diff --git a/utils/lxc/Config.in b/utils/lxc/Config.in index ff58ba096..53d7ba5fd 100644 --- a/utils/lxc/Config.in +++ b/utils/lxc/Config.in @@ -32,6 +32,7 @@ config LXC_BUSYBOX_OPTIONS select BUSYBOX_CONFIG_XZ select BUSYBOX_CONFIG_GETOPT select BUSYBOX_CONFIG_FEATURE_GETOPT_LONG + select BUSYBOX_CONFIG_MOUNTPOINT help Select needed busybox options for lxc-create utility. This include XZ tar compression, long option support for tar and built-in getopt support. diff --git a/utils/lxc/Makefile b/utils/lxc/Makefile index f22b4f315..3c758379d 100644 --- a/utils/lxc/Makefile +++ b/utils/lxc/Makefile @@ -1,5 +1,6 @@ # # Copyright (C) 2013-2015 OpenWrt.org +# Copyright (C) 2020 Sartura # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lxc -PKG_VERSION:=2.1.1 -PKG_RELEASE:=5 +PKG_VERSION:=4.0.2 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/ -PKG_HASH:=68663a67450a8d6734e137eac54cc7077209fb15c456eec401a2c26e6386eff6 +PKG_HASH:=ca336dcdf303fea5ff231d89a9b6278b061c4cffb14f0db0a71a15bdd95a5cb0 PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0 PKG_MAINTAINER:=Marko Ratkaj @@ -45,7 +46,7 @@ define Package/lxc/Default SECTION:=utils CATEGORY:=Utilities TITLE:=LXC userspace tools - URL:=http://lxc.sourceforge.net/ + URL:=https://linuxcontainers.org/ endef define Package/lxc @@ -124,7 +125,7 @@ define Package/liblxc SECTION:=libs CATEGORY:=Libraries TITLE:=LXC userspace library - DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp + DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp +libopenssl endef define Package/lxc-lua @@ -150,6 +151,9 @@ CONFIGURE_ARGS += \ --enable-lua=yes \ --with-lua-pc="$(STAGING_DIR)/usr/lib/pkgconfig/lua.pc" +TARGET_CFLAGS += -Wno-format-nonliteral +TARGET_LDFLAGS += -lgcc_eh + ifeq ($(CONFIG_LXC_SECCOMP),y) CONFIGURE_ARGS += --enable-seccomp else diff --git a/utils/lxc/files/lxc-auto.init b/utils/lxc/files/lxc-auto.init index 937f08269..53abff9f1 100755 --- a/utils/lxc/files/lxc-auto.init +++ b/utils/lxc/files/lxc-auto.init @@ -58,3 +58,14 @@ stop() { fi } +#Export systemd cgroups +boot() { + if [ ! -d /sys/fs/cgroup/systemd ]; then + mkdir -p /sys/fs/cgroup/systemd + mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,none,name=systemd cgroup /sys/fs/cgroup/systemd + fi + + if [ ! -d /run ]; then + ln -s /var/run /run + fi +} diff --git a/utils/lxc/patches/001-nl-avoid-NULL-pointer-dereference.patch b/utils/lxc/patches/001-nl-avoid-NULL-pointer-dereference.patch deleted file mode 100644 index 4c402a060..000000000 --- a/utils/lxc/patches/001-nl-avoid-NULL-pointer-dereference.patch +++ /dev/null @@ -1,37 +0,0 @@ -From c8f05589644d6b719e5a2c7fc548604f248be9be Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= -Date: Sun, 29 Jul 2018 17:44:06 +0200 -Subject: [PATCH] nl: avoid NULL pointer dereference -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -It's a valid case to call nla_put() with NULL data and 0 len. It's done e.g. in -the nla_put_attr(). - -There has to be a check for data in nla_put() as passing NULL to the memcpy() -is not allowed. Even if length is 0, both pointers have to be valid. - -For a reference see C99 standard (7.21.1/2), it says: "pointer arguments on -such a call shall still have valid values". - -Reported-by: Daniel Gimpelevich -Signed-off-by: Rafał Miłecki -[christian.brauner@ubuntu.com: adapted commit message] -Signed-off-by: Christian Brauner ---- - src/lxc/nl.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/src/lxc/nl.c -+++ b/src/lxc/nl.c -@@ -61,7 +61,8 @@ static int nla_put(struct nlmsg *nlmsg, - rta = NLMSG_TAIL(nlmsg->nlmsghdr); - rta->rta_type = attr; - rta->rta_len = rtalen; -- memcpy(RTA_DATA(rta), data, len); -+ if (data && len) -+ memcpy(RTA_DATA(rta), data, len); - nlmsg->nlmsghdr->nlmsg_len = tlen; - return 0; - } diff --git a/utils/lxc/patches/002-compile.patch b/utils/lxc/patches/002-compile.patch deleted file mode 100644 index 9a98777f7..000000000 --- a/utils/lxc/patches/002-compile.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/src/lxc/storage/aufs.h -+++ b/src/lxc/storage/aufs.h -@@ -24,7 +24,6 @@ - #ifndef __LXC_AUFS_H - #define __LXC_AUFS_H - --#define _GNU_SOURCE - #include - #include - #include diff --git a/utils/lxc/patches/003-compile.patch b/utils/lxc/patches/003-compile.patch deleted file mode 100644 index b26b78d1f..000000000 --- a/utils/lxc/patches/003-compile.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/lxc/confile_utils.c -+++ b/src/lxc/confile_utils.c -@@ -677,7 +677,7 @@ - char *endptr = NULL; - - if (strncmp(*value, "unlimited", sizeof("unlimited") - 1) == 0) { -- *res = RLIM_INFINITY; -+ *res = (unsigned long)RLIM_INFINITY; - *value += sizeof("unlimited") - 1; - return true; - } diff --git a/utils/lxc/patches/010-compile.patch b/utils/lxc/patches/010-Remove-distro-check.patch similarity index 74% rename from utils/lxc/patches/010-compile.patch rename to utils/lxc/patches/010-Remove-distro-check.patch index 903e4cd7b..5e6edfa1e 100644 --- a/utils/lxc/patches/010-compile.patch +++ b/utils/lxc/patches/010-Remove-distro-check.patch @@ -1,13 +1,23 @@ +From 9f550ca53801b2b9c6c1c7a4d02ad525c704b145 Mon Sep 17 00:00:00 2001 +From: Robert Marko +Date: Thu, 14 May 2020 13:40:53 +0200 +Subject: [PATCH] Remove distro check + +Signed-off-by: Robert Marko +--- + configure.ac | 28 ---------------------------- + 1 file changed, 28 deletions(-) + --- a/configure.ac +++ b/configure.ac -@@ -47,34 +47,6 @@ AC_GNU_SOURCE +@@ -64,34 +64,6 @@ fi LT_INIT AC_SUBST([LIBTOOL_DEPS]) -# Detect the distribution. This is used for the default configuration and -# for some distro-specific build options. -AC_MSG_CHECKING([host distribution]) --AC_ARG_WITH(distro, AS_HELP_STRING([--with-distro=DISTRO], [Specify the Linux distribution to target: One of redhat, oracle, centos, fedora, suse, gentoo, debian, arch, slackware, plamo, paldo, openmandriva, pardus, sparclinux, altlinux.])) +-AC_ARG_WITH(distro, AS_HELP_STRING([--with-distro=DISTRO], [Specify the Linux distribution to target: One of redhat, redhatenterpriseserver, oracle, centos, fedora, suse, gentoo, debian, arch, slackware, plamo, paldo, openmandriva, pardus, sparclinux, altlinux.])) -if type lsb_release >/dev/null 2>&1 && test "z$with_distro" = "z"; then - with_distro=`lsb_release -is` -fi diff --git a/utils/lxc/patches/015-getline.patch b/utils/lxc/patches/015-getline.patch index c91e010c5..4a35ff1d3 100644 --- a/utils/lxc/patches/015-getline.patch +++ b/utils/lxc/patches/015-getline.patch @@ -1,6 +1,6 @@ --- a/src/lxc/utils.h +++ b/src/lxc/utils.h -@@ -59,11 +59,7 @@ extern int mkdir_p(const char *dir, mode_t mode); +@@ -35,11 +35,7 @@ extern int mkdir_p(const char *dir, mode extern char *get_rundir(void); /* Define getline() if missing from the C library */ @@ -11,5 +11,5 @@ -#endif +#include "../include/getline.h" - /* Define setns() if missing from the C library */ - #ifndef HAVE_SETNS + static inline int lxc_set_cloexec(int fd) + { diff --git a/utils/lxc/patches/020-lxc-checkconfig.patch b/utils/lxc/patches/020-lxc-checkconfig.patch index 0e644ea47..b9879b644 100644 --- a/utils/lxc/patches/020-lxc-checkconfig.patch +++ b/utils/lxc/patches/020-lxc-checkconfig.patch @@ -1,6 +1,6 @@ ---- a/src/lxc/tools/lxc-checkconfig.in -+++ b/src/lxc/tools/lxc-checkconfig.in -@@ -3,6 +3,17 @@ +--- a/src/lxc/cmd/lxc-checkconfig.in ++++ b/src/lxc/cmd/lxc-checkconfig.in +@@ -4,6 +4,17 @@ # Allow environment variables to override config : ${CONFIG:=/proc/config.gz} : ${MODNAME:=configs} diff --git a/utils/lxc/patches/025-remove-unsupported-option.patch b/utils/lxc/patches/025-remove-unsupported-option.patch index b20870890..6f290d799 100644 --- a/utils/lxc/patches/025-remove-unsupported-option.patch +++ b/utils/lxc/patches/025-remove-unsupported-option.patch @@ -1,15 +1,15 @@ --- a/templates/lxc-download.in +++ b/templates/lxc-download.in -@@ -505,20 +505,7 @@ fi +@@ -506,20 +506,7 @@ fi # Unpack the rootfs echo "Unpacking the rootfs" -EXCLUDES="" -excludelist=$(relevant_file excludes) -if [ -f "${excludelist}" ]; then -- while read -r line; do -- EXCLUDES="${EXCLUDES} --exclude=${line}" -- done < "${excludelist}" +- while read -r line; do +- EXCLUDES="${EXCLUDES} --exclude=${line}" +- done < "${excludelist}" -fi - -# Do not surround ${EXCLUDES} by quotes. This does not work. The solution could @@ -17,8 +17,8 @@ -# is to use a function wrapper, but the latter can't be used here as the args -# are dynamic. We thus need to ignore the warning brought by shellcheck. -# shellcheck disable=SC2086 --tar --anchored ${EXCLUDES} --numeric-owner -xpJf \ -+tar --numeric-owner -xpJf \ - "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}" +-tar --anchored ${EXCLUDES} --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}" ++tar --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}" mkdir -p "${LXC_ROOTFS}/dev/pts/" + diff --git a/utils/lxc/patches/030-prlimit.patch b/utils/lxc/patches/030-prlimit.patch deleted file mode 100644 index 88f17aa2b..000000000 --- a/utils/lxc/patches/030-prlimit.patch +++ /dev/null @@ -1,95 +0,0 @@ -From f48b5fd8ab03c200eaf5e3a9b03bcd01b2659cf3 Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Thu, 2 Nov 2017 16:00:33 +0100 -Subject: [PATCH] Fix compilation on toolchain without prlimit - -Some toolchains which are not bionic like uclibc does not support -prlimit or prlimit64. In this case, return an error. -Moreover, if prlimit64 is available, use lxc implementation of prlimit. - -Signed-off-by: Fabrice Fontaine ---- - configure.ac | 4 ++++ - src/lxc/Makefile.am | 6 ++++++ - src/lxc/conf.c | 12 +++++++++--- - 3 files changed, 19 insertions(+), 3 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 642b78e7e1..63df7466cb 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -643,6 +643,10 @@ AC_CHECK_FUNCS([prlimit], - AM_CONDITIONAL(HAVE_PRLIMIT, true) - AC_DEFINE(HAVE_PRLIMIT,1,[Have prlimit]), - AM_CONDITIONAL(HAVE_PRLIMIT, false)) -+AC_CHECK_FUNCS([prlimit64], -+ AM_CONDITIONAL(HAVE_PRLIMIT64, true) -+ AC_DEFINE(HAVE_PRLIMIT64,1,[Have prlimit64]), -+ AM_CONDITIONAL(HAVE_PRLIMIT64, false)) - - # Check for some libraries - AC_SEARCH_LIBS(sem_open, [rt pthread]) -diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am -index fff32ae4f3..8f0c11ecae 100644 ---- a/src/lxc/Makefile.am -+++ b/src/lxc/Makefile.am -@@ -45,7 +45,10 @@ noinst_HEADERS += \ - ../include/ifaddrs.h \ - ../include/openpty.h \ - ../include/lxcmntent.h -+endif -+ - if !HAVE_PRLIMIT -+if HAVE_PRLIMIT64 - noinst_HEADERS += ../include/prlimit.h - endif - endif -@@ -142,7 +145,10 @@ liblxc_la_SOURCES += \ - ../include/ifaddrs.c ../include/ifaddrs.h \ - ../include/openpty.c ../include/openpty.h \ - ../include/lxcmntent.c ../include/lxcmntent.h -+endif -+ - if !HAVE_PRLIMIT -+if HAVE_PRLIMIT64 - liblxc_la_SOURCES += ../include/prlimit.c ../include/prlimit.h - endif - endif -diff --git a/src/lxc/conf.c b/src/lxc/conf.c -index 44d9784303..8a66f2d02c 100644 ---- a/src/lxc/conf.c -+++ b/src/lxc/conf.c -@@ -100,13 +100,14 @@ - - #if IS_BIONIC - #include <../include/lxcmntent.h> --#ifndef HAVE_PRLIMIT --#include <../include/prlimit.h> --#endif - #else - #include - #endif - -+#if !defined(HAVE_PRLIMIT) && defined(HAVE_PRLIMIT64) -+#include <../include/prlimit.h> -+#endif -+ - lxc_log_define(lxc_conf, lxc); - - #if HAVE_LIBCAP -@@ -2457,10 +2458,15 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid) { - return -1; - } - -+#if HAVE_PRLIMIT || HAVE_PRLIMIT64 - if (prlimit(pid, resid, &lim->limit, NULL) != 0) { - ERROR("failed to set limit %s: %s", lim->resource, strerror(errno)); - return -1; - } -+#else -+ ERROR("Cannot set limit %s as prlimit is missing", lim->resource); -+ return -1; -+#endif - } - return 0; - }