lxc 2.0.8-0ubuntu1~16.04.1 source package in Ubuntu
Changelog
lxc (2.0.8-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.8) (LP: #1691911): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there * Update tests to deal with cgroupv2 tree (recent systemd) * Drop un-needed lintian override -- Stéphane Graber <email address hidden> Thu, 18 May 2017 23:08:57 -0400
Upload details
- Uploaded by:
- Stéphane Graber
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
lxc_2.0.8.orig.tar.gz | 1.2 MiB | 0d8e34b302cfe4c40c6c9ae5097096aa5cc2c1dfceea3f0f22e3e16c4a4e8494 |
lxc_2.0.8-0ubuntu1~16.04.1.debian.tar.xz | 111.7 KiB | 78f82e4ae3a070b5e8d3b81fdad1cfe2b01941353f44a52117893cbc9bcb73ad |
lxc_2.0.8-0ubuntu1~16.04.1.dsc | 2.6 KiB | 23e2219a908823c5b54d7f7f954c5625d1b0e9c6ef9cdb99ce6eb824fc5ed042 |
Available diffs
Binary packages built by this source
- liblxc1: Linux Containers userspace tools (library)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the libraries.
- liblxc1-dbgsym: debug symbols for package liblxc1
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the libraries.
- lua-lxc: Linux Containers userspace tools (Lua bindings)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the Lua bindings.
- lua-lxc-dbgsym: debug symbols for package lua-lxc
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the Lua bindings.
- lxc: Transitional package for lxc1
This is a transitional dummy package. It can safely be removed.
.
The currently recommended LXC experience is available as lxc2 and is
provided by LXD using the LXC backend.
- lxc-common: Linux Containers userspace tools (common tools)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains a few binaries and security profiles required by
all liblxc1 users.
- lxc-common-dbgsym: debug symbols for package lxc-common
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains a few binaries and security profiles required by
all liblxc1 users.
- lxc-dev: Linux Containers userspace tools (development)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the development files.
- lxc-templates: Linux Containers userspace tools (templates)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the templates.
- lxc-templates-dbgsym: debug symbols for package lxc-templates
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the templates.
- lxc-tests: Linux Containers userspace tools (test binaries)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the test binaries. Those binaries are primarily
used for autopkgtest and by some developers. They are not meant to be
installed on regular user systems.
- lxc-tests-dbgsym: debug symbols for package lxc-tests
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the test binaries. Those binaries are primarily
used for autopkgtest and by some developers. They are not meant to be
installed on regular user systems.
- lxc1: Linux Containers userspace tools
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package provides the lxc-* tools, which can be used to start a single
daemon in a container, or to boot an entire "containerized" system, and to
manage and debug your containers.
- lxc1-dbgsym: debug symbols for package lxc1
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package provides the lxc-* tools, which can be used to start a single
daemon in a container, or to boot an entire "containerized" system, and to
manage and debug your containers.
- python3-lxc: Linux Containers userspace tools (Python 3.x bindings)
Containers are insulated areas inside a system, which have their own namespace
for filesystem, network, PID, IPC, CPU and memory allocation and which can be
created using the Control Group and Namespace features included in the Linux
kernel.
.
This package contains the Python 3.x bindings.