Linux 容器工具,LXC 1.1.4 发布

开发
LXC 项目由一个 Linux 内核补丁和一些 userspace 工具组成。这些 userspace 工具使用由补丁增加的内核新特性,提供一套简化的工具来维护容器。

LXC 项目由一个 Linux 内核补丁和一些 userspace 工具组成。这些 userspace 工具使用由补丁增加的内核新特性,提供一套简化的工具来维护容器。

Linux 容器工具,LXC 1.1.4 发布

LXC 1.1.4 发布,此版本更新内容如下:

重要改进

  • Security fix for CVE-2015-1335

核心改进

  • Check for NULL pointers before calling setenv()

  • Factorize handle of create=dir and create=file

  • Refactor and factorize mount entries

  • Split handle of lxc.mount* with 3 functions

  • init: Support older apparmor

  • Make LXC_CLONE_KEEPNAME work

  • Fix automatic mounts without a rootfs

  • Fix container creation without a rootfs

  • Fix /dev symlinks without a rootfs

  • Allow autodev without a rootfs

  • Only mount /proc if needed, even without a rootfs

  • When creating container, save configuration if rootfs already exists

  • Fix verification of start hook without a rootfs

  • Tear down network devices during container halt

  • coverity: fix mount_entry_create_dir_file

  • Add a nesting.conf which can be included to support nesting containers

  • Fix reallocation calculation

  • Add bdev_destroy() and bdev_destroy_wrapper()

  • overlayfs_clone: rsync the mounted rootfs

  • lxc_rmdir_onedev: don't fail if path doesn't exist

  • overlayfs_mount: create delta dir if it doesn't exist

  • ovl_rsync: make sure to umount

  • Destroy bdevs using bdev_destroy() from bdev.h

  • Fix indentation

  • cmds: fix abstract socket length problem

  • coverity: drop second (redundant) block

  • Check return value of snprintf in mount_proc_if_needed()

  • Add CAP_AUDIT_READ

  • Add CAP_BLOCK_SUSPEND

  • Free allocated memory on failure (v2)

  • Define O_PATH and O_NOFOLLOW for Android

  • seccomp: add aarch64 support

  • lxc-test-symlink: add a test using absolute symlink

  • lxc_mount_auto_mounts: fix weirdness

  • Fix the type of i in lxc_mount_auto_mounts

工具:

  • Fix grammar in some of the executables "NAME for name of the container" becomes "NAME of the container"

  • lxc-checkconfig: add some more config options

  • lxc-start-ephemeral: Parse passwd directly

文档:

  • Add long option for -P in documentation

  • Add doc for optional, create=dir and create=file in lxc.container.conf man

  • Update lxc.cgroup.use in lxc.system.conf(5)

  • Add the description of common options in lxc-destroy(1)

  • Add LXC-specific mount option in Japanese lxc.container.conf(5)

模板:

  • lxc-debian: support stretch (Debian 9) images

  • lxc-debian: allow not including contrib/non-free

  • lxc-debian: Test dpkg for multiarch support

  • lxc-debian: Alternative test for dpkg multiarch support in lxc-debian template

  • lxc-ubuntu: ubuntu.common.conf: mount /dev/mqueue

  • lxc-debian: We should only check the kernel architecture.

  • lxc-alpine: avoid GNU BRE extensions for better portability

  • lxc-alpine: use getopt to parse options

这些稳定修复是 14 为个人贡献者完成的。

下载:https://linuxcontainers.org/lxc/downloads  

责任编辑:王雪燕 来源: OPEN资讯
相关推荐

2009-03-04 12:16:13

2011-09-21 13:25:20

Nginx

2021-05-12 12:46:43

Google开源工具验证容器

2014-11-18 00:45:58

UbuntuLXC容器

2015-11-17 09:46:29

CoreOS开源漏洞分析

2014-12-12 11:29:02

DockerLinux

2013-12-18 15:18:04

2016-05-20 09:58:58

Java内存限制LXC

2013-12-02 10:50:17

开源Linux容器Docker

2024-04-03 14:28:12

2014-01-15 10:04:38

LXCLinux 容器Linux 内核

2012-06-27 16:24:47

Linux开源工具

2015-03-30 11:23:42

红帽Linux 7原子主机

2013-10-31 10:22:21

开源云Linux容器Docker

2018-11-06 09:51:30

微软 LinuxWindows

2016-01-13 10:05:34

BlackArch渗透测试安全工具

2020-08-03 09:40:14

IBM 工具Linux

2021-07-17 06:32:16

LinuxLinux Mint

2018-11-27 15:00:05

AnboxGoogle PlayARM

2021-12-26 08:03:31

容器安全扫描工具漏洞
点赞
收藏

51CTO技术栈公众号