config.c: fix storage sizeThe following warning is emitted by gcc 7.0 pre:
> CC config.lo
> config.c: In function ‘vps_save_config’:
> config.c:422:30: warning: ‘%g’ directive output may be truncated writing between 1 and 13 bytes into a region of size 12 [-Wformat-truncation=]
> snprintf(buf, sizeof(buf), "%g", val);
> ^~
> config.c:422:2: note: ‘snprintf’ output between 2 and 1...
postcreate.sh: xattr support for Deb8+/Ubu15+Newer distros tend to switch from using suid bit to extended attributes.
Apparently, Debian 8 and Ubuntu 15.04 (and later versions) follow the
herd. Fix postcreate.sh accordingly.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Add pigz support to vzctl createIt can speedup unpack template about 2 and more times.
As example runnig vzctl create with custom 702M size template:
(second and third run vzctl create with this template, file cache already warmed)
- without pigz
702MB 0:00:14 [49.4MB/s]
- with pigz
702MB 0:00:07 [90.9MB/s]
print_json_cap: fix for "off" capsIf a capability is set to off, op is set to 2, but "true" is printed
because of the incorrect comparison. So, for every capability
that was set to either "on" or "off", "true" was always printed.
Fix for commit bac2426.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vzubc: allow for more than 999%Sometimes vzubc shows more than 999% (say, for oomguar held to barrier
percentage) and it breaks the vertical alignment:
# ./vzubc
----------------------------------------------------------------
CT 902 | HELD Bar% Lim%| MAXH Bar% Lim%| BAR | LIM | FAIL
-------------+---------------+---------------+-----+-----+------
kmemsize|6.38M 33% 31%|19.3M 100% 94%|19.3M|20.6M| 645K
loc...
pathsubst.am: hide error from chmodThis is an addition to commit 302faf2. As noted there,
chmod can fail, and its not an issue if it does. So,
let's hide the error, such as this one from busybox's chmod:
> chmod: unrecognized option: reference=vps-functions.in
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Fix incorrect includesWhen compiling on Apline Linux 3.3.1, it complains:
> In file included from enter.c:30:0:
> /usr/include/wait.h:1:2: warning: #warning redirecting incorrect #include <wait.h> to <sys/wait.h> [-Wcpp]
> #warning redirecting incorrect #include <wait.h> to <sys/wait.h>
Indeed, it should be <sys/wait.h>.
Same for <sys/poll.h> in vznnc.c -- it should be <poll.h>.
Signed-off-by: Kir Kolyshkin <kir...
Fix compile on Alpine LinuxWhen compiling vzctl on Alpine Linux 3.3.1, there is a number of errors
like these:
hooks_vz.c:513:11: error: 'PATH_MAX' undeclared (first use in this function)
hooks_vz.c:600:11: error: 'PIPE_BUF' undeclared (first use in this function)
Fix by adding #include <limits.h>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Fix compile with musl (lack of strndupa)If strndupa is not defined, use an in-house implementation
using alloca() (code taken from https://goo.gl/roIJt6).
Patch is based on work by Dennis Przytarski.
https://bugs.openvz.org/browse/OVZ-6650
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Fix compilation with muslI'm packing the tool for Alpine Linux 3.3.
Alpine Linux uses musl-libc as standard C library.
These are the fixes I managed to resolve.
vzctl destroy: handle the semi-mounted ploopFor some reason, sometimes ploop is left semi-mounted (i.e. ploop device
is present, but not mounted), and in such cases vzctl fails to destroy
CT private:
> # vzctl destroy 4956949
> Destroying container private area: /vz/private/4956949
> Warning: failed to remove /vz/root/4956949: Device or resource busy
> Container private area was destroyed
Alternatively, such a semi-mounted container d...
ve_is_mounted(): describe the ploop semi-mounted caseI know it looks weird, but this is it -- originally I wanted
to modify vps_is_mounted() is it would return "mounted" in case
ploop device is mounted. But it would be a wrong thing to do
since if CT status is "mounted", CT files are expected to be
available from VE_PRIVATE, and it's not the case.
So, the code is all here but it's commented out.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vzmigrate: rm bashismAs reported by shellcheck, there's no 'let' in POSIX shell.
Interestingly, dash supports it so I guess we're good, but
let's fix it in the interest of purity.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Merge pull request #1 in OVZL/vzctl from ~IBAZHITOV/ovz-vzctl:sec to master* commit '22d967c336de3db0d30dae2bb7b2a9a69a0686de':
Store VE layout to VE config on start
Store VE layout in VE config during create and convert
Move layout and mode fields from vps_opt to fs_param
config: constify input path
src/.gitignore: add vzfsync, vznnc
bin/.gitignore: add vzoversell
Store VE layout to VE config on startThis will help those, who didn't set the VE_LAYOUT into per-VE config
manually. On the next CT start the autodetected VE layout would be saved
in the VE config.
Signed-off-by: Igor Bazhitov <ibazhitov@virtuozzo.com>
Store VE layout in VE config during create and convertVE layout (ploop or simfs) is automatically detected based on presence
of "root.hdd/DiskDescriptor.xml" file inside the VE private directory.
Imagine that inside a simfs CT this file is created by some malicious
user, which has root privileges there. When vzctl starts a CT, it would
mistakenly autodetect the CT as being the ploop one!
This design flaw leads to a certain kind of attack vectors, ...
Move layout and mode fields from vps_opt to fs_paramThis is a preparation for saving VE layout in a per-VE config file.
Moving the layout and mode fields to struct fs_param will save us plenty
of various functions parameters changes.
Signed-off-by: Igor Bazhitov <ibazhitov@virtuozzo.com>
vzctl umount: fix exit code if CT is runningFixes the following issue:
# vzctl umount 10101
Container is running -- stop it first
# echo $?
0
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vzoversell: handle unlimited RAM CTsSome containers might be configured as unlimited
(i.e. infinite physpages and privvmpages limit).
Also, a container might appear as unlimited while
it is being restored from dump (as beancounter limits
are initially set to unlimited and only set to proper
values at the end of the restoration process).
In case such unlimited containers are present,
overcommitment figures shown doesn't make sen...
store_devnodes: fix NULL derefAs pointed out by Linas Žilinskas in bug #3228,
we should check name for being non-NULL here.
https://bugzilla.openvz.org/3228
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vps-create.sh: use stat -f instead of dfOn a node with a stale NFS mount (not related to /vz), vzctl create
fails after a long timeout. It happens because vps-create calls
df $VE_ROOT, but for some odd reason df wants to stat() all the
mount points and it hangs for a while and then fails on that stale mount.
The solution is to use stat -f rather than df.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vzctl.spec: require attr packageIt never occured to me that setfattr can not be available, but it happens:
# vzctl create ...
...
Performing postcreate actions
/etc/vz/dists/scripts/postcreate.sh: line 119: setfattr: command not found
...
So, let's require it from spec file.
This is an addition to commit f537353.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
vzctl.spec: drop the Conflicts: vzkernelThe change this patch is reverting was introduced to fix bug #3094.
Unfortunately, it breaks the update for RHEL5-based OpenVZ kernels,
which is the subject of bug #3219.
The only solution I found is to list all the old RHEL6-based kernel
explicitly. It would be good enough, but looks ugly.
As the newest RHEL6-based kernel conflicting with this vzctl is at least
2 years old, let's just drop t...
Vasily Averin
Kir Kolyshkin
Kirill Kolyshkin
Sergei Mamonov
Fusl
Sergey Bronnikov
Igor Sukhih
Igor Bazhitov
Zach Pomerantz