hallyn/lxcfs forked from lxc/lxcfs

thanks Nehal for reminding me.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

This is a WIP, do not merge yet.

Closes #68

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Example Output:

[root at lxc-dev <http://lists.linuxcontainers.org/listinfo/lxc-devel>  ~]# lxc-attach -n ubuntuwily --  /bin/cat /proc/swaps
Filename                                Type            Size    Used    Priority
none                                    virtual         1048572 1048572 0

Signed-off-by: Teemu Grönqvist <teemu.gronqvist@net9.fi>
Signed-off-by: Nehal J Wani <nehaljw.kkd1@gmail.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

pam_cgfs: change handling of name=systemd

Don't always ignore it.

Do ignore it (like all others) if not listed in the -c argument.

If the logged in task's name=systemd cgroup != that of the init
task's, assume we are in systemd and rename the user's.

If they are the same, assume we are in upstart or sysvinit and
create=chown a name=systemd cgroup just as for the others.

This should fix

https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1543353

and allow the ubuntu systemd package to drop its cgroup related
delta.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

add test_reload.sh to extra_dist

to get it into the make dist tarball

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

2016 02 08/privlib

Since it is no longer automatically built, build liblxcfstest by hand
and move it into place.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

if it was not found using ld.so.

Also use the same function always to load the library.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

cgfs_list_children() and cgfs_list_keys() follow the same
pattern with the differences being that one lists
directories, the other files, and that cgfs_list_children()
always allocates an empty list while cgfs_list_keys()
NULL-initializes the list.
Both have a case which returns an error after a list has
been allocated, and in both cases the cleanup code is
guarded with an if(list).
In both cases on success the caller assumes the list is
non-empty which is why cgfs_list_children() returned a list
with a terminating NULL-entry.

This deduplicates the iteration code into a function with a
flag for whether regular files or directories are of
interest and a callback to create the list element.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

We already assume tmp[] is big enough when using an unsized
sprintf(), considering it contains a single pid number and
is 30 bytes we can assume it was also big enough to hold the
terminating null byte.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

2016 02 03/pidfile

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

and update testsuite to use pidfile

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Don't tie entries in 'hierarchies' to their subsystem id

There's no place where we rely on it, and it gets out of whack
if cgroups have been unmounted+remounted.

This is an alternative to lxc#70.
Thanks to smemsh for the report and proposed fix.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

2016 02 02/split.2

Move the majority of the code (the bits most likely to have security
bugs coming up) reloadable.  Sending USR1 signal to lxcfs will cause
it to reload the shared library so as to immediately start using the
fixed code.  This allows us to upgrade lxcfs in the majority of
cases without having to restart containers.

To achieve this, some code was moved around so that lxcfs.c itself
does not risk pinning any symbols from the shared library (which
would prevent it being unloaded).  We track the number of threads
currently using the bindings, and do the reload after it hits
zero (specifically, the next time that we turn the count from 0 to 1)

Also add a test case to make sure an updated library does in fact
get loaded.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Don't hardcode strings in testsuites

With this, we should be able to run more than one testsuite at once.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Random fixes

Several pieces of code which deal with caching contents for proc
files contain code like this:

  if (l >= cache_size) {
      ...
      goto err;
  }
  if (l < cache_size) {
      ...
  } else {
      ...
  }

When the first condition is false the second condition will
always be true, so the code in the else block is never used.
The second if/else statement can then just be replaced with the
code from the if block.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

In practice these should never underflow, but in theory it's possible.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

lxcfs used to use $current's cgroups to virtualize proc, but
switched in 0.17 to using $current's init's cgroups.  The
tests need to be updated to reflect that.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>