Hello community,
here is the log from the commit of package lxc for openSUSE:Factory checked in at 2016-08-03 11:44:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lxc (Old)
and /work/SRC/openSUSE:Factory/.lxc.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lxc"
Changes:
--------
--- /work/SRC/openSUSE:Factory/lxc/lxc.changes 2016-06-21 12:29:25.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lxc.new/lxc.changes 2016-08-03 11:44:29.000000000 +0200
@@ -1,0 +2,45 @@
+Sat Jul 23 07:49:02 UTC 2016 - jengelh@inai.de
+
+- Abolish old macro use. Remove ancient %clean section.
+ Avoid sh invocation for simple ldconfig calls.
+
+-------------------------------------------------------------------
+Sat Jul 9 11:38:48 UTC 2016 - cbrauner@suse.de
+
+- add lxcfs dependency: lxc relies on lxcfs for a long time now to provide
+ container aware /proc files. The /sys/fs/cgroup part is slowly phased out
+ because we now have cgroup namespaces.
+
+-------------------------------------------------------------------
+Sat Jul 9 06:01:58 UTC 2016 - cbrauner@suse.de
+
+- Split into packages to follow best practice.
+ * lxc
+ * liblxc1
+ * liblxc-devel
+ Also, we need liblxc1 to be separately installable from LXC for LXD.
+- Tweak descriptions.
+
+-------------------------------------------------------------------
+Thu Jul 7 21:57:24 UTC 2016 - cbrauner@suse.de
+
+- Update to 2.0.3 (changes since 2.0.1):
+ * apparmor: Refresh generated file
+ * apparmor: add make-rslave to usr.bin.lxc-start
+ * apparmor: Allow bind-mounts and {r}shared/{r}private
+ * apparmor: allow mount move
+ * apparmor: Update mount states handling
+ * core: Drop lxc-devsetup as unneeded by current autodev
+ * core: Fix redefinition of struct in6_addr
+ * core: Include all lxcmntent.h function declarations on Bionic
+ * c/r: c/r: use criu's "full" mode for cgroups
+ * systemd: start containers in foreground when using the lxc@.service
+ * templates: debian: Make sure init is installed
+ * templates: oracle: Fix console login
+ * templates: plamo: Fix various issues
+ * templates: ubuntu: Install apt-transport-https by default
+ * travis: ensure 'make install' doesn't fail
+ * travis: test VPATH builds
+ * upstart: Force lxc-instance to behave like a good Upstart client
+
+-------------------------------------------------------------------
Old:
----
lxc-2.0.1.tar.gz
New:
----
lxc-2.0.3.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lxc.spec ++++++
--- /var/tmp/diff_new_pack.FZsDFk/_old 2016-08-03 11:44:30.000000000 +0200
+++ /var/tmp/diff_new_pack.FZsDFk/_new 2016-08-03 11:44:30.000000000 +0200
@@ -16,11 +16,12 @@
#
+%define shlib_version 1
Name: lxc
-Version: 2.0.1
+Version: 2.0.3
Release: 0
Url: http://linuxcontainers.org/
-Summary: Userspace tools for the Linux kernel containers
+Summary: Userspace tools for Linux kernel containers
License: LGPL-2.1+
Group: System/Management
Source: http://linuxcontainers.org/downloads/%{name}-%{version}.tar.gz
@@ -49,6 +50,7 @@
%endif
Requires: /sbin/setcap
+Requires: lxcfs
Requires: rsync
%{?systemd_requires}
@@ -57,23 +59,35 @@
Recommends: criu >= 2.0
%description
-It provides commands to create and manage containers. It contains a
-full featured container with the isolation/virtualization of the pids,
-the ipc, the utsname, the mount points, /proc, /sys, the network and it
-takes into account the control groups. It is very light, flexible, and
-provides a set of tools around the container like the monitoring with
-asynchronous events notification, or the freeze of the container. This
-package is useful to create Virtual Private Server, or to run isolated
-applications like bash or sshd.
+LXC provides commands to create and manage containers. Current LXC uses the
+following kernel features to contain processes:
+- Kernel namespaces (ipc, uts, mount, pid, network and user)
+- Apparmor and SELinux profiles
+- Seccomp policies
+- Chroots (using pivot_root)
+- Kernel capabilities
+- CGroups (control groups)
+LXC containers are often considered as something in the middle between a chroot
+and a full fledged virtual machine. The goal of LXC is to create an environment
+as close as possible to a standard Linux installation but without the need for a
+separate kernel.
-%package devel
-Summary: Development library for lxc
+%package -n liblxc%{shlib_version}
+Summary: LXC container runtime library
+License: LGPL-2.1
+Group: System/Libraries
+
+%description -n liblxc%{shlib_version}
+Provides the LXC container runtime library.
+
+%package -n liblxc-devel
+Summary: LXC container runtime library development files
License: LGPL-2.1
Group: Development/Libraries/C and C++
-Requires: %name = %version
+Requires: liblxc%{shlib_version} = %version
-%description devel
-Lxc header files and library needed for development of containers.
+%description -n liblxc-devel
+Provides the LXC container runtime library development files
%prep
%setup -q
@@ -85,52 +99,62 @@
--disable-rpath \
--with-init-script=systemd \
--with-systemdsystemunitdir=%{_unitdir}
-%__make %{?_smp_mflags}
-%__cp %{SOURCE1} .
-%__rm -rf .doc
-%__mkdir_p .doc/examples
-%__cp doc/examples/*.conf .doc/examples
+make %{?_smp_mflags}
+cp %{SOURCE1} .
+rm -rf .doc
+mkdir -p .doc/examples
+cp doc/examples/*.conf .doc/examples
%install
-%makeinstall
+%make_install
install -d -m 755 %{buildroot}/var/lib/lxc
find %buildroot -type f -name '*.la' -delete
-chmod u-s %{buildroot}/usr/lib/lxc/lxc-user-nic
+chmod u-s %{buildroot}/%{_libexecdir}/%{name}/lxc-user-nic
./config.status --file=%{buildroot}%{_bindir}/lxc-createconfig:%{S:2}
chmod a+x %{buildroot}%{_bindir}/lxc-createconfig
ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rclxc
ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rclxc-net
%fdupes %{buildroot}/%{_datadir}/%{name}/config/
-%clean
-%__rm -rf %buildroot
-
%pre
-%service_add_pre lxc.service lxc-net.service
+%service_add_pre lxc@.service lxc.service lxc-net.service
%post
-/sbin/ldconfig
-%service_add_post lxc.service lxc-net.service
+%service_add_post lxc@.service lxc.service lxc-net.service
%preun
-%service_del_preun lxc.service lxc-net.service
+%service_del_preun lxc@.service lxc.service lxc-net.service
%postun
-/sbin/ldconfig
-%service_del_postun lxc.service lxc-net.service
+%service_del_postun lxc@.service lxc.service lxc-net.service
+
+%post -n liblxc%{shlib_version} -p /sbin/ldconfig
+%postun -n liblxc%{shlib_version} -p /sbin/ldconfig
%files
%defattr(-,root,root)
-%doc AUTHORS MAINTAINERS COPYING README doc/FAQ.txt
+%doc README doc/FAQ.txt
%doc README.SUSE
-%doc .doc/examples
%dir %{_sysconfdir}/%{name}/
%config %{_sysconfdir}/%{name}/default.conf
%config(noreplace) %{_sysconfdir}/default/%{name}
-%{_libdir}/lib%{name}.so.*
-%{_libexecdir}/%name
-%{_libdir}/%name
-%{_datadir}/%name
+
+# On non 64bit versions of SUSE {_libdir} will be /usr/lib and thus equivalent
+# to {_libexecdir}. Hence, the next directive would install everything in
+# /usr/lib but we want to exclude some files because they get installed
+# together with the liblxc subpackage on which lxc depends.
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/rootfs
+
+%dir %{_libexecdir}/%{name}
+%{_libexecdir}/%{name}/hooks
+%{_libexecdir}/%{name}/lxc-containers
+%{_libexecdir}/%{name}/lxc-net
+%exclude %{_libexecdir}/%{name}/lxc-apparmor-load
+%exclude %{_libexecdir}/%{name}/lxc-monitord
+%exclude %{_libexecdir}/%{name}/lxc-user-nic
+
+%{_datadir}/%{name}
%dir /var/lib/lxc
%{_bindir}/%{name}-*
%{_sbindir}/init.lxc
@@ -142,6 +166,13 @@
%_unitdir/%{name}@.service
%python3_sitearch/%{name}/
%python3_sitearch/_%{name}*
+%config %{_sysconfdir}/bash_completion.d/%{name}
+
+%files -n liblxc%{shlib_version}
+%defattr(-,root,root)
+%{_libdir}/lib%{name}.so.*
+%doc AUTHORS MAINTAINERS COPYING
+%doc .doc/examples
%dir %{_sysconfdir}/apparmor.d
%dir %{_sysconfdir}/apparmor.d/abstractions
%dir %{_sysconfdir}/apparmor.d/abstractions/lxc
@@ -154,12 +185,14 @@
%config %{_sysconfdir}/apparmor.d/lxc/lxc-default-with-mounting
%config %{_sysconfdir}/apparmor.d/lxc/lxc-default-with-nesting
%config %{_sysconfdir}/apparmor.d/usr.bin.lxc-start
-%config %{_sysconfdir}/bash_completion.d/%{name}
+%{_libexecdir}/%{name}/lxc-apparmor-load
+%{_libexecdir}/%{name}/lxc-monitord
+%{_libexecdir}/%{name}/lxc-user-nic
-%files devel
+%files -n liblxc-devel
%defattr(-,root,root)
-%{_includedir}/%name
%{_libdir}/lib%{name}.so
+%{_includedir}/%name
%{_libdir}/pkgconfig/%{name}.pc
%changelog
++++++ lxc-2.0.1.tar.gz -> lxc-2.0.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/apparmor/Makefile.in new/lxc-2.0.3/config/apparmor/Makefile.in
--- old/lxc-2.0.1/config/apparmor/Makefile.in 2016-05-16 22:38:44.000000000 +0200
+++ new/lxc-2.0.3/config/apparmor/Makefile.in 2016-06-28 21:39:33.000000000 +0200
@@ -403,8 +403,8 @@
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-@ENABLE_APPARMOR_FALSE@uninstall-local:
@ENABLE_APPARMOR_FALSE@install-data-local:
+@ENABLE_APPARMOR_FALSE@uninstall-local:
clean: clean-am
clean-am: clean-generic mostlyclean-am
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/apparmor/abstractions/container-base new/lxc-2.0.3/config/apparmor/abstractions/container-base
--- old/lxc-2.0.1/config/apparmor/abstractions/container-base 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/apparmor/abstractions/container-base 2016-06-28 21:39:28.000000000 +0200
@@ -60,13 +60,6 @@
mount fstype=fuse,
mount fstype=fuse.*,
- # allow bind mount of /lib/init/fstab for lxcguest
- mount options=(rw, bind) /lib/init/fstab.lxc/ -> /lib/init/fstab/,
-
- # allow bind mounts of /run/{,lock} to /var/run/{,lock}
- mount options=(rw, bind) /run/ -> /var/run/,
- mount options=(rw, bind) /run/lock/ -> /var/lock/,
-
# deny access under /proc/bus to avoid e.g. messing with pci devices directly
deny @{PROC}/bus/** wklx,
@@ -100,6 +93,53 @@
# deny reads from debugfs
deny /sys/kernel/debug/{,**} rwklx,
+ # allow paths to be made slave, shared, private or unbindable
+ # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.
+# mount options=(rw,make-slave) -> **,
+# mount options=(rw,make-rslave) -> **,
+# mount options=(rw,make-shared) -> **,
+# mount options=(rw,make-rshared) -> **,
+# mount options=(rw,make-private) -> **,
+# mount options=(rw,make-rprivate) -> **,
+# mount options=(rw,make-unbindable) -> **,
+# mount options=(rw,make-runbindable) -> **,
+
+ # allow bind-mounts of anything except /proc, /sys and /dev
+ mount options=(rw,bind) /[^spd]*{,/**},
+ mount options=(rw,bind) /d[^e]*{,/**},
+ mount options=(rw,bind) /de[^v]*{,/**},
+ mount options=(rw,bind) /dev/.[^l]*{,/**},
+ mount options=(rw,bind) /dev/.l[^x]*{,/**},
+ mount options=(rw,bind) /dev/.lx[^c]*{,/**},
+ mount options=(rw,bind) /dev/.lxc?*{,/**},
+ mount options=(rw,bind) /dev/[^.]*{,/**},
+ mount options=(rw,bind) /dev?*{,/**},
+ mount options=(rw,bind) /p[^r]*{,/**},
+ mount options=(rw,bind) /pr[^o]*{,/**},
+ mount options=(rw,bind) /pro[^c]*{,/**},
+ mount options=(rw,bind) /proc?*{,/**},
+ mount options=(rw,bind) /s[^y]*{,/**},
+ mount options=(rw,bind) /sy[^s]*{,/**},
+ mount options=(rw,bind) /sys?*{,/**},
+
+ # allow moving mounts except for /proc, /sys and /dev
+ mount options=(rw,move) /[^spd]*{,/**},
+ mount options=(rw,move) /d[^e]*{,/**},
+ mount options=(rw,move) /de[^v]*{,/**},
+ mount options=(rw,move) /dev/.[^l]*{,/**},
+ mount options=(rw,move) /dev/.l[^x]*{,/**},
+ mount options=(rw,move) /dev/.lx[^c]*{,/**},
+ mount options=(rw,move) /dev/.lxc?*{,/**},
+ mount options=(rw,move) /dev/[^.]*{,/**},
+ mount options=(rw,move) /dev?*{,/**},
+ mount options=(rw,move) /p[^r]*{,/**},
+ mount options=(rw,move) /pr[^o]*{,/**},
+ mount options=(rw,move) /pro[^c]*{,/**},
+ mount options=(rw,move) /proc?*{,/**},
+ mount options=(rw,move) /s[^y]*{,/**},
+ mount options=(rw,move) /sy[^s]*{,/**},
+ mount options=(rw,move) /sys?*{,/**},
+
# generated by: lxc-generate-aa-rules.py container-rules.base
deny /proc/sys/[^kn]*{,/**} wklx,
deny /proc/sys/k[^e]*{,/**} wklx,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/apparmor/abstractions/container-base.in new/lxc-2.0.3/config/apparmor/abstractions/container-base.in
--- old/lxc-2.0.1/config/apparmor/abstractions/container-base.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/apparmor/abstractions/container-base.in 2016-06-28 21:39:28.000000000 +0200
@@ -60,13 +60,6 @@
mount fstype=fuse,
mount fstype=fuse.*,
- # allow bind mount of /lib/init/fstab for lxcguest
- mount options=(rw, bind) /lib/init/fstab.lxc/ -> /lib/init/fstab/,
-
- # allow bind mounts of /run/{,lock} to /var/run/{,lock}
- mount options=(rw, bind) /run/ -> /var/run/,
- mount options=(rw, bind) /run/lock/ -> /var/lock/,
-
# deny access under /proc/bus to avoid e.g. messing with pci devices directly
deny @{PROC}/bus/** wklx,
@@ -100,3 +93,50 @@
# deny reads from debugfs
deny /sys/kernel/debug/{,**} rwklx,
+ # allow paths to be made slave, shared, private or unbindable
+ # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.
+# mount options=(rw,make-slave) -> **,
+# mount options=(rw,make-rslave) -> **,
+# mount options=(rw,make-shared) -> **,
+# mount options=(rw,make-rshared) -> **,
+# mount options=(rw,make-private) -> **,
+# mount options=(rw,make-rprivate) -> **,
+# mount options=(rw,make-unbindable) -> **,
+# mount options=(rw,make-runbindable) -> **,
+
+ # allow bind-mounts of anything except /proc, /sys and /dev
+ mount options=(rw,bind) /[^spd]*{,/**},
+ mount options=(rw,bind) /d[^e]*{,/**},
+ mount options=(rw,bind) /de[^v]*{,/**},
+ mount options=(rw,bind) /dev/.[^l]*{,/**},
+ mount options=(rw,bind) /dev/.l[^x]*{,/**},
+ mount options=(rw,bind) /dev/.lx[^c]*{,/**},
+ mount options=(rw,bind) /dev/.lxc?*{,/**},
+ mount options=(rw,bind) /dev/[^.]*{,/**},
+ mount options=(rw,bind) /dev?*{,/**},
+ mount options=(rw,bind) /p[^r]*{,/**},
+ mount options=(rw,bind) /pr[^o]*{,/**},
+ mount options=(rw,bind) /pro[^c]*{,/**},
+ mount options=(rw,bind) /proc?*{,/**},
+ mount options=(rw,bind) /s[^y]*{,/**},
+ mount options=(rw,bind) /sy[^s]*{,/**},
+ mount options=(rw,bind) /sys?*{,/**},
+
+ # allow moving mounts except for /proc, /sys and /dev
+ mount options=(rw,move) /[^spd]*{,/**},
+ mount options=(rw,move) /d[^e]*{,/**},
+ mount options=(rw,move) /de[^v]*{,/**},
+ mount options=(rw,move) /dev/.[^l]*{,/**},
+ mount options=(rw,move) /dev/.l[^x]*{,/**},
+ mount options=(rw,move) /dev/.lx[^c]*{,/**},
+ mount options=(rw,move) /dev/.lxc?*{,/**},
+ mount options=(rw,move) /dev/[^.]*{,/**},
+ mount options=(rw,move) /dev?*{,/**},
+ mount options=(rw,move) /p[^r]*{,/**},
+ mount options=(rw,move) /pr[^o]*{,/**},
+ mount options=(rw,move) /pro[^c]*{,/**},
+ mount options=(rw,move) /proc?*{,/**},
+ mount options=(rw,move) /s[^y]*{,/**},
+ mount options=(rw,move) /sy[^s]*{,/**},
+ mount options=(rw,move) /sys?*{,/**},
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/apparmor/abstractions/start-container new/lxc-2.0.3/config/apparmor/abstractions/start-container
--- old/lxc-2.0.1/config/apparmor/abstractions/start-container 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/apparmor/abstractions/start-container 2016-06-28 21:39:28.000000000 +0200
@@ -15,6 +15,7 @@
mount options=bind /dev/pts/ptmx/ -> /dev/ptmx/,
mount options=bind /dev/pts/** -> /dev/**,
mount options=(rw, make-slave) -> **,
+ mount options=(rw, make-rslave) -> **,
mount fstype=debugfs,
# allow pre-mount hooks to stage mounts under /var/lib/lxc/<container>/
mount -> /var/lib/lxc/{**,},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/common/Makefile.am new/lxc-2.0.3/config/init/common/Makefile.am
--- old/lxc-2.0.1/config/init/common/Makefile.am 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/common/Makefile.am 2016-06-28 21:39:28.000000000 +0200
@@ -1,2 +1,2 @@
-EXTRA_DIST = lxc-containers.in lxc-net.in lxc-devsetup
-pkglibexec_SCRIPTS = lxc-containers lxc-net lxc-devsetup
+EXTRA_DIST = lxc-containers.in lxc-net.in
+pkglibexec_SCRIPTS = lxc-containers lxc-net
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/common/Makefile.in new/lxc-2.0.3/config/init/common/Makefile.in
--- old/lxc-2.0.1/config/init/common/Makefile.in 2016-05-16 22:38:44.000000000 +0200
+++ new/lxc-2.0.3/config/init/common/Makefile.in 2016-06-28 21:39:33.000000000 +0200
@@ -317,8 +317,8 @@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
-EXTRA_DIST = lxc-containers.in lxc-net.in lxc-devsetup
-pkglibexec_SCRIPTS = lxc-containers lxc-net lxc-devsetup
+EXTRA_DIST = lxc-containers.in lxc-net.in
+pkglibexec_SCRIPTS = lxc-containers lxc-net
all: all-am
.SUFFIXES:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/common/lxc-devsetup new/lxc-2.0.3/config/init/common/lxc-devsetup
--- old/lxc-2.0.1/config/init/common/lxc-devsetup 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/common/lxc-devsetup 1970-01-01 01:00:00.000000000 +0100
@@ -1,25 +0,0 @@
-#!/bin/sh -
-
-# lxc.devsetup - Setup host /dev for container /dev subdirectories.
-
-if [ ! -d /dev/.lxc ]
-then
- echo "Creating /dev/.lxc"
- mkdir /dev/.lxc
- chmod 755 /dev/.lxc
-fi
-
-if grep -q "/dev devtmpfs " /proc/self/mounts
-then
- echo "/dev is devtmpfs"
-else
- echo "/dev is not devtmpfs - mounting tmpfs on .lxc"
- mount -t tmpfs tmpfs /dev/.lxc
-fi
-
-if [ ! -d /dev/.lxc/user ]
-then
- echo "Creating /dev/.lxc/user"
- mkdir /dev/.lxc/user
- chmod 1777 /dev/.lxc/user
-fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/systemd/Makefile.in new/lxc-2.0.3/config/init/systemd/Makefile.in
--- old/lxc-2.0.1/config/init/systemd/Makefile.in 2016-05-16 22:38:44.000000000 +0200
+++ new/lxc-2.0.3/config/init/systemd/Makefile.in 2016-06-28 21:39:33.000000000 +0200
@@ -476,8 +476,8 @@
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
-@INIT_SCRIPT_SYSTEMD_FALSE@install-data-local:
@INIT_SCRIPT_SYSTEMD_FALSE@uninstall-local:
+@INIT_SCRIPT_SYSTEMD_FALSE@install-data-local:
clean: clean-am
clean-am: clean-generic mostlyclean-am
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/systemd/lxc.service.in new/lxc-2.0.3/config/init/systemd/lxc.service.in
--- old/lxc-2.0.1/config/init/systemd/lxc.service.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/systemd/lxc.service.in 2016-06-28 21:39:28.000000000 +0200
@@ -6,7 +6,6 @@
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStartPre=@LIBEXECDIR@/lxc/lxc-devsetup
ExecStartPre=@LIBEXECDIR@/lxc/lxc-apparmor-load
ExecStart=@LIBEXECDIR@/lxc/lxc-containers start
ExecStop=@LIBEXECDIR@/lxc/lxc-containers stop
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/systemd/lxc@.service.in new/lxc-2.0.3/config/init/systemd/lxc@.service.in
--- old/lxc-2.0.1/config/init/systemd/lxc@.service.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/systemd/lxc@.service.in 2016-06-28 21:39:28.000000000 +0200
@@ -9,7 +9,7 @@
KillMode=mixed
KillSignal=SIGPWR
TimeoutStopSec=120s
-ExecStart=@BINDIR@/lxc-start -n %i
+ExecStart=@BINDIR@/lxc-start -F -n %i
# Environment=BOOTUP=serial
# Environment=CONSOLETYPE=serial
Delegate=yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/sysvinit/lxc-containers.in new/lxc-2.0.3/config/init/sysvinit/lxc-containers.in
--- old/lxc-2.0.1/config/init/sysvinit/lxc-containers.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/sysvinit/lxc-containers.in 2016-06-28 21:39:28.000000000 +0200
@@ -29,7 +29,6 @@
start() {
# Setup host /dev for autodev containers.
- @LIBEXECDIR@/lxc/lxc-devsetup
log_daemon_msg "Starting LXC autoboot containers: "
@LIBEXECDIR@/lxc/lxc-containers start
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/upstart/Makefile.in new/lxc-2.0.3/config/init/upstart/Makefile.in
--- old/lxc-2.0.1/config/init/upstart/Makefile.in 2016-05-16 22:38:44.000000000 +0200
+++ new/lxc-2.0.3/config/init/upstart/Makefile.in 2016-06-28 21:39:33.000000000 +0200
@@ -395,8 +395,8 @@
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-@INIT_SCRIPT_UPSTART_FALSE@install-data-local:
@INIT_SCRIPT_UPSTART_FALSE@uninstall-local:
+@INIT_SCRIPT_UPSTART_FALSE@install-data-local:
clean: clean-am
clean-am: clean-generic mostlyclean-am
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/upstart/lxc-instance.conf new/lxc-2.0.3/config/init/upstart/lxc-instance.conf
--- old/lxc-2.0.1/config/init/upstart/lxc-instance.conf 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/upstart/lxc-instance.conf 2016-06-28 21:39:28.000000000 +0200
@@ -17,6 +17,4 @@
lxc-wait -s RUNNING -n $NAME -t 0 && { stop; exit 0; } || true
end script
-script
- exec lxc-start -n $NAME
-end script
+exec lxc-start -F -n $NAME
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/upstart/lxc.conf new/lxc-2.0.3/config/init/upstart/lxc.conf
--- old/lxc-2.0.1/config/init/upstart/lxc.conf 2016-05-16 22:38:51.000000000 +0200
+++ new/lxc-2.0.3/config/init/upstart/lxc.conf 2016-06-28 21:39:47.000000000 +0200
@@ -45,9 +45,6 @@
fi
fi
- # Setup host /dev for autodev containers.
- /usr/local/libexec/lxc/lxc-devsetup
-
[ "x$LXC_AUTO" = "xtrue" ] || exit 0
if [ -n "$BOOTGROUPS" ]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/config/init/upstart/lxc.conf.in new/lxc-2.0.3/config/init/upstart/lxc.conf.in
--- old/lxc-2.0.1/config/init/upstart/lxc.conf.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/config/init/upstart/lxc.conf.in 2016-06-28 21:39:28.000000000 +0200
@@ -45,9 +45,6 @@
fi
fi
- # Setup host /dev for autodev containers.
- @LIBEXECDIR@/lxc/lxc-devsetup
-
[ "x$LXC_AUTO" = "xtrue" ] || exit 0
if [ -n "$BOOTGROUPS" ]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/configure new/lxc-2.0.3/configure
--- old/lxc-2.0.1/configure 2016-05-16 22:38:43.000000000 +0200
+++ new/lxc-2.0.3/configure 2016-06-28 21:39:32.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for lxc 2.0.1.
+# Generated by GNU Autoconf 2.69 for lxc 2.0.3.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
# Identity of this package.
PACKAGE_NAME='lxc'
PACKAGE_TARNAME='lxc'
-PACKAGE_VERSION='2.0.1'
-PACKAGE_STRING='lxc 2.0.1'
+PACKAGE_VERSION='2.0.3'
+PACKAGE_STRING='lxc 2.0.3'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1453,7 +1453,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures lxc 2.0.1 to adapt to many kinds of systems.
+\`configure' configures lxc 2.0.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1524,7 +1524,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of lxc 2.0.1:";;
+ short | recursive ) echo "Configuration of lxc 2.0.3:";;
esac
cat <<\_ACEOF
@@ -1685,7 +1685,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-lxc configure 2.0.1
+lxc configure 2.0.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2150,7 +2150,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by lxc $as_me 2.0.1, which was
+It was created by lxc $as_me 2.0.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2621,7 +2621,7 @@
fi
fi
-LXC_VERSION_BASE=2.0.1
+LXC_VERSION_BASE=2.0.3
@@ -2629,11 +2629,11 @@
LXC_VERSION_MINOR=0
-LXC_VERSION_MICRO=1
+LXC_VERSION_MICRO=3
LXC_VERSION_ABI=1.2.0
-LXC_VERSION=2.0.1
+LXC_VERSION=2.0.3
@@ -3154,7 +3154,7 @@
# Define the identity of the package.
PACKAGE='lxc'
- VERSION='2.0.1'
+ VERSION='2.0.3'
cat >>confdefs.h <<_ACEOF
@@ -10121,7 +10121,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by lxc $as_me 2.0.1, which was
+This file was extended by lxc $as_me 2.0.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -10191,7 +10191,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-lxc config.status 2.0.1
+lxc config.status 2.0.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/configure.ac new/lxc-2.0.3/configure.ac
--- old/lxc-2.0.1/configure.ac 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/configure.ac 2016-06-28 21:39:28.000000000 +0200
@@ -3,7 +3,7 @@
m4_define([lxc_version_major], 2)
m4_define([lxc_version_minor], 0)
-m4_define([lxc_version_micro], 1)
+m4_define([lxc_version_micro], 3)
m4_define([lxc_version_beta], [])
m4_define([lxc_version_abi], 1.2.0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/lxc.spec new/lxc-2.0.3/lxc.spec
--- old/lxc-2.0.1/lxc.spec 2016-05-16 22:38:50.000000000 +0200
+++ new/lxc-2.0.3/lxc.spec 2016-06-28 21:39:47.000000000 +0200
@@ -60,7 +60,7 @@
%endif
Name: lxc
-Version: 2.0.1
+Version: 2.0.3
Release: %{?beta_rel:0.1.%{beta_rel}}%{?!beta_rel:%{norm_rel}}%{?dist}
URL: http://linuxcontainers.org
Source: http://linuxcontainers.org/downloads/%{name}-%{version}%{?beta_dot}.tar.gz
@@ -275,7 +275,6 @@
%{_libexecdir}/%{name}
%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
%if %{with_systemd}
-%attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
%attr(555,root,root) %{_libexecdir}/%{name}/lxc-net
%attr(555,root,root) %{_libexecdir}/%{name}/lxc-containers
%endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/lxc.spec.in new/lxc-2.0.3/lxc.spec.in
--- old/lxc-2.0.1/lxc.spec.in 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/lxc.spec.in 2016-06-28 21:39:28.000000000 +0200
@@ -275,7 +275,6 @@
%{_libexecdir}/%{name}
%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
%if %{with_systemd}
-%attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
%attr(555,root,root) %{_libexecdir}/%{name}/lxc-net
%attr(555,root,root) %{_libexecdir}/%{name}/lxc-containers
%endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/src/include/lxcmntent.h new/lxc-2.0.3/src/include/lxcmntent.h
--- old/lxc-2.0.1/src/include/lxcmntent.h 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/src/include/lxcmntent.h 2016-06-28 21:39:28.000000000 +0200
@@ -36,15 +36,15 @@
extern struct mntent *getmntent_r (FILE *stream, struct mntent *mp, char *buffer, int bufsiz);
#endif
-#ifndef HAVE_SETMNTENT
+#if !defined(HAVE_SETMNTENT) || IS_BIONIC
FILE *setmntent (const char *file, const char *mode);
#endif
-#ifndef HAVE_ENDMNTENT
+#if !defined(HAVE_ENDMNTENT) || IS_BIONIC
int endmntent (FILE *stream);
#endif
-#ifndef HAVE_HASMNTOPT
+#if !defined(HAVE_HASMNTOPT) || IS_BIONIC
extern char *hasmntopt (const struct mntent *mnt, const char *opt);
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/src/lxc/criu.c new/lxc-2.0.3/src/lxc/criu.c
--- old/lxc-2.0.1/src/lxc/criu.c 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/src/lxc/criu.c 2016-06-28 21:39:28.000000000 +0200
@@ -135,7 +135,7 @@
/* The command line always looks like:
* criu $(action) --tcp-established --file-locks --link-remap \
- * --manage-cgroups action-script foo.sh -D $(directory) \
+ * --manage-cgroups=full action-script foo.sh -D $(directory) \
* -o $(directory)/$(action).log --ext-mount-map auto
* --enable-external-sharing --enable-external-masters
* --enable-fs hugetlbfs --enable-fs tracefs --ext-mount-map console:/dev/pts/n
@@ -218,7 +218,7 @@
DECLARE_ARG("--tcp-established");
DECLARE_ARG("--file-locks");
DECLARE_ARG("--link-remap");
- DECLARE_ARG("--manage-cgroups");
+ DECLARE_ARG("--manage-cgroups=full");
DECLARE_ARG("--ext-mount-map");
DECLARE_ARG("auto");
DECLARE_ARG("--enable-external-sharing");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-2.0.1/src/lxc/lxc_user_nic.c new/lxc-2.0.3/src/lxc/lxc_user_nic.c
--- old/lxc-2.0.1/src/lxc/lxc_user_nic.c 2016-05-16 22:38:39.000000000 +0200
+++ new/lxc-2.0.3/src/lxc/lxc_user_nic.c 2016-06-28 21:39:28.000000000 +0200
@@ -41,7 +41,6 @@
#include