Ubuntu
lxc package

Change logs for lxc source package in Saucy

  1. Saucy (13.10)
  2. Change log 
  • lxc (1.0.0~alpha1-0ubuntu14.1) saucy-security; urgency=low

  * SECURITY UPDATE: privilege escalation via sshd template (LP: #1261045)
    - debian/patches/CVE-2013-6441.patch: don't bind-mount /sbin/init
      read-write in templates/lxc-sshd.in.
    - CVE-2013-6441
 -- Marc Deslauriers <email address hidden>   Thu, 16 Jan 2014 08:55:20 -0500
  • lxc (1.0.0~alpha1-0ubuntu14) saucy-proposed; urgency=low

  * d/p/0014-lxc-start-if-we-pass-in-a-config-file-then-don-t-use.patch
    fix lxc-start -with -f option to not use multiple configuration
    files (LP: #1251352)
 -- Serge Hallyn <email address hidden>   Mon, 18 Nov 2013 10:08:53 -0600
  • lxc (1.0.0~alpha1-0ubuntu13) saucy-proposed; urgency=low

  * debian/rules and debian/lxc.postinst: set /var/lib/lxc and /var/cache/lxc
    to be perms 700.  That prevents unprivileged users from running setuid-root
    applications.  Install that way by default, and for any previous versions,
    update the permissions.  After this version, respect the user's choice.
    (LP: #1244635)
 -- Serge Hallyn <email address hidden>   Mon, 04 Nov 2013 08:12:35 -0600
  • lxc (1.0.0~alpha1-0ubuntu12) saucy-proposed; urgency=low

  * 0012-ubuntu-Improper-pty-permissions.patch: fix pty permissions
    (LP: #1242913)
  * 0013-get-rid-of-lxcpath_anon-idea.patch: make containers started with
    a custom config easier to manage.  (LP: #1244301)
 -- Serge Hallyn <email address hidden>   Fri, 25 Oct 2013 15:42:27 -0500
  • lxc (1.0.0~alpha1-0ubuntu11) saucy; urgency=low

  * Deny any kind of access to /sys/kernel/security/** as the containers
    have no reason to read that and it's been causing dbus-daemon to think
    it can integrate with apparmor.
 -- Stephane Graber <email address hidden>   Thu, 10 Oct 2013 12:58:54 -0400
  • lxc (1.0.0~alpha1-0ubuntu10) saucy; urgency=low

  [ Serge Hallyn ]
  * Cherrypicking bugfix from upstream
    - 0011-ubuntu-cloud-prep-hook-fix-debug-helper-to-not-inapp.patch

  [ Stéphane Graber ]
  * On saucy and higher, add "dbus," to the container-base profile.
    (done that way as LXC is backported down to 12.04)
 -- Stephane Graber <email address hidden>   Wed, 09 Oct 2013 14:04:23 -0400
  • lxc (1.0.0~alpha1-0ubuntu9) saucy; urgency=low

  * Update patch with current upstream version (LP: #1236726)
    - 0009-lxc-ubuntu-cloud-pass-numeric-owner-and-p-to-untar.patch
  * Cherrypicking bugfix from upstream
    - 0010-lxc-ubuntu-cloud-Cope-with-spaces-in-paths.patch
 -- Stephane Graber <email address hidden>   Tue, 08 Oct 2013 11:11:33 -0400
  • lxc (1.0.0~alpha1-0ubuntu8) saucy; urgency=low

  * Add a recommends on uuid-runtime to lxc-templates as the
    ubuntu-cloud template uses uuidgen.
 -- Stephane Graber <email address hidden>   Mon, 07 Oct 2013 17:35:56 -0400
  • lxc (1.0.0~alpha1-0ubuntu7) saucy; urgency=low

  * Cherrypicking bugfix from upstream (LP: #1236577)
    - 0009-lxc-ubuntu-cloud-pass-numeric-owner-and-p-to-untar.patch
 -- Serge Hallyn <email address hidden>   Mon, 07 Oct 2013 16:17:27 -0500
  • lxc (1.0.0~alpha1-0ubuntu6) saucy; urgency=low

  * Cherrypicking bugfix from upstream
    - 0008-Fix-crasher-in-get_ips.patch
      (Fixes lxc-list on Ubuntu Touch amongst other cases)
 -- Stephane Graber <email address hidden>   Sun, 29 Sep 2013 20:52:53 -0400
  • lxc (1.0.0~alpha1-0ubuntu5) saucy; urgency=low

  * Cherrypicking bugfix from upstream (LP: #1227313)
    - 0001-apparmor.c-drop-newline-when-reading-current-profile.patch
 -- Serge Hallyn <email address hidden>   Fri, 27 Sep 2013 15:14:24 -0500
  • lxc (1.0.0~alpha1-0ubuntu4) saucy; urgency=low

  * modify 0006-add-pstore-to-container-fstab.patch: make pstore mount
    optional.
 -- Serge Hallyn <email address hidden>   Mon, 16 Sep 2013 11:50:05 -0500
  • lxc (1.0.0~alpha1-0ubuntu3) saucy; urgency=low

  * Cherrypick bugfix from upstream
    (pre-mount pstore to avoid mountall hanging at boot time):
    - 0006-add-pstore-to-container-fstab.patch
 -- Stephane Graber <email address hidden>   Fri, 13 Sep 2013 16:57:29 -0400
  • lxc (1.0.0~alpha1-0ubuntu2) saucy; urgency=low

  * Add allow-stderr to autopkgtst restrictions as the Ubuntu template
    uses policy-rc.d to disable some daemons and that causes a message to
    be printed on stderr when the service tries to start.
 -- Stephane Graber <email address hidden>   Thu, 12 Sep 2013 13:57:17 -0400
  • lxc (1.0.0~alpha1-0ubuntu1) saucy; urgency=low

  * New upstream release (LP: #1218426)
    - A very long list of bugfixes, including:
      (LP: #1081786, LP: #1029777, LP: #987770, LP: #1212290, LP: #1199146,
       LP: #1124526, LP: #1014916, LP: #1212414, LP: #1168526, LP: #1135871)
  * Removed patches:
    - transition/00-redirect-lxc-halt.patch
    - 0001-fix-race-with-fast-init
    - 0002-lxc-functions-safe-in-dash
    - 0003-python-module-fixes
    - 0004-lxc-ps-handle-cgroup-collisions.patch
    - 0005-cgroup-prevent-DOS-when-a-hierachy-is-mounted-multip.patch
    - 0006-lxc-clone-fix-lvm-blockdev-usage
    - 0007-lxc.conf.doc
    - 0008-ignore-rootfs-pin-fail.patch
    - 0009-conf.c-if-we-don-t-specify-a-rootfs-we-still-need-pr.patch
    - conf.c-always-strdup-rootfs.mount
    - 0011-cgroup-hook-handle-stricter-kernel
    - 0012-add-kernel-filesystems-to-fstab
    - 0013-ubuntu-cloud-fix-hostid
    - 0014-lxc-apparmor-null-terminate-buffer
    - 0015-fix-ipv6-pton
  * Refreshed patches:
    - transition/00-redirect-lxc-list.patch
    - 0000-add-autostart.patch
    - 0001-debian-template-set-hwaddr
  * New patches (fix regression when /var/lib/lxc is read-only):
    - 0002-pin_rootfs-be-quiet-and-don-t-fail-container-start.patch
    - 0003-move-monitor-fifo-and-monitor-sock-to-run.patch
    - 0004-hash-lxcname-for-use-in-monitor-unix-socket-sun_path.patch
    - 0005-ignore-ability-to-init-lxc-monitord.log.patch
  * Updated debian/copyright to reflect reality.
  * Fix lxc-template's short description.
  * Replace the cloud-utils recommends by cloud-image-utils | cloud-utils
    to use the new saucy package and still allow for easy backports.
    (LP: #1224545)
 -- Stephane Graber <email address hidden>   Thu, 12 Sep 2013 12:45:05 -0400
  • lxc (0.9.0-0ubuntu23) saucy; urgency=low

  * 0014-lxc-apparmor-null-terminate-buffer: make sure a value we fread is
    null-terminated (LP: #1215386)
  * 0015-fix-ipv6-pton: call inet_pton on the value without the netmask.
    (LP: #1215391)
 -- Serge Hallyn <email address hidden>   Fri, 23 Aug 2013 11:39:55 -0500
  • lxc (0.9.0-0ubuntu22) saucy; urgency=low

  * ubuntu-cloud: fix typo keeping --hostid from working (LP: #1197357)
 -- Serge Hallyn <email address hidden>   Thu, 15 Aug 2013 14:40:58 -0500
  • lxc (0.9.0-0ubuntu21) saucy; urgency=low

  * Fix autopkgtest failure by unsetting TMPDIR in the test.
 -- Stephane Graber <email address hidden>   Fri, 09 Aug 2013 16:30:47 +0200
  • lxc (0.9.0-0ubuntu20) saucy; urgency=low

  * Build-depend on hardening-wrapper to meet MIR security requirements.
    This is done instead of using the new dpkg-buildflags as those are a pain
    to get to work when building both binaries and libraries when using -PIE.
 -- Stephane Graber <email address hidden>   Fri, 09 Aug 2013 14:33:59 +0200
  • lxc (0.9.0-0ubuntu19) saucy; urgency=low

  * Add variable in /etc/default/lxc-net to optionally resolve .lxc on
    lxcbr0.
 -- Serge Hallyn <email address hidden>   Tue, 06 Aug 2013 09:03:59 -0500
  • lxc (0.9.0-0ubuntu18) saucy; urgency=low

  * 0012-add-kernel-filesystems-to-fstab: saucy containers will fail to start
    unless security, debug, and connections are pre-mounted.
 -- Serge Hallyn <email address hidden>   Thu, 25 Jul 2013 22:01:02 -0500
  • lxc (0.9.0-0ubuntu17) saucy; urgency=low

  * 0011-cgroup-hook-handle-stricter-kernel: fix the mountcgroups hook in the
    face of new restrictions imposed by the kernel on devices cgroups.
    (LP: #1196518)
 -- Serge Hallyn <email address hidden>   Fri, 05 Jul 2013 20:44:57 +0200
  • lxc (0.9.0-0ubuntu16) saucy; urgency=low

  * conf.c-always-strdup-rootfs.mount: prevent segfault when using
    lxc.rootfs.mount.
 -- Serge Hallyn <email address hidden>   Mon, 01 Jul 2013 15:29:17 -0500
  • lxc (0.9.0-0ubuntu15) saucy; urgency=low

  * lxc-net: support an optional dnsmasq configuration file.
  * 0010-debian-template-set-hwaddr: set persistent macaddr when creating a
    debian container (LP: #1080681)
  * lxc.apport: add /etc/lxc/{dnsmasq,default,lxc}.conf and
    /etc/default/lxc{,-net}.conf
 -- Serge Hallyn <email address hidden>   Tue, 11 Jun 2013 07:47:32 -0500
  • lxc (0.9.0-0ubuntu14) saucy; urgency=low

  * 0009-conf.c-if-we-don-t-specify-a-rootfs-we-still-need-pr.patch: if
    apparmor is enabled and no rootfs was specified, then re-mount /proc
    so that we can write the requested apparmor profile under /proc/1.
    (LP: #1188501)
 -- Serge Hallyn <email address hidden>   Mon, 10 Jun 2013 09:27:32 -0500
  • lxc (0.9.0-0ubuntu13) saucy; urgency=low

  * 0008-ignore-rootfs-pin-fail.patch: don't refuse to start a container
    on readonly fs.
 -- Serge Hallyn <email address hidden>   Wed, 05 Jun 2013 21:35:40 +0200
  • lxc (0.9.0-0ubuntu12) saucy; urgency=low

  * 0007-lxc.conf.doc: Fill in missing sections in lxc.conf(5) manual
    page (LP: 1182085)
 -- Serge Hallyn <email address hidden>   Tue, 28 May 2013 13:23:57 -0500
  • lxc (0.9.0-0ubuntu11) saucy; urgency=low

  * lxc-net: deal with the fact that some kernels may not have the needed
    network bridge support.
 -- Stephane Graber <email address hidden>   Tue, 28 May 2013 10:52:22 -0400
  • lxc (0.9.0-0ubuntu10) saucy; urgency=low

  * Rebuild-only upload (LP: #1183807)
 -- Serge Hallyn <email address hidden>   Fri, 24 May 2013 10:51:44 -0500
  • lxc (0.9.0-0ubuntu9) saucy; urgency=low

  * 0006-lxc-clone-fix-lvm-blockdev-usage: fix use of wrong pathnames for both
    block devices and mount targets in the LVM case.  (LP: #1183354)
 -- Serge Hallyn <email address hidden>   Thu, 23 May 2013 14:22:38 -0500
  • lxc (0.9.0-0ubuntu8) saucy; urgency=low

  [ James Hunt ]
  * Add basic DEP-8 tests to ensure a container can be created, started,
    stopped and cloned.
 -- James Hunt <email address hidden>   Tue, 21 May 2013 14:44:12 +0100
  • lxc (0.9.0-0ubuntu7) saucy; urgency=low

  * 0005-cgroup-prevent-DOS-when-a-hierachy-is-mounted-multip.patch: prevent
    DOS when a cgroup hierarchy is mounted multiple times  (LP: #1176287)
 -- Serge Hallyn <email address hidden>   Wed, 15 May 2013 22:19:59 +0000
  • lxc (0.9.0-0ubuntu6) saucy; urgency=low

  * debian/lxc.default, debian/lxc.preinst: calculate an open 10.0.x.0 network
    for lxcbr0 to use at package install time.  This allows easier package
    installion when nested.
 -- Serge Hallyn <email address hidden>   Tue, 14 May 2013 14:34:51 -0500
  • lxc (0.9.0-0ubuntu5) saucy; urgency=low

  * push 0004-lxc-ps-handle-cgroup-collisions.patch from upstream to handle
    the case where $container's cgroup is
    /sys/fs/cgroup/$cgroup/lxc/$container-1.
 -- Serge Hallyn <email address hidden>   Wed, 08 May 2013 16:02:44 -0500
  • lxc (0.9.0-0ubuntu4) saucy; urgency=low

  * Fix lxc-list crashing when passed --nesting with nested containers.
    (LP: #1177408)
  * Fix lxc-ls to show nested containers when using alternate lxcpath.
    (LP: #1177412)
  * Fix python3 API bug leading to parameter corruption in create and start.
    (LP: #1177400)
 -- Stephane Graber <email address hidden>   Tue, 07 May 2013 10:48:40 -0400
  • lxc (0.9.0-0ubuntu3) raring; urgency=low

  * 0003-python-module-fixes: Cherry pick python module bugfixes from upstream.
  * Update deprecation warning for lxc-halt and lxc-list, moving the
    deprecation from 0.9 to 1.0.
 -- Stephane Graber <email address hidden>   Thu, 18 Apr 2013 22:29:39 +0200