1. 21 12月, 2012 7 次提交
  2. 19 12月, 2012 1 次提交
  3. 18 12月, 2012 4 次提交
  4. 28 11月, 2012 3 次提交
  5. 02 11月, 2012 2 次提交
  6. 26 9月, 2012 3 次提交
  7. 21 9月, 2012 3 次提交
  8. 07 9月, 2012 1 次提交
  9. 31 7月, 2012 1 次提交
    • E
      build: fix build without HAVE_CAPNG · 6f926c5e
      Eric Blake 提交于
      Otherwise, a build may fail with:
      
      lxc/lxc_conatiner.c: In function 'lxcContainerDropCapabilities':
      lxc/lxc_container.c:1662:46: error: unused parameter 'keepReboot' [-Werror=unused-parameter]
      
      * src/lxc/lxc_container.c (lxcContainerDropCapabilities): Mark
      parameter unused.
      6f926c5e
  10. 30 7月, 2012 2 次提交
  11. 23 7月, 2012 1 次提交
    • O
      Desert the FSF address in copyright · f9ce7dad
      Osier Yang 提交于
      Per the FSF address could be changed from time to time, and GNU
      recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)
      
        You should have received a copy of the GNU General Public License
        along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
      
      This patch removes the explicit FSF address, and uses above instead
      (of course, with inserting 'Lesser' before 'General').
      
      Except a bunch of files for security driver, all others are changed
      automatically, the copyright for securify files are not complete,
      that's why to do it manually:
      
        src/security/security_selinux.h
        src/security/security_driver.h
        src/security/security_selinux.c
        src/security/security_apparmor.h
        src/security/security_apparmor.c
        src/security/security_driver.c
      f9ce7dad
  12. 19 7月, 2012 2 次提交
    • D
      lxcContainerMountCGroups also mounts a tmpfs that needs to be labeled. · 9f5ef4d9
      Dan Walsh 提交于
      This patch passes down the sec_mount_options to the
      lxcContainerMountCGroups function and then mounts the tmpfs with
      the correct label.
      9f5ef4d9
    • D
      Mount all tmpfs filesystems with correct SELinux label · e0018429
      Daniel J Walsh 提交于
      Basically within a Secure Linux Container (virt-sandbox) we want all content
      that the process within the container can write to be labeled the same.  We
      are labeling the physical disk correctly but when we create "RAM" based file
      systems
      libvirt is not labeling them, and they are defaulting to tmpfs_t, which will
      will not allow the processes to write.  This patch labels the RAM based file
      systems correctly.
      e0018429
  13. 06 7月, 2012 1 次提交
  14. 05 7月, 2012 1 次提交
  15. 29 6月, 2012 1 次提交
  16. 25 6月, 2012 3 次提交
    • D
      Support bind mounting host files, as well as directories in LXC · 465c055f
      Daniel J Walsh 提交于
      Currently libvirt-lxc checks to see if the destination exists and is a
      directory.  If it is not a directory then the mount fails.  Since
      libvirt-lxc can bind mount files on an inode, this patch is needed to
      allow us to bind mount files on files.  Currently we want to bind mount
      on top of /etc/machine-id, and /etc/adjtime
      
      If the destination of the mount point does not exists, it checks if the
      src is a directory and then attempts to create a directory, otherwise it
      creates an empty file for the destination.  The code will then bind mount
      over the destination.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      465c055f
    • D
      Add support for guest bind mounts with LXC · 3b1ddec1
      Daniel P. Berrange 提交于
      Currently you can configure LXC to bind a host directory to
      a guest directory, but not to bind a guest directory to a
      guest directory. While the guest container init could do
      this itself, allowing it in the libvirt XML means a stricter
      SELinux policy can be written
      3b1ddec1
    • D
      Add support for RAM filesystems for LXC · 76b644c3
      Daniel P. Berrange 提交于
      Introduce a new syntax for filesystems to allow use of a RAM
      filesystem
      
         <filesystem type='ram'>
            <source usage='10' units='MiB'/>
            <target dir='/mnt'/>
         </filesystem>
      
      The usage units default to KiB to limit consumption of host memory.
      
      * docs/formatdomain.html.in: Document new syntax
      * docs/schemas/domaincommon.rng: Add new attributes
      * src/conf/domain_conf.c: Parsing/formatting of RAM filesystems
      * src/lxc/lxc_container.c: Mounting of RAM filesystems
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      76b644c3
  17. 19 6月, 2012 4 次提交