $(id -u) -ne 0 ]; then
-+   echo "$(basename $0): must be run as root" >&2
-+   exit 1
-+fi
- 
- while [ $# -gt 0 ]; do
-     opt="$1"
-@@ -179,6 +269,11 @@ while [ $# -gt 0 ]; do
-         name=$1
-         shift
-         ;;
-+    --rootfs)
-+        optarg_check $opt "$1"
-+        rootfs=$1
-+        shift
-+        ;;
-     -p|--path)
-         optarg_check $opt "$1"
-         path=$1
-@@ -189,6 +284,11 @@ while [ $# -gt 0 ]; do
-         repository=$1
-         shift
- 	;;
-+    -R|--release)
-+        optarg_check $opt "$1"
-+        release=$1
-+        shift
-+        ;;
-     -a|--arch)
-         optarg_check $opt "$1"
-         arch=$1
-@@ -217,9 +317,11 @@ if [ -z "${path}" ]; then
-     path="${default_path}/${name}"
- fi
- 
--rootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null`
- if [ -z "$rootfs" ]; then
--    rootfs="${path}/rootfs"
-+    rootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null`
-+    if [ -z "$rootfs" ]; then
-+        rootfs="${path}/rootfs"
-+    fi
- fi
- 
- lxc_arch=$arch
-@@ -234,6 +336,11 @@ case "$arch" in
- 	*)	die "unsupported architecture: $arch";;
- esac
- 
-+: ${APK:=apk}
-+if ! which $APK >/dev/null; then
-+    get_static_apk "$rootfs" || die "Failed to download a valid static apk"
-+fi
-+
- install_alpine "$rootfs" "$@" || die "Failed to install rootfs for $name"
- configure_alpine "$rootfs" "$name" || die "Failed to configure $name"
- copy_configuration "$path" "$rootfs" "$name"
diff --git a/main/lxc/bb-rm.patch b/main/lxc/bb-rm.patch
deleted file mode 100644
index c93adb33a..000000000
--- a/main/lxc/bb-rm.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- ./src/lxc/lxc-destroy.in.orig	2013-04-15 07:38:58.383545701 +0000
-+++ ./src/lxc/lxc-destroy.in	2013-04-15 07:42:22.552123148 +0000
-@@ -137,10 +137,10 @@
-             btrfs subvolume delete "$rootdev"
-         else
-             # In case rootfs is not under $lxc_path/$lxc_name, remove it
--            rm -rf --one-file-system --preserve-root $rootdev
-+	    find $rootdev -xdev -delete
-         fi
-     fi
- fi
- 
- # recursively remove the container to remove old container configuration
--rm -rf --one-file-system --preserve-root $lxc_path/$lxc_name
-+find $lxc_path/$lxc_name -xdev -delete
diff --git a/main/lxc/bb-shutdown.patch b/main/lxc/bb-shutdown.patch
deleted file mode 100644
index 406303215..000000000
--- a/main/lxc/bb-shutdown.patch
+++ /dev/null
@@ -1,26 +0,0 @@
---- ./src/lxc/lxc-shutdown.in.orig	2013-04-15 07:43:04.709177850 +0000
-+++ ./src/lxc/lxc-shutdown.in	2013-04-15 07:45:43.213958405 +0000
-@@ -118,11 +118,21 @@
-     exit 1
- fi
- 
-+signal_reboot=INT
-+signal_poweroff=PWR
-+init_exe=$(readlink -f /proc/$pid/exe)
-+case ${init_exe} in
-+    */busybox)
-+        signal_reboot=TERM
-+        signal_poweroff=USR2
-+       ;;
-+esac
-+
- if [ $reboot -eq 1 ]; then
--    kill -s INT $pid
-+    kill -s $signal_reboot $pid
-     exit 0
- else
--    kill -s PWR $pid
-+    kill -s $signal_poweroff $pid
- fi
- 
- if [ $dowait -eq 0 ]; then
diff --git a/main/lxc/lxc-fix-headers.patch b/main/lxc/lxc-fix-headers.patch
deleted file mode 100644
index bc7f8e59c..000000000
--- a/main/lxc/lxc-fix-headers.patch
+++ /dev/null
@@ -1,435 +0,0 @@
-diff -ru lxc-0.9.0.orig/src/lua-lxc/core.c lxc-0.9.0/src/lua-lxc/core.c
---- lxc-0.9.0.orig/src/lua-lxc/core.c	2013-10-10 09:22:58.841387605 +0300
-+++ lxc-0.9.0/src/lua-lxc/core.c	2013-10-10 09:23:13.847971218 +0300
-@@ -21,7 +21,6 @@
-  */
- 
- #define LUA_LIB
--#define _GNU_SOURCE
- #include <lua.h>
- #include <lauxlib.h>
- #include <string.h>
-diff -ru lxc-0.9.0.orig/src/lxc/attach.c lxc-0.9.0/src/lxc/attach.c
---- lxc-0.9.0.orig/src/lxc/attach.c	2013-10-10 09:22:58.841387605 +0300
-+++ lxc-0.9.0/src/lxc/attach.c	2013-10-10 09:23:13.847971218 +0300
-@@ -21,13 +21,14 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
-+#include "config.h"
- #include <unistd.h>
- #include <stdio.h>
- #include <string.h>
- #include <stdlib.h>
- #include <errno.h>
- #include <fcntl.h>
-+#include <sched.h>
- #include <sys/param.h>
- #include <sys/prctl.h>
- #include <sys/mount.h>
-@@ -44,7 +45,6 @@
- #include "log.h"
- #include "attach.h"
- #include "caps.h"
--#include "config.h"
- #include "apparmor.h"
- 
- lxc_log_define(lxc_attach, lxc);
-diff -ru lxc-0.9.0.orig/src/lxc/caps.c lxc-0.9.0/src/lxc/caps.c
---- lxc-0.9.0.orig/src/lxc/caps.c	2013-10-10 09:22:58.841387605 +0300
-+++ lxc-0.9.0/src/lxc/caps.c	2013-10-10 09:23:13.847971218 +0300
-@@ -21,7 +21,7 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
-+#include "config.h"
- #include <unistd.h>
- #include <fcntl.h>
- #include <stdlib.h>
-@@ -29,7 +29,6 @@
- #include <sys/prctl.h>
- #include <errno.h>
- 
--#include "config.h"
- #include "log.h"
- 
- lxc_log_define(lxc_caps, lxc);
-diff -ru lxc-0.9.0.orig/src/lxc/cgroup.c lxc-0.9.0/src/lxc/cgroup.c
---- lxc-0.9.0.orig/src/lxc/cgroup.c	2013-10-10 09:22:58.841387605 +0300
-+++ lxc-0.9.0/src/lxc/cgroup.c	2013-10-10 09:28:10.249698806 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <errno.h>
- #include <unistd.h>
-@@ -37,7 +36,6 @@
- #include <net/if.h>
- 
- #include "error.h"
--#include "config.h"
- #include "commands.h"
- 
- #include <lxc/log.h>
-diff -ru lxc-0.9.0.orig/src/lxc/commands.c lxc-0.9.0/src/lxc/commands.c
---- lxc-0.9.0.orig/src/lxc/commands.c	2013-10-10 09:22:58.841387605 +0300
-+++ lxc-0.9.0/src/lxc/commands.c	2013-10-10 09:23:13.851304534 +0300
-@@ -28,7 +28,7 @@
- #include <fcntl.h>
- #include <sys/socket.h>
- #include <sys/un.h>
--#include <sys/poll.h>
-+#include <poll.h>
- #include <sys/param.h>
- #include <malloc.h>
- #include <stdlib.h>
-diff -ru lxc-0.9.0.orig/src/lxc/conf.c lxc-0.9.0/src/lxc/conf.c
---- lxc-0.9.0.orig/src/lxc/conf.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/conf.c	2013-10-10 09:28:30.296256871 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <stdarg.h>
- #include <errno.h>
-@@ -58,7 +57,6 @@
- #include "network.h"
- #include "error.h"
- #include "parse.h"
--#include "config.h"
- #include "utils.h"
- #include "conf.h"
- #include "log.h"
-diff -ru lxc-0.9.0.orig/src/lxc/confile.c lxc-0.9.0/src/lxc/confile.c
---- lxc-0.9.0.orig/src/lxc/confile.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/confile.c	2013-10-10 09:28:45.472841319 +0300
-@@ -20,7 +20,7 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-@@ -38,7 +38,6 @@
- #include <net/if.h>
- 
- #include "parse.h"
--#include "config.h"
- #include "confile.h"
- #include "utils.h"
- 
-diff -ru lxc-0.9.0.orig/src/lxc/freezer.c lxc-0.9.0/src/lxc/freezer.c
---- lxc-0.9.0.orig/src/lxc/freezer.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/freezer.c	2013-10-10 09:29:01.486087901 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <errno.h>
- #include <unistd.h>
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_attach.c lxc-0.9.0/src/lxc/lxc_attach.c
---- lxc-0.9.0.orig/src/lxc/lxc_attach.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/lxc_attach.c	2013-10-10 09:29:19.079325924 +0300
-@@ -21,7 +21,7 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
-+#include "config.h"
- #include <unistd.h>
- #include <errno.h>
- #include <pwd.h>
-@@ -36,7 +36,6 @@
- #include "arguments.h"
- #include "caps.h"
- #include "cgroup.h"
--#include "config.h"
- #include "confile.h"
- #include "start.h"
- #include "sync.h"
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_checkpoint.c lxc-0.9.0/src/lxc/lxc_checkpoint.c
---- lxc-0.9.0.orig/src/lxc/lxc_checkpoint.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/lxc_checkpoint.c	2013-10-10 09:25:41.587170847 +0300
-@@ -20,7 +20,7 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <assert.h>
- #include <stdio.h>
- #include <stdlib.h>
-@@ -35,7 +35,6 @@
- #include <lxc/utils.h>
- 
- #include "arguments.h"
--#include "config.h"
- #include "caps.h"
- 
- lxc_log_define(lxc_checkpoint_ui, lxc_checkpoint);
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_console.c lxc-0.9.0/src/lxc/lxc_console.c
---- lxc-0.9.0.orig/src/lxc/lxc_console.c	2013-10-10 09:22:58.844720784 +0300
-+++ lxc-0.9.0/src/lxc/lxc_console.c	2013-10-10 09:23:13.854637849 +0300
-@@ -21,9 +21,7 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <errno.h>
- #include <string.h>
-@@ -35,7 +33,7 @@
- #include <sys/param.h>
- #include <sys/types.h>
- #include <sys/stat.h>
--#include <sys/poll.h>
-+#include <poll.h>
- #include <sys/ioctl.h>
- 
- #include "error.h"
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_execute.c lxc-0.9.0/src/lxc/lxc_execute.c
---- lxc-0.9.0.orig/src/lxc/lxc_execute.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxc_execute.c	2013-10-10 09:25:21.023948914 +0300
-@@ -20,7 +20,7 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
- #include <stdlib.h>
- #include <errno.h>
-@@ -37,7 +37,6 @@
- #include "conf.h"
- #include "confile.h"
- #include "arguments.h"
--#include "config.h"
- #include "start.h"
- #include "utils.h"
- 
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_init.c lxc-0.9.0/src/lxc/lxc_init.c
---- lxc-0.9.0.orig/src/lxc/lxc_init.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxc_init.c	2013-10-10 09:23:13.854637849 +0300
-@@ -30,7 +30,6 @@
- #include <sys/stat.h>
- #include <sys/types.h>
- #include <sys/wait.h>
--#define _GNU_SOURCE
- #include <getopt.h>
- 
- #include "log.h"
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_restart.c lxc-0.9.0/src/lxc/lxc_restart.c
---- lxc-0.9.0.orig/src/lxc/lxc_restart.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxc_restart.c	2013-10-10 09:25:59.123742508 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <unistd.h>
- #include <errno.h>
-@@ -33,7 +32,6 @@
- #include "lxc.h"
- #include "caps.h"
- #include "conf.h"
--#include "config.h"
- #include "confile.h"
- #include "arguments.h"
- #include "utils.h"
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_start.c lxc-0.9.0/src/lxc/lxc_start.c
---- lxc-0.9.0.orig/src/lxc/lxc_start.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxc_start.c	2013-10-10 09:24:30.684221628 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <libgen.h>
- #include <stdlib.h>
- #include <unistd.h>
-@@ -46,7 +45,6 @@
- #include "conf.h"
- #include "cgroup.h"
- #include "utils.h"
--#include "config.h"
- #include "confile.h"
- #include "arguments.h"
- 
-diff -ru lxc-0.9.0.orig/src/lxc/lxc_unshare.c lxc-0.9.0/src/lxc/lxc_unshare.c
---- lxc-0.9.0.orig/src/lxc/lxc_unshare.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxc_unshare.c	2013-10-10 09:23:13.854637849 +0300
-@@ -20,9 +20,7 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <stdlib.h>
- #include <unistd.h>
- #include <libgen.h>
-diff -ru lxc-0.9.0.orig/src/lxc/lxccontainer.c lxc-0.9.0/src/lxc/lxccontainer.c
---- lxc-0.9.0.orig/src/lxc/lxccontainer.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxccontainer.c	2013-10-10 09:23:13.854637849 +0300
-@@ -800,7 +800,7 @@
- 	if (pid < 0)
- 		return false;
- 	if (pid == 0) { // child
--		ret = execlp("lxc-destroy", "lxc-destroy", "-n", c->name, "-P", c->config_path, NULL);
-+		ret = execlp("lxc-destroy", "lxc-destroy", "-n", c->name, "-P", c->config_path, (void*)0);
- 		perror("execl");
- 		exit(1);
- 	}
-diff -ru lxc-0.9.0.orig/src/lxc/lxclock.c lxc-0.9.0/src/lxc/lxclock.c
---- lxc-0.9.0.orig/src/lxc/lxclock.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxclock.c	2013-10-10 09:23:13.854637849 +0300
-@@ -18,8 +18,8 @@
-  */
- 
- #include "lxclock.h"
--#include <malloc.h>
- #include <stdio.h>
-+#include <stdlib.h>
- 
- #define OFLAG (O_CREAT | O_RDWR)
- #define SEMMODE 0660
-diff -ru lxc-0.9.0.orig/src/lxc/lxcutmp.c lxc-0.9.0/src/lxc/lxcutmp.c
---- lxc-0.9.0.orig/src/lxc/lxcutmp.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/lxcutmp.c	2013-10-10 09:23:13.854637849 +0300
-@@ -63,6 +63,8 @@
- #include "lxc.h"
- #include "log.h"
- 
-+#include <utmp.h>
-+
- #ifndef __USE_GNU
- #define __USE_GNU
- #endif
-diff -ru lxc-0.9.0.orig/src/lxc/network.c lxc-0.9.0/src/lxc/network.c
---- lxc-0.9.0.orig/src/lxc/network.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/network.c	2013-10-10 09:30:26.518960572 +0300
-@@ -20,9 +20,8 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCe
- #include <stdlib.h>
- #include <unistd.h>
- #include <fcntl.h>
-diff -ru lxc-0.9.0.orig/src/lxc/parse.c lxc-0.9.0/src/lxc/parse.c
---- lxc-0.9.0.orig/src/lxc/parse.c	2013-10-10 09:22:58.848053921 +0300
-+++ lxc-0.9.0/src/lxc/parse.c	2013-10-10 09:23:30.724546457 +0300
-@@ -20,16 +20,14 @@
-  * License along with this library; if not, write to the Free Software
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
--#define _GNU_SOURCE
-+#include "config.h"
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <string.h>
- #include <stdlib.h>
- #include <errno.h>
- #include <dirent.h>
- 
- #include "parse.h"
--#include "config.h"
- #include <lxc/log.h>
- 
- /* Define getline() if missing from the C library */
-diff -ru lxc-0.9.0.orig/src/lxc/restart.c lxc-0.9.0/src/lxc/restart.c
---- lxc-0.9.0.orig/src/lxc/restart.c	2013-10-10 09:22:58.851387051 +0300
-+++ lxc-0.9.0/src/lxc/restart.c	2013-10-10 09:23:13.857971164 +0300
-@@ -24,7 +24,6 @@
- #include "config.h"
- 
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <string.h>
- #include <stdlib.h>
- #include <errno.h>
-diff -ru lxc-0.9.0.orig/src/lxc/seccomp.c lxc-0.9.0/src/lxc/seccomp.c
---- lxc-0.9.0.orig/src/lxc/seccomp.c	2013-10-10 09:22:58.851387051 +0300
-+++ lxc-0.9.0/src/lxc/seccomp.c	2013-10-10 09:23:13.857971164 +0300
-@@ -21,7 +21,6 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
- #include <stdio.h>
- #include <stdlib.h>
- #include <seccomp.h>
-diff -ru lxc-0.9.0.orig/src/lxc/start.c lxc-0.9.0/src/lxc/start.c
---- lxc-0.9.0.orig/src/lxc/start.c	2013-10-10 09:22:58.851387051 +0300
-+++ lxc-0.9.0/src/lxc/start.c	2013-10-10 09:23:13.857971164 +0300
-@@ -24,7 +24,6 @@
- #include "config.h"
- 
- #include <stdio.h>
--#undef _GNU_SOURCE
- #include <string.h>
- #include <stdlib.h>
- #include <dirent.h>
-@@ -43,7 +42,7 @@
- #include <sys/types.h>
- #include <sys/wait.h>
- #include <sys/un.h>
--#include <sys/poll.h>
-+#include <poll.h>
- #include <sys/syscall.h>
- 
- #if HAVE_SYS_CAPABILITY_H
-diff -ru lxc-0.9.0.orig/src/lxc/utils.c lxc-0.9.0/src/lxc/utils.c
---- lxc-0.9.0.orig/src/lxc/utils.c	2013-10-10 09:22:58.851387051 +0300
-+++ lxc-0.9.0/src/lxc/utils.c	2013-10-10 09:23:13.857971164 +0300
-@@ -21,7 +21,6 @@
-  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-  */
- 
--#define _GNU_SOURCE
- #include <errno.h>
- #include <unistd.h>
- #include <stdlib.h>
-diff -ru lxc-0.9.0.orig/src/lxc/utils.h lxc-0.9.0/src/lxc/utils.h
---- lxc-0.9.0.orig/src/lxc/utils.h	2013-10-10 09:22:58.851387051 +0300
-+++ lxc-0.9.0/src/lxc/utils.h	2013-10-10 09:23:13.857971164 +0300
-@@ -23,6 +23,8 @@
- #ifndef _utils_h
- #define _utils_h
- 
-+#include <sys/types.h>
-+
- extern int lxc_copy_file(const char *src, const char *dst);
- extern int lxc_setup_fs(void);
- extern int get_u16(unsigned short *val, const char *arg, int base);
author	Natanael Copa <ncopa@alpinelinux.org>	2014-10-13 14:57:15 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2014-10-13 15:02:44 +0000
commit	11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c (patch)
tree	dadfc43f408aeaae81dbaf2bec5ece38d2ca3268 /main/lxc
parent	49a7c9a6c3fe1437e7d51d5a30c5cd4e39370b3d (diff)
download	aports-11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c.tar.bz2 aports-11796ca36e2bab9a5e42c8b4bfd91a1e83719f1c.tar.xz