[meta-virtualization] LXC 3.1 in thud?

Mark Asselstine asselsm at gmail.com
Thu Feb 7 08:27:03 PST 2019 

On Thu, Feb 7, 2019 at 11:14 AM Bruce Ashfield <bruce.ashfield at gmail.com> wrote:
>
> On Thu, Feb 7, 2019 at 5:42 AM Nordqvist, Therese <TNordqvist at luxoft.com> wrote:
> >
> > Hello,
> >
> >
> > I have looked through the release notes for both the 3.0.3 and the 3.1.0 releases.
> >
> > We have tested both the thud and master branches for meta-virtualization and it turns out we do not need the LXC 3.1.0 features or the 3.0.3 bugfixes for our project (at this time).
> >
> > It is more of a case of "nice to have the same version of LXC on both thud and master" for us.
> >
> >
> > I am including a list of changes for the LXC releases in case someone else sees something they need.
> >
>
> The list of features doesn't look like a problem to me. I did do some
> preliminary cherry picks to thud and was just waiting to see what you
> found on this front.
> If there are no complaints in the next few days, I'll go ahead and
> push the version/bug fix bumps.

Originally I was a bit hung up on the upstream changes being fairly
small and thus it should have been a point version bump only. But it
is still just a minor version bump so upstream got it right and this
shouldn't cause any issues on the thud branch. I'll second the "go for
it", with no worries about having this merged.

Mark


>
> Bruce
>
> >
> > Highlights for 3.0.3 (bugfixes):
> >
> >  * Improved our default build flags to make use of compiler hardening
> >  * Added support for netlink strict property checking on newer kernels
> >  * Added support for new netlink interface/address netns API
> >  * Added handling of the kernel keyring on startup
> >
> > Summary of features added in 3.1.0:
> >
> >  * enable various remount options with AppArmor
> >
> >  * support NETLINK_DUMP_STRICT_CHK
> >
> >  * allocate new keyring on startup
> >
> >  * full cgroup2 support
> >
> >  * implement efficient way to retrieve network devices and addresses from containers
> >
> >  * introduce lxc_has_api_extension() into the API
> >
> >  * add lxc.cgroup.relative configuration key
> >
> >  * allocate new network namespace identifier on startup
> >
> >  * add lxc.rootfs.managed configuration key
> >
> >  * removal of all VLAs
> >
> >  * AppArmor profile generation
> >
> >  * add mount injection api
> >
> >  * add lxc.monitor.signal.pdeath configuration key
> >
> >  * build a shared and static liblxc library
> >
> >  * adapt to mknod() changes in Linux Kernel 4.18
> >
> >  * use execveat() to execute application containers
> >
> >  * enable per-thread container name prefix when logging
> >
> >  * refactor cgroup handling
> >
> >  * raise ambient capabilities when running hooks
> >
> >  * allow to mount /sys rw in unprivileged containers
> >
> >  * add strlcpy() and strlcat() and deprecate strncpy() and strncat()
> >
> >  * compiler based hardening
> >
> >  * thread-safety improvements
> >
> >  * support application containers without uid 0 in the container
> >
> >  * support devpts mounts on kernels without gid mount option
> >
> >
> >
> > Best regards,
> > Therese Nordqvist
> > Software Engineer
> >
> > Luxoft Sweden AB
> > Östra Hamngatan 16
> > 411 09 Gothenburg
> > Sweden
> >
> > M: +46 732 332464
> > E: TNordqvist at luxoft.com
> >
> > luxoft.com
> >
> > Registered Office Gothenburg, Sweden
> > Registration No. 556780-4199
> >
> >
> > ________________________________
> > From: Bruce Ashfield <bruce.ashfield at gmail.com>
> > Sent: Wednesday, February 6, 2019 10:01 PM
> > To: Nordqvist, Therese
> > Cc: meta-virtualization at yoctoproject.org
> > Subject: Re: [meta-virtualization] LXC 3.1 in thud?
> >
> > On Tue, Feb 5, 2019 at 10:22 AM Nordqvist, Therese
> > <TNordqvist at luxoft.com> wrote:
> > >
> > > Hello,
> > >
> > >
> > > I'm working in a project which uses meta-virtualization (http://pelux.io), do you know if there are any plans to include the LXC bump to 3.1.0 in the thud branch?
> >
> > There currently aren't any plans to do a version bump in Thud. We tend
> > to leave the versions as-is in the maintained branches.
> > It looks like thud is missing the 3.0.3 and 3.1.x bumps that we have
> > in master, so there are at least two patches missing.
> >
> > That being said, the missing version bumps are relatively minor and
> > are bug fixes/small changes to the project.
> >
> > What feature are you looking for in particular ? Can you summarize the
> > changes between the versions and send
> > it to the list ? That way everyone can see the requested change to the
> > released branch and object if they think
> > there will be impacts.
> >
> > Cheers,
> >
> > Bruce
> >
> > >
> > > https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/commit/?id=2387a8876e4aaa52143a623ae5000cf064e55a64
> > >
> > >
> > > If you are interesting in our github repo: https://github.com/Pelagicore/pelux-manifests
> > >
> > >
> > > Best regards,
> > > Therese Nordqvist
> > > Software Engineer
> > >
> > > Luxoft Sweden AB
> > > Östra Hamngatan 16
> > > 411 09 Gothenburg
> > > Sweden
> > >
> > > M: +46 732 332464
> > > E: TNordqvist at luxoft.com
> > >
> > > luxoft.com
> > >
> > > Registered Office Gothenburg, Sweden
> > > Registration No. 556780-4199
> > >
> > > ________________________________
> > >
> > > This e-mail and any attachment(s) are intended only for the recipient(s) named above and others who have been specifically authorized to receive them. They may contain confidential information. If you are not the intended recipient, please do not read this email or its attachment(s). Furthermore, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and then delete this e-mail and any attachment(s) or copies thereof from your system. Thank you.
> > > --
> > > _______________________________________________
> > > meta-virtualization mailing list
> > > meta-virtualization at yoctoproject.org
> > > https://lists.yoctoproject.org/listinfo/meta-virtualization
> >
> >
> >
> > --
> > - Thou shalt not follow the NULL pointer, for chaos and madness await
> > thee at its end
> > - "Use the force Harry" - Gandalf, Star Trek II
> >
> > ________________________________
> >
> > This e-mail and any attachment(s) are intended only for the recipient(s) named above and others who have been specifically authorized to receive them. They may contain confidential information. If you are not the intended recipient, please do not read this email or its attachment(s). Furthermore, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and then delete this e-mail and any attachment(s) or copies thereof from your system. Thank you.
> > --
> > _______________________________________________
> > meta-virtualization mailing list
> > meta-virtualization at yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/meta-virtualization
>
>
>
> --
> - Thou shalt not follow the NULL pointer, for chaos and madness await
> thee at its end
> - "Use the force Harry" - Gandalf, Star Trek II
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization

More information about the meta-virtualization mailing list