2008-08-06 14:32:29 +00:00
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
2018-03-01 13:55:43 -05:00
m4_define([lxc_devel], 0)
m4_define([lxc_version_major], 3)
2018-12-13 18:12:33 -05:00
m4_define([lxc_version_minor], 1)
2013-10-29 12:48:46 -05:00
m4_define([lxc_version_micro], 0)
2018-03-27 21:49:16 -04:00
m4_define([lxc_version_beta], [])
2016-10-21 14:07:29 -04:00
m4_define([lxc_abi_major], 1)
2018-12-13 18:12:33 -05:00
m4_define([lxc_abi_minor], 5)
2016-10-21 14:07:29 -04:00
m4_define([lxc_abi_micro], 0)
m4_define([lxc_abi], [lxc_abi_major.lxc_abi_minor.lxc_abi_micro])
2013-10-29 12:48:46 -05:00
m4_define([lxc_version_base], [lxc_version_major.lxc_version_minor.lxc_version_micro])
m4_define([lxc_version],
2018-01-05 15:20:55 -05:00
[ifelse(lxc_devel, 1,
ifelse(lxc_version_beta, [], [lxc_version_base], [lxc_version_base.lxc_version_beta])-devel,
ifelse(lxc_version_beta, [], [lxc_version_base], [lxc_version_base.lxc_version_beta]))])
2013-10-29 12:48:46 -05:00
AC_INIT([lxc], [lxc_version])
2014-01-07 11:24:36 -05:00
# We need pkg-config
PKG_PROG_PKG_CONFIG
2013-10-29 12:48:46 -05:00
AC_SUBST(LXC_VERSION_BASE, lxc_version_base)
AC_SUBST(LXC_VERSION_BETA, lxc_version_beta)
2008-08-06 14:32:29 +00:00
2013-12-01 23:14:17 -05:00
AC_SUBST([LXC_VERSION_MAJOR], [lxc_version_major])
AC_SUBST([LXC_VERSION_MINOR], [lxc_version_minor])
AC_SUBST([LXC_VERSION_MICRO], [lxc_version_micro])
AC_SUBST([LXC_VERSION], [lxc_version])
2016-10-04 18:31:29 +02:00
AC_SUBST([LXC_DEVEL], [lxc_devel])
2013-12-01 23:14:17 -05:00
2016-10-21 14:07:29 -04:00
AC_SUBST([LXC_ABI_MAJOR], [lxc_abi_major])
AC_SUBST([LXC_ABI_MINOR], [lxc_abi_minor])
AC_SUBST([LXC_ABI_MICRO], [lxc_abi_micro])
AC_SUBST([LXC_ABI], [lxc_abi])
2009-04-26 11:43:41 +02:00
AC_CONFIG_SRCDIR([configure.ac])
2008-08-06 14:32:29 +00:00
AC_CONFIG_AUX_DIR([config])
2013-02-19 10:17:41 +01:00
AC_CONFIG_HEADERS([src/config.h])
2013-08-15 14:27:05 +08:00
AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability subdir-objects])
2008-08-06 14:32:29 +00:00
AC_CANONICAL_HOST
AM_PROG_CC_C_O
AC_GNU_SOURCE
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com>
Acked-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
2009-11-04 14:03:44 +01:00
2018-08-22 00:04:19 +02:00
# Test if we have a new enough compiler.
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#define GCC_VERSION \
(__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
#define CLANG_VERSION \
(__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__)
2018-09-08 21:05:58 +02:00
#if GCC_VERSION < 40700 && CLANG_VERSION < 10000
2018-08-22 00:04:19 +02:00
#error Sorry, your compiler is too old - please upgrade it
#endif
]])], [valid_compiler=yes], [valid_compiler=no])
if test "x$valid_compiler" = "xno"; then
AC_MSG_ERROR([Sorry, your compiler is too old - please upgrade it])
fi
2016-10-21 14:07:29 -04:00
# libtool
LT_INIT
AC_SUBST([LIBTOOL_DEPS])
2013-01-08 12:02:52 -05:00
# Detect the distribution. This is used for the default configuration and
# for some distro-specific build options.
2012-10-17 13:28:27 -04:00
AC_MSG_CHECKING([host distribution])
2018-03-27 15:21:51 -04:00
AC_ARG_WITH(distro, AS_HELP_STRING([--with-distro=DISTRO], [Specify the Linux distribution to target: One of redhat, redhatenterpriseserver, oracle, centos, fedora, suse, gentoo, debian, arch, slackware, plamo, paldo, openmandriva, pardus, sparclinux, altlinux.]))
2014-02-12 17:46:06 -05:00
if type lsb_release >/dev/null 2>&1 && test "z$with_distro" = "z"; then
2012-10-17 13:28:27 -04:00
with_distro=`lsb_release -is`
2012-08-27 19:04:43 -04:00
fi
2012-10-17 13:28:27 -04:00
if test "z$with_distro" = "z"; then
AC_CHECK_FILE(/etc/redhat-release,with_distro="redhat")
AC_CHECK_FILE(/etc/oracle-release,with_distro="oracle")
2015-12-22 14:25:00 -08:00
AC_CHECK_FILE(/etc/sparclinux-release,with_distro="sparclinux")
2013-11-25 14:34:40 -05:00
AC_CHECK_FILE(/etc/centos-release,with_distro="centos")
2012-10-17 13:28:27 -04:00
AC_CHECK_FILE(/etc/fedora-release,with_distro="fedora")
AC_CHECK_FILE(/etc/SuSE-release,with_distro="suse")
AC_CHECK_FILE(/etc/gentoo-release,with_distro="gentoo")
AC_CHECK_FILE(/etc/debian_version,with_distro="debian")
AC_CHECK_FILE(/etc/arch-release,with_distro="arch")
AC_CHECK_FILE(/etc/slackware-version,with_distro="slackware")
2015-12-09 12:23:12 +09:00
AC_CHECK_FILE(/etc/plamo-version,with_distro="plamo")
2012-10-17 13:28:27 -04:00
AC_CHECK_FILE(/etc/frugalware-release,with_distro="frugalware")
2013-10-18 16:41:02 +04:00
AC_CHECK_FILE(/etc/mandrakelinux-release, with_distro="openmandriva")
AC_CHECK_FILE(/etc/mandriva-release,with_distro="openmandriva")
2012-10-17 13:28:27 -04:00
AC_CHECK_FILE(/etc/pardus-release,with_distro="pardus")
2016-03-05 16:40:17 +03:00
AC_CHECK_FILE(/etc/altlinux-release,with_distro="altlinux")
2016-08-20 16:51:04 +03:00
AC_CHECK_FILE(/etc/pld-release,with_distro="pld")
2012-10-17 13:28:27 -04:00
fi
with_distro=`echo ${with_distro} | tr '[[:upper:]]' '[[:lower:]]'`
2015-12-22 14:25:00 -08:00
if test "z$with_distro" = "zforsparc"; then
with_distro="sparclinux"
fi
2012-10-17 13:28:27 -04:00
if test "z$with_distro" = "z"; then
with_distro="unknown"
fi
case $with_distro in
2014-08-08 23:13:27 -04:00
ubuntu|raspbian)
2014-08-25 15:00:46 -04:00
distroconf=default.conf.lxcbr
distrosysconf="$sysconfdir/default"
2012-10-17 13:28:27 -04:00
;;
2018-03-27 15:21:51 -04:00
redhat|redhatenterpriseserver|centos|fedora|oracle|oracleserver|sparclinux|altlinux|suse|opensuse*|plamo|pld)
2014-08-25 15:00:46 -04:00
distroconf=default.conf.lxcbr
distrosysconf="$sysconfdir/sysconfig"
2012-10-17 13:28:27 -04:00
;;
*)
2013-05-31 16:02:33 +02:00
distroconf=default.conf.unknown
2014-08-25 15:00:46 -04:00
distrosysconf="$sysconfdir/default"
2012-10-17 13:28:27 -04:00
;;
esac
AC_MSG_RESULT([$with_distro])
2014-08-08 23:13:27 -04:00
AM_CONDITIONAL([HAVE_DEBIAN], [test x"$with_distro" = "xdebian" -o x"$with_distro" = "xubuntu" -o x"$with_distro" = "xraspbian"])
2013-10-02 22:30:31 -05:00
AM_CONDITIONAL([DISTRO_UBUNTU], [test "x$with_distro" = "xubuntu"])
2012-08-27 19:04:43 -04:00
2014-08-21 07:56:39 -03:00
AC_CONFIG_LINKS([config/etc/default.conf:config/etc/${distroconf}])
2013-12-31 14:21:55 -05:00
# Check for init system type
AC_MSG_CHECKING([for init system type])
AC_ARG_WITH([init-script],
2014-01-06 14:05:12 -05:00
[AC_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@],
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
[Type(s) of init script to install: sysvinit, systemd, upstart,
2014-01-06 14:05:12 -05:00
distro @<:@default=distro@:>@])],[],[with_init_script=distro])
2013-12-31 14:21:55 -05:00
case "$with_init_script" in
distro)
case $with_distro in
2016-03-05 16:40:17 +03:00
fedora|altlinux|opensuse*)
2013-12-31 14:21:55 -05:00
init_script=systemd
;;
2018-03-27 15:21:51 -04:00
redhat|redhatenterpriseserver|oracle|oracleserver|sparclinux|plamo)
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
init_script=sysvinit
2013-12-31 14:21:55 -05:00
;;
2017-05-11 15:07:07 +08:00
centos)
init_script=sysvinit,systemd
;;
2017-05-11 15:16:14 +08:00
debian|raspbian|ubuntu)
2014-07-31 08:53:56 +02:00
init_script=upstart,systemd
2013-12-31 14:21:55 -05:00
;;
2016-08-20 16:51:04 +03:00
pld)
init_script=sysvinit,upstart,systemd
;;
2013-12-31 14:21:55 -05:00
*)
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
echo -n "Linux distribution init system unknown."
init_script=
2013-12-31 14:21:55 -05:00
;;
esac
;;
*)
2014-01-06 14:05:12 -05:00
init_script=$with_init_script
2013-12-31 14:21:55 -05:00
;;
esac
2014-01-06 14:05:12 -05:00
# Check valid init systems were given, run in subshell so we don't mess up IFS
(IFS="," ; for init_sys in $init_script;
do
case "$init_sys" in
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
none|sysvinit|systemd|upstart)
2014-01-06 14:05:12 -05:00
;;
*)
exit 1
;;
esac
done) || AC_MSG_ERROR([Unknown init system type in $init_script])
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysvinit"])
2014-01-06 14:05:12 -05:00
AM_CONDITIONAL([INIT_SCRIPT_SYSTEMD], [echo "$init_script" |grep -q "systemd"])
AM_CONDITIONAL([INIT_SCRIPT_UPSTART], [echo "$init_script" |grep -q "upstart"])
2013-12-31 14:21:55 -05:00
AC_MSG_RESULT($init_script)
2014-07-31 08:53:52 +02:00
# systemd unit dir
AC_ARG_WITH([systemdsystemunitdir],
AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
[],
[with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
if test -z "$with_systemdsystemunitdir"; then
with_systemdsystemunitdir=/lib/systemd/system
fi
if test "x$with_systemdsystemunitdir" != "xno"; then
AC_SUBST([SYSTEMD_UNIT_DIR], [$with_systemdsystemunitdir])
fi
2016-09-04 09:35:44 +02:00
AC_ARG_ENABLE([werror],
[AC_HELP_STRING([--disable-werror],
[do not treat warnings as errors])],
[], [enable_werror=yes])
2013-01-08 12:02:52 -05:00
# Allow disabling rpath
2011-09-13 15:08:04 +02:00
AC_ARG_ENABLE([rpath],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-rpath], [set rpath in executables [default=no]])],
[], [enable_rpath=no])
2011-09-13 15:08:04 +02:00
AM_CONDITIONAL([ENABLE_RPATH], [test "x$enable_rpath" = "xyes"])
2013-01-08 12:02:52 -05:00
# Documentation (manpages)
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com>
Acked-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
2009-11-04 14:03:44 +01:00
AC_ARG_ENABLE([doc],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-doc], [make man pages [default=auto]])],
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com>
Acked-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
2009-11-04 14:03:44 +01:00
[], [enable_doc=auto])
if test "x$enable_doc" = "xyes" -o "x$enable_doc" = "xauto"; then
2012-11-12 15:38:50 -05:00
db2xman=""
2016-08-20 16:51:04 +03:00
dbparsers="docbook2X2man docbook2x-man db2x_docbook2man docbook2man docbook-to-man"
2013-04-25 12:20:30 +02:00
2012-11-12 15:38:50 -05:00
AC_MSG_CHECKING(for docbook2x-man)
2013-04-25 12:20:30 +02:00
for name in ${dbparsers}; do
2012-11-12 15:38:50 -05:00
if "$name" --help >/dev/null 2>&1; then
db2xman="$name"
break;
fi
done
if test -n "${db2xman}"; then
2013-01-08 12:02:52 -05:00
AC_MSG_RESULT([${db2xman}])
2013-12-15 18:48:38 -05:00
enable_doc="yes"
2012-11-12 15:38:50 -05:00
else
2013-01-08 12:02:52 -05:00
AC_MSG_RESULT([no])
2012-11-12 15:38:50 -05:00
if test "x$enable_doc" = "xyes"; then
2013-12-15 18:48:38 -05:00
AC_MSG_ERROR([docbook2x-man is required, but could not be found])
2012-11-12 15:38:50 -05:00
fi
2013-12-15 18:48:38 -05:00
enable_doc="no"
2012-11-12 15:38:50 -05:00
fi
AC_SUBST(db2xman)
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com>
Acked-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
2009-11-04 14:03:44 +01:00
fi
2013-01-08 12:02:52 -05:00
AM_CONDITIONAL([ENABLE_DOCBOOK], [test "x$db2xman" != "x"])
2013-09-25 19:36:30 +09:00
AM_CONDITIONAL([USE_DOCBOOK2X], [test "x$db2xman" != "xdocbook2man"])
configure.ac - allow user to switch off/on documentation generation
Andrian Nord <NightNord@gmail.com>:
>> > > As documentation requires docbook2man to be installed, which is not,
>> > > otherwise, required for proper LXC work or compilation process, it
>> > > might be usefull to be able to switch it off.
Michel Normand <normand@fr.ibm.com>:
> > For me, it is Ok to add a --enable/disable/-doc,
> > but not make configure to fail if no option specified
> > and no docbook2man package.
> >
> > For me it should be optionnal.
> > I like the current behaviour where configure is running without option
> > and is enabling/disabling by itself the doc building.
> > Could you send a new patch with this idea ?
Andrian Nord <NightNord@gmail.com>:
Of course. You mean, that you what default behaviour to remain
auto-detection? That is:
--enable-doc: require docbook2man or fail, generate mans
--enable-doc=auto, or not specified (default): check for docbook2man,
generate mans if found, silently ignore if not found (I suppose
diagnostic message is redundant, as information already contains into
./configure --help)
--disable-doc: never check for docbook2man and don't gen mans
Here comes a patch what do this, as far as I see
(I'm sorry for violating post-rules in previous mail, now I'll do all
right, I hope. Should I attach patch anyway, as it might be usefull
for applying?)
Signed-off-by: Andrian Nord <NightNord@gmail.com>
Acked-by: Michel Normand <normand@fr.ibm.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
2009-11-04 14:03:44 +01:00
2013-04-29 16:47:35 -04:00
if test "x$db2xman" = "xdocbook2man"; then
docdtd="\"-//Davenport//DTD DocBook V3.0//EN\""
else
docdtd="\"-//OASIS//DTD DocBook XML\" \"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd\""
fi
AC_SUBST(docdtd)
2013-11-25 13:42:09 +00:00
# Documentation (API)
AC_ARG_ENABLE([api-docs],
[AC_HELP_STRING([--enable-api-docs],
2013-12-15 18:48:38 -05:00
[make API documentation [default=auto]])],
2013-11-25 13:42:09 +00:00
[], [enable_api_docs=auto])
if test "x$enable_api_docs" = "xyes" -o "x$enable_api_docs" = "xauto"; then
2013-12-15 18:48:38 -05:00
AC_CHECK_PROGS([HAVE_DOXYGEN],[doxygen])
AC_SUBST([HAVE_DOXYGEN])
if test "x$HAVE_DOXYGEN" != "x"; then
enable_api_docs="yes"
else
if test "x$enable_api_docs" = "xyes"; then
AC_MSG_ERROR([doxygen is required, but could not be found])
fi
enable_api_docs="no"
fi
2013-11-25 13:42:09 +00:00
fi
2013-12-15 18:48:38 -05:00
AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"])
2013-11-25 13:42:09 +00:00
2013-01-08 12:02:52 -05:00
# Apparmor
2012-08-17 13:04:34 -05:00
AC_ARG_ENABLE([apparmor],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])],
[], [enable_apparmor=auto])
2012-08-17 13:04:34 -05:00
2013-12-15 18:48:38 -05:00
if test "$enable_apparmor" = "auto" ; then
2012-08-17 13:04:34 -05:00
AC_CHECK_LIB([apparmor],[aa_change_profile],[enable_apparmor=yes], [enable_apparmor=no])
fi
AM_CONDITIONAL([ENABLE_APPARMOR], [test "x$enable_apparmor" = "xyes"])
2016-12-18 21:39:24 +01:00
# GnuTLS
AC_ARG_ENABLE([gnutls],
[AC_HELP_STRING([--enable-gnutls], [enable GnuTLS support [default=auto]])],
[], [enable_gnutls=auto])
if test "$enable_gnutls" = "auto" ; then
AC_CHECK_LIB([gnutls], [gnutls_hash_fast], [enable_gnutls=yes], [enable_gnutls=no])
fi
AM_CONDITIONAL([ENABLE_GNUTLS], [test "x$enable_gnutls" = "xyes"])
AM_COND_IF([ENABLE_GNUTLS],
[AC_CHECK_HEADER([gnutls/gnutls.h],[],[AC_MSG_ERROR([You must install the GnuTLS development package in order to compile lxc])])
2018-04-07 15:48:46 +02:00
AC_CHECK_LIB([gnutls], [gnutls_hash_fast],[true],[AC_MSG_ERROR([You must install the GnuTLS development package in order to compile lxc])])
2016-12-18 21:39:24 +01:00
AC_SUBST([GNUTLS_LIBS], [-lgnutls])])
2013-09-24 11:13:02 -04:00
# SELinux
AC_ARG_ENABLE([selinux],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-selinux], [enable SELinux support [default=auto]])],
[], [enable_selinux=auto])
2013-09-24 11:13:02 -04:00
2013-12-15 18:48:38 -05:00
if test "x$enable_selinux" = xauto; then
2013-09-24 11:13:02 -04:00
AC_CHECK_LIB([selinux],[setexeccon_raw],[enable_selinux=yes],[enable_selinux=no])
fi
AM_CONDITIONAL([ENABLE_SELINUX], [test "x$enable_selinux" = "xyes"])
AM_COND_IF([ENABLE_SELINUX],
[AC_CHECK_HEADER([selinux/selinux.h],[],[AC_MSG_ERROR([You must install the SELinux development package in order to compile lxc])])
2014-06-19 14:53:01 -04:00
AC_CHECK_LIB([selinux], [setexeccon_raw],[true],[AC_MSG_ERROR([You must install the SELinux development package in order to compile lxc])])
AC_SUBST([SELINUX_LIBS], [-lselinux])])
2013-09-24 11:13:02 -04:00
2013-01-08 12:02:52 -05:00
# Seccomp syscall filter
2012-08-17 13:04:34 -05:00
AC_ARG_ENABLE([seccomp],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-seccomp], [enable seccomp support [default=auto]])],
[], [enable_seccomp=auto])
2012-08-17 13:04:34 -05:00
2013-12-15 18:48:38 -05:00
if test "x$enable_seccomp" = "xauto" ; then
2012-08-17 13:04:34 -05:00
AC_CHECK_LIB([seccomp],[seccomp_init],[enable_seccomp=yes],[enable_seccomp=no])
fi
AM_CONDITIONAL([ENABLE_SECCOMP], [test "x$enable_seccomp" = "xyes"])
2012-07-27 21:13:53 -05:00
AM_COND_IF([ENABLE_SECCOMP],
2013-04-24 10:46:21 +02:00
[PKG_CHECK_MODULES([SECCOMP],[libseccomp],[],[
AC_CHECK_HEADER([seccomp.h],[],[AC_MSG_ERROR([You must install the seccomp development package in order to compile lxc])])
AC_CHECK_LIB([seccomp], [seccomp_init],[],[AC_MSG_ERROR([You must install the seccomp development package in order to compile lxc])])
AC_SUBST([SECCOMP_LIBS], [-lseccomp])
])
])
2012-07-27 21:13:53 -05:00
2018-01-03 21:02:53 -06:00
AC_MSG_CHECKING(for static libcap)
2014-06-20 16:45:09 -04:00
# Check for static libcap, make sure the function checked for differs from the
# the one checked below so the cache doesn't give a wrong answer
OLD_CFLAGS="$CFLAGS"
2018-01-03 21:02:53 -06:00
OLD_CPPFLAGS="$CPPFLAGS"
OLD_LDFLAGS="$LDFLAGS"
OLD_LIBS="$LIBS"
CFLAGS=""
CPPFLAGS=""
LDFLAGS="-static"
LIBS="-lcap"
AC_LINK_IFELSE([
AC_LANG_SOURCE(
[[int main() { return 0; }]]
)],[have_static_libcap=yes],[have_static_libcap=no])
2014-06-20 16:45:09 -04:00
AM_CONDITIONAL([HAVE_STATIC_LIBCAP], [test "x$have_static_libcap" = "xyes"])
if test "x$have_static_libcap" = "xyes"; then
AC_DEFINE([HAVE_STATIC_LIBCAP], 1, [Have static libcap])
2018-01-03 21:02:53 -06:00
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
2014-06-20 16:45:09 -04:00
fi
2018-01-03 21:02:53 -06:00
CPPFLAGS="$OLD_CPPFLAGS"
2014-06-20 16:45:09 -04:00
CFLAGS="$OLD_CFLAGS"
2018-01-03 21:02:53 -06:00
LDFLAGS="$OLD_LDFLAGS"
LIBS="$OLD_LIBS"
2014-06-20 16:45:09 -04:00
2013-12-15 18:48:38 -05:00
# Linux capabilities
AC_ARG_ENABLE([capabilities],
[AC_HELP_STRING([--enable-capabilities], [enable kernel capabilities support [default=auto]])],
[], [enable_capabilities=auto])
if test "x$enable_capabilities" = "xauto"; then
AC_CHECK_LIB([cap],[cap_set_proc],[enable_capabilities=yes],[enable_capabilities=no])
fi
AM_CONDITIONAL([ENABLE_CAP], [test "x$enable_capabilities" = "xyes"])
AM_COND_IF([ENABLE_CAP],
2017-02-11 22:40:19 +01:00
[AC_CHECK_HEADER([sys/capability.h],[],[AC_MSG_ERROR([You must install the libcap development package in order to compile lxc])])
AC_CHECK_LIB(cap,cap_set_proc,[],[AC_MSG_ERROR([You must install the libcap development package in order to compile lxc])])
2017-04-19 00:05:24 +02:00
# Test whether we support getting file capabilities via cap_get_file().
AC_CHECK_LIB(cap,cap_get_file, AC_DEFINE(LIBCAP_SUPPORTS_FILE_CAPABILITIES,1,[Have cap_get_file]),[],[])
AC_SUBST([CAP_LIBS], [-lcap])])
2013-12-15 18:48:38 -05:00
2012-12-11 11:40:02 -06:00
# HAVE_SCMP_FILTER_CTX=1 will tell us we have libseccomp api >= 1.0.0
2013-04-24 10:46:21 +02:00
OLD_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $SECCOMP_CFLAGS"
2013-12-15 18:48:38 -05:00
AC_CHECK_TYPES([scmp_filter_ctx], [], [], [[#include <seccomp.h>]])
2014-02-12 17:20:22 -06:00
AC_CHECK_DECLS([seccomp_syscall_resolve_name_arch], [], [], [[#include <seccomp.h>]])
2013-04-24 10:46:21 +02:00
CFLAGS="$OLD_CFLAGS"
2012-12-11 11:40:02 -06:00
2013-01-08 12:02:52 -05:00
# Configuration examples
2009-11-13 11:48:29 +01:00
AC_ARG_ENABLE([examples],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-examples], [install examples [default=yes]])],
2009-11-13 11:48:29 +01:00
[], [enable_examples=yes])
AM_CONDITIONAL([ENABLE_EXAMPLES], [test "x$enable_examples" = "xyes"])
2013-11-01 16:16:10 -04:00
# Enable dumping stack traces
AC_ARG_ENABLE([mutex-debugging],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-mutex-debugging], [Makes mutexes to report error and provide stack trace [default=no]])],
[], [enable_mutex_debugging=no])
2013-11-01 16:16:10 -04:00
AM_CONDITIONAL([MUTEX_DEBUGGING], [test "x$enable_mutex_debugging" = "xyes"])
AM_COND_IF([MUTEX_DEBUGGING],
AC_DEFINE_UNQUOTED([MUTEX_DEBUGGING], 1, [Enabling mutex debugging]))
2013-09-05 16:40:49 -04:00
# Not in older autoconf versions
# AS_VAR_COPY(DEST, SOURCE)
# -------------------------
# Set the polymorphic shell variable DEST to the contents of the polymorphic
# shell variable SOURCE.
m4_ifdef([AS_VAR_COPY], [],
[AC_DEFUN([AS_VAR_COPY],
[AS_LITERAL_IF([$1[]$2], [$1=$$2], [eval $1=\$$2])])
])
2013-09-05 17:13:07 +02:00
dnl PKG_CHECK_VAR was introduced with pkg-config 0.28
m4_ifdef([PKG_CHECK_VAR], [],
[AC_DEFUN([PKG_CHECK_VAR],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
_PKG_CONFIG([$1], [variable="][$3]["], [$2])
AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])# PKG_CHECK_VAR
])
2013-01-24 11:42:22 -05:00
2014-01-20 23:49:19 -05:00
# Optional bash integration
AC_ARG_ENABLE([bash],
[AC_HELP_STRING([--enable-bash], [build bash integration [default=yes]])],
[], [enable_bash=yes])
AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = "xyes"])
2016-11-12 14:44:40 +01:00
AM_COND_IF([ENABLE_BASH],
[AC_MSG_CHECKING([bash completion directory])
PKG_CHECK_VAR(bashcompdir, [bash-completion], [completionsdir], ,
bashcompdir="${sysconfdir}/bash_completion.d")
AC_MSG_RESULT([$bashcompdir])
AC_SUBST(bashcompdir)
])
2018-02-14 11:33:33 +01:00
# Build the command line tools
AC_ARG_ENABLE([tools],
[AC_HELP_STRING([--enable-tools], [build the command line tools [default=yes]])],
[], [enable_tools=yes])
AM_CONDITIONAL([ENABLE_TOOLS], [test "x$enable_tools" = "xyes"])
# Build the liblxc commands
AC_ARG_ENABLE([commands],
[AC_HELP_STRING([--enable-commands], [build the liblxc commands [default=yes]])],
[], [enable_commands=yes])
AM_CONDITIONAL([ENABLE_COMMANDS], [test "x$enable_commands" = "xyes"])
2013-01-08 12:02:52 -05:00
# Optional test binaries
2012-09-01 19:57:11 -04:00
AC_ARG_ENABLE([tests],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-tests], [build test/example binaries [default=no]])],
[], [enable_tests=no])
2012-09-01 19:57:11 -04:00
AM_CONDITIONAL([ENABLE_TESTS], [test "x$enable_tests" = "xyes"])
2014-02-11 17:40:20 -05:00
# Allow overriding the default runtime dir (/run)
AC_ARG_WITH([runtime-path],
[AC_HELP_STRING(
[--with-runtime-path=dir],
[runtime directory (default: /run)]
)], [], [with_runtime_path=['/run']])
2013-01-08 12:02:52 -05:00
# LXC container path, where the containers are actually stored
2013-02-18 11:52:53 -05:00
# This is overridden by an entry in the file called LXCCONF
2013-02-06 15:11:19 -06:00
# (i.e. /etc/lxc/lxc.conf)
2009-11-17 10:56:23 +01:00
AC_ARG_WITH([config-path],
[AC_HELP_STRING(
[--with-config-path=dir],
2009-12-28 22:10:11 +01:00
[lxc configuration repository path]
2011-09-13 15:08:04 +02:00
)], [], [with_config_path=['${localstatedir}/lib/lxc']])
2009-11-17 10:56:23 +01:00
2013-02-06 15:11:19 -06:00
# The path of the global lxc configuration file.
AC_ARG_WITH([global-conf],
[AC_HELP_STRING(
[--with-global-conf=dir],
[global lxc configuration file]
)], [], [with_global_conf=['${sysconfdir}/lxc/lxc.conf']])
2013-09-21 17:43:46 -05:00
# The path of the userns network configuration file
2013-08-09 21:08:28 -05:00
AC_ARG_WITH([usernic-conf],
[AC_HELP_STRING(
[--with-usernic-conf],
[user network interface configuration file]
)], [], [with_usernic_conf=['${sysconfdir}/lxc/lxc-usernet']])
2013-09-21 17:43:46 -05:00
# The path of the runtime usernic database
2013-08-09 21:08:28 -05:00
AC_ARG_WITH([usernic-db],
[AC_HELP_STRING(
[--with-usernic-db],
[lxc user nic database]
2014-02-12 17:46:06 -05:00
)], [], [with_usernic_db=['${with_runtime_path}/lxc/nics']])
2013-08-09 21:08:28 -05:00
2013-01-08 12:02:52 -05:00
# Rootfs path, where the container mount structure is assembled
2010-05-12 23:44:28 +02:00
AC_ARG_WITH([rootfs-path],
[AC_HELP_STRING(
[--with-rootfs-path=dir],
[lxc rootfs mount point]
2011-09-13 15:08:04 +02:00
)], [], [with_rootfs_path=['${libdir}/lxc/rootfs']])
2013-09-21 17:43:46 -05:00
2013-09-08 13:43:13 +02:00
# cgroup pattern specification
AC_ARG_WITH([cgroup-pattern],
[AC_HELP_STRING(
[--with-cgroup-pattern=pattern],
[pattern for container cgroups]
2018-09-10 15:24:21 +02:00
)], [], [with_cgroup_pattern=['lxc.payload/%n']])
2010-05-12 23:44:28 +02:00
apparmor: profile generation
This copies lxd's apparmor profile generation. This tries to
detect features such as cgroup namespaces, apparmor
namespaces and stacking support, and has profile parts
conditionally for unprivileged containers.
This introduces the following changes to the configuration:
lxc.apparmor.profile = generated
The fixed value 'generated' will cause this
functionality to be used, otherwise there should be no
functional changes happening unless specifically
requested with the next key:
lxc.apparmor.allow_nesting
This is a boolean which, if enabled, causes the
following changes: When generated apparmor profiles are
used, they will contain the necessary changes to allow
creating a nested container. In addition to the usual
mount points, /dev/.lxc/proc and /dev/.lxc/sys will
contain procfs and sysfs mount points without the lxcfs
overlays, which, if generated apparmor profiles are
being used, will not be read/writable directly.
lxc.apparmor.raw
A list of raw apparmor profile lines to append to the
profile. Only valid when using generated profiles.
The following apparmor profile lines have not been copied
from lxd:
mount /var/lib/lxd/shmounts/ -> /var/lib/lxd/shmounts/,
mount none -> /var/lib/lxd/shmounts/,
mount options=bind /var/lib/lxd/shmounts/** -> /var/lib/lxd/**,
They should be added via lxc.apparmor.raw entries by lxd.
In order for apparmor_parser's cache to be of use, this adds
a --with-apparmor-cache-dir ./configure option.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-07-25 12:11:31 +02:00
# The path for the apparmor_parser's cache for generated apparmor profiles
AC_ARG_WITH([apparmor-cache-dir],
[AC_HELP_STRING(
[--with-apparmor-cache-dir=dir],
[path for apparmor_parser cache]
)], [], [with_apparmor_cache_dir=['${localstatedir}/cache/lxc/apparmor']])
use a default per-container logfile
Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'. With this patch,
the default becomes a per-container log file.
If a container config file specifies 'lxc.logfile', that will override
the default. If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry. Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
If the user does not have rights to open the default, then 'none' will
be used. However, in that case an error will show up on console. (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out) If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.
One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.
changelog: Jan 24:
add --enable-configpath-log configure option
When we log to /var/lib/lxc/$container/$container.log, several things
need to be done differently than when we log into /var/log/lxc (for
instance). So give it a configure option so we know what to do
When the user specifies a logfile, we bail if we can't open it. But
when opening the default logfile, the user may not have rights to
open it, so in that case ignore it and continue as if using 'none'.
When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
Otherwise, we use $LOGPATH/$name.log.
When using /var/lib/lxc/$c/$c.log, don't try to create the log path
/var/lib/lxc/$c. It can only not exist if the container doesn't
exist. We don't want to create the directory in that case. When
using /var/log/lxc, then we do want to create the path if it does
not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2013-01-24 12:04:54 -06:00
# Container log path. By default, use $lxcpath.
AC_MSG_CHECKING([Whether to place logfiles in container config path])
AC_ARG_ENABLE([configpath-log],
2013-12-15 18:48:38 -05:00
[AC_HELP_STRING([--enable-configpath-log], [use logfiles in config path [default=no]])],
[], [enable_configpath_log=no])
AC_MSG_RESULT([$enable_configpath_log])
AM_CONDITIONAL([USE_CONFIGPATH_LOGS], [test "$enable_configpath_log" = "yes"])
use a default per-container logfile
Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'. With this patch,
the default becomes a per-container log file.
If a container config file specifies 'lxc.logfile', that will override
the default. If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry. Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
If the user does not have rights to open the default, then 'none' will
be used. However, in that case an error will show up on console. (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out) If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.
One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.
changelog: Jan 24:
add --enable-configpath-log configure option
When we log to /var/lib/lxc/$container/$container.log, several things
need to be done differently than when we log into /var/log/lxc (for
instance). So give it a configure option so we know what to do
When the user specifies a logfile, we bail if we can't open it. But
when opening the default logfile, the user may not have rights to
open it, so in that case ignore it and continue as if using 'none'.
When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
Otherwise, we use $LOGPATH/$name.log.
When using /var/lib/lxc/$c/$c.log, don't try to create the log path
/var/lib/lxc/$c. It can only not exist if the container doesn't
exist. We don't want to create the directory in that case. When
using /var/log/lxc, then we do want to create the path if it does
not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2013-01-24 12:04:54 -06:00
2013-12-15 18:48:38 -05:00
if test "$enable_configpath_log" = "yes"; then
use a default per-container logfile
Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'. With this patch,
the default becomes a per-container log file.
If a container config file specifies 'lxc.logfile', that will override
the default. If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry. Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
If the user does not have rights to open the default, then 'none' will
be used. However, in that case an error will show up on console. (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out) If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.
One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.
changelog: Jan 24:
add --enable-configpath-log configure option
When we log to /var/lib/lxc/$container/$container.log, several things
need to be done differently than when we log into /var/log/lxc (for
instance). So give it a configure option so we know what to do
When the user specifies a logfile, we bail if we can't open it. But
when opening the default logfile, the user may not have rights to
open it, so in that case ignore it and continue as if using 'none'.
When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
Otherwise, we use $LOGPATH/$name.log.
When using /var/lib/lxc/$c/$c.log, don't try to create the log path
/var/lib/lxc/$c. It can only not exist if the container doesn't
exist. We don't want to create the directory in that case. When
using /var/log/lxc, then we do want to create the path if it does
not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2013-01-24 12:04:54 -06:00
default_log_path="${with_config_path}"
else
2013-03-17 23:21:31 +09:00
default_log_path="${localstatedir}/log/lxc"
use a default per-container logfile
Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'. With this patch,
the default becomes a per-container log file.
If a container config file specifies 'lxc.logfile', that will override
the default. If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry. Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
If the user does not have rights to open the default, then 'none' will
be used. However, in that case an error will show up on console. (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out) If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.
One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.
changelog: Jan 24:
add --enable-configpath-log configure option
When we log to /var/lib/lxc/$container/$container.log, several things
need to be done differently than when we log into /var/log/lxc (for
instance). So give it a configure option so we know what to do
When the user specifies a logfile, we bail if we can't open it. But
when opening the default logfile, the user may not have rights to
open it, so in that case ignore it and continue as if using 'none'.
When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
Otherwise, we use $LOGPATH/$name.log.
When using /var/lib/lxc/$c/$c.log, don't try to create the log path
/var/lib/lxc/$c. It can only not exist if the container doesn't
exist. We don't want to create the directory in that case. When
using /var/log/lxc, then we do want to create the path if it does
not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2013-01-24 12:04:54 -06:00
fi
AC_ARG_WITH([log-path],
[AC_HELP_STRING(
[--with-log-path=dir],
[per container log path]
)], [], [with_log_path=['${default_log_path}']])
2013-01-08 12:02:52 -05:00
# Expand some useful variables
AS_AC_EXPAND(PREFIX, "$prefix")
AS_AC_EXPAND(LIBDIR, "$libdir")
AS_AC_EXPAND(BINDIR, "$bindir")
2014-03-27 10:36:06 -05:00
AS_AC_EXPAND(SBINDIR, "$sbindir")
2013-01-08 12:02:52 -05:00
AS_AC_EXPAND(LIBEXECDIR, "$libexecdir")
AS_AC_EXPAND(INCLUDEDIR, "$includedir")
AS_AC_EXPAND(SYSCONFDIR, "$sysconfdir")
2013-05-31 16:09:14 +02:00
AS_AC_EXPAND(LXC_DEFAULT_CONFIG, "$sysconfdir/lxc/default.conf")
2013-01-08 12:02:52 -05:00
AS_AC_EXPAND(DATADIR, "$datadir")
AS_AC_EXPAND(LOCALSTATEDIR, "$localstatedir")
AS_AC_EXPAND(DOCDIR, "$docdir")
2016-04-12 19:20:10 +02:00
AS_AC_EXPAND(LXC_GENERATE_DATE, "$(date --utc --date=@${SOURCE_DATE_EPOCH:-$(date +%s)} '+%Y-%m-%d')")
2013-01-08 12:02:52 -05:00
AS_AC_EXPAND(LXCPATH, "$with_config_path")
2013-02-06 15:11:19 -06:00
AS_AC_EXPAND(LXC_GLOBAL_CONF, "$with_global_conf")
2013-08-09 21:08:28 -05:00
AS_AC_EXPAND(LXC_USERNIC_CONF, "$with_usernic_conf")
AS_AC_EXPAND(LXC_USERNIC_DB, "$with_usernic_db")
2014-08-25 15:00:46 -04:00
AS_AC_EXPAND(LXC_DISTRO_SYSCONF, "$distrosysconf")
2013-01-08 12:02:52 -05:00
AS_AC_EXPAND(LXCROOTFSMOUNT, "$with_rootfs_path")
AS_AC_EXPAND(LXCTEMPLATEDIR, "$datadir/lxc/templates")
2013-11-29 19:19:09 -05:00
AS_AC_EXPAND(LXCTEMPLATECONFIG, "$datadir/lxc/config")
2013-02-19 15:44:19 -05:00
AS_AC_EXPAND(LXCHOOKDIR, "$datadir/lxc/hooks")
2015-11-05 15:02:11 +01:00
AS_AC_EXPAND(LXCBINHOOKDIR, "$libexecdir/lxc/hooks")
2013-01-08 12:02:52 -05:00
AS_AC_EXPAND(LXCINITDIR, "$libexecdir")
use a default per-container logfile
Until now, if a lxc-* (i.e. lxc-start) command did not specify a logfile
(with -o logfile), the default was effectively 'none'. With this patch,
the default becomes a per-container log file.
If a container config file specifies 'lxc.logfile', that will override
the default. If a '-o logfile' argument is specifed at lxc-start,
then that will override both the default and the configuration file
entry. Finally, '-o none' can be used to avoid having a logfile at
all (in other words, the previous default), and that will override
a lxc.logfile entry in the container configuration file.
If the user does not have rights to open the default, then 'none' will
be used. However, in that case an error will show up on console. (We
can work on removing that if it annoys people, but I think it is
helpful, at least while we're still ironing this set out) If the user
or container configuration file specified a logfile, and the user does
not have rights to open the default, then the action will fail.
One slight "mis-behavior" which I have not fixed (and may not fix) is
that if a lxc.logfile is specified, the default logfile will still
get created before we read the configuration file to find out there
is a lxc.logfile entry.
changelog: Jan 24:
add --enable-configpath-log configure option
When we log to /var/lib/lxc/$container/$container.log, several things
need to be done differently than when we log into /var/log/lxc (for
instance). So give it a configure option so we know what to do
When the user specifies a logfile, we bail if we can't open it. But
when opening the default logfile, the user may not have rights to
open it, so in that case ignore it and continue as if using 'none'.
When using /var/lib/lxc/$c/$c.log, we use $LOGPATH/$name/$name.log.
Otherwise, we use $LOGPATH/$name.log.
When using /var/lib/lxc/$c/$c.log, don't try to create the log path
/var/lib/lxc/$c. It can only not exist if the container doesn't
exist. We don't want to create the directory in that case. When
using /var/log/lxc, then we do want to create the path if it does
not exist.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2013-01-24 12:04:54 -06:00
AS_AC_EXPAND(LOGPATH, "$with_log_path")
2014-02-11 17:40:20 -05:00
AS_AC_EXPAND(RUNTIME_PATH, "$with_runtime_path")
apparmor: profile generation
This copies lxd's apparmor profile generation. This tries to
detect features such as cgroup namespaces, apparmor
namespaces and stacking support, and has profile parts
conditionally for unprivileged containers.
This introduces the following changes to the configuration:
lxc.apparmor.profile = generated
The fixed value 'generated' will cause this
functionality to be used, otherwise there should be no
functional changes happening unless specifically
requested with the next key:
lxc.apparmor.allow_nesting
This is a boolean which, if enabled, causes the
following changes: When generated apparmor profiles are
used, they will contain the necessary changes to allow
creating a nested container. In addition to the usual
mount points, /dev/.lxc/proc and /dev/.lxc/sys will
contain procfs and sysfs mount points without the lxcfs
overlays, which, if generated apparmor profiles are
being used, will not be read/writable directly.
lxc.apparmor.raw
A list of raw apparmor profile lines to append to the
profile. Only valid when using generated profiles.
The following apparmor profile lines have not been copied
from lxd:
mount /var/lib/lxd/shmounts/ -> /var/lib/lxd/shmounts/,
mount none -> /var/lib/lxd/shmounts/,
mount options=bind /var/lib/lxd/shmounts/** -> /var/lib/lxd/**,
They should be added via lxc.apparmor.raw entries by lxd.
In order for apparmor_parser's cache to be of use, this adds
a --with-apparmor-cache-dir ./configure option.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-07-25 12:11:31 +02:00
AS_AC_EXPAND(APPARMOR_CACHE_DIR, "$with_apparmor_cache_dir")
2013-09-08 13:43:13 +02:00
AC_SUBST(DEFAULT_CGROUP_PATTERN, ["$with_cgroup_pattern"])
2009-10-22 15:33:40 +02:00
2014-10-22 22:25:02 +00:00
# We need the install path so criu knows where to reference the hook scripts.
AC_DEFINE_UNQUOTED([DATADIR], "$DATADIR", ["Prefix for shared files."])
2013-01-08 12:02:52 -05:00
# Check for some standard kernel headers
2012-05-04 00:50:15 +02:00
AC_CHECK_HEADERS([linux/unistd.h linux/netlink.h linux/genetlink.h],
2013-01-08 12:02:52 -05:00
[],
AC_MSG_ERROR([Please install the Linux kernel headers.]),
[#include <sys/socket.h>])
2008-12-09 17:49:21 +00:00
2013-01-08 12:02:51 -05:00
# Check for alternate C libraries
AC_MSG_CHECKING(for bionic libc)
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
2013-01-08 12:02:52 -05:00
[[#ifndef __ANDROID__
2013-01-08 12:02:51 -05:00
error: Not bionic!
#endif]])],
2013-01-08 12:02:52 -05:00
[is_bionic=yes],
[is_bionic=no])
2013-01-08 12:02:51 -05:00
if test "x$is_bionic" = "xyes"; then
2013-01-08 12:02:52 -05:00
AC_DEFINE([IS_BIONIC], 1, [bionic libc])
AC_MSG_RESULT([yes])
2013-01-08 12:02:51 -05:00
else
2013-01-08 12:02:52 -05:00
AC_MSG_RESULT([no])
2013-01-08 12:02:51 -05:00
fi
AM_CONDITIONAL([IS_BIONIC], [test "x$is_bionic" = "xyes"])
2018-02-26 16:57:03 +01:00
# Configuration examples
AC_ARG_ENABLE([pam],
[AC_HELP_STRING([--enable-pam], [enable pam module [default=no]])],
[], [enable_pam=no])
AM_CONDITIONAL([ENABLE_PAM], [test "x$enable_pam" = "xyes"])
AM_COND_IF([ENABLE_PAM],
[AC_ARG_WITH(
[pamdir],
[AS_HELP_STRING([--with-pamdir=PATH],[Specify the directory where PAM modules are stored,
or "none" if PAM modules are not to be built])],
[pamdir="${withval}"],
[
if test "${prefix}" = "/usr"; then
pamdir="/lib${libdir##*/lib}/security"
else
pamdir="\$(libdir)/security"
fi
]
)])
2018-02-26 16:54:57 +01:00
AM_CONDITIONAL([HAVE_PAM], [test x"$pamdir" != "xnone"])
2018-02-26 16:57:03 +01:00
AM_COND_IF([ENABLE_PAM],
[if test "z$pamdir" != "znone"; then
AC_ARG_VAR([PAM_CFLAGS], [C compiler flags for pam])
AC_ARG_VAR([PAM_LIBS], [linker flags for pam])
AC_CHECK_LIB(
[pam],
[pam_authenticate],
[PAM_LIBS="-lpam"],
[AC_MSG_ERROR([*** libpam not found.])
])
AC_SUBST(PAM_LIBS)
AC_SUBST([pamdir])
fi])
2018-02-26 16:54:57 +01:00
2009-03-08 17:09:27 +01:00
# Some systems lack PR_CAPBSET_DROP definition => HAVE_DECL_PR_CAPBSET_DROP
AC_CHECK_DECLS([PR_CAPBSET_DROP], [], [], [#include <sys/prctl.h>])
2016-09-03 15:19:27 +02:00
# Some systems lack PR_{G,S}ET_NO_NEW_PRIVS definition => HAVE_DECL_PR_{G,S}ET_NO_NEW_PRIVS
AC_CHECK_DECLS([PR_SET_NO_NEW_PRIVS], [], [], [#include <sys/prctl.h>])
AC_CHECK_DECLS([PR_GET_NO_NEW_PRIVS], [], [], [#include <sys/prctl.h>])
2013-01-03 12:24:11 -05:00
# Check for some headers
2018-08-24 12:44:21 +02:00
AC_CHECK_HEADERS([pty.h sys/memfd.h sys/personality.h sys/resource.h sys/signalfd.h sys/timerfd.h utmpx.h])
2018-08-22 20:28:52 +02:00
AC_CHECK_HEADER([ifaddrs.h],
AM_CONDITIONAL(HAVE_IFADDRS_H, true)
AC_DEFINE(HAVE_IFADDRS_H, 1, [Have ifaddrs.h]),
AM_CONDITIONAL(HAVE_IFADDRS_H, false))
2009-02-02 14:50:00 +00:00
2017-01-21 11:57:13 +00:00
# lookup major()/minor()/makedev()
AC_HEADER_MAJOR
2013-01-03 12:24:14 -05:00
# Check for some syscalls functions
2016-11-25 20:55:38 +01:00
AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create])
2013-01-03 12:24:14 -05:00
2018-08-22 12:25:16 +02:00
# Check for strerror_r() support. Defines:
# - HAVE_STRERROR_R if available
# - HAVE_DECL_STRERROR_R if defined
# - STRERROR_R_CHAR_P if it returns char *
AC_FUNC_STRERROR_R
2013-01-03 12:24:11 -05:00
# Check for some functions
2014-01-04 00:00:04 -05:00
AC_CHECK_LIB(pthread, main)
2014-08-22 16:23:56 -05:00
AC_CHECK_FUNCS(statvfs)
2013-01-11 15:53:14 -05:00
AC_CHECK_LIB(util, openpty)
2014-01-29 14:23:48 +00:00
AC_CHECK_FUNCS([openpty hasmntopt setmntent endmntent utmpxname])
2018-06-15 00:17:01 +02:00
AC_CHECK_FUNCS([getgrgid_r],
AM_CONDITIONAL(HAVE_GETGRGID_R, true)
AC_DEFINE(HAVE_GETGRGID_R,1,[Have getgrgid_r]),
AM_CONDITIONAL(HAVE_GETGRGID_R, false))
2012-12-20 13:46:57 +01:00
AC_CHECK_FUNCS([getline],
AM_CONDITIONAL(HAVE_GETLINE, true)
AC_DEFINE(HAVE_GETLINE,1,[Have getline]),
AM_CONDITIONAL(HAVE_GETLINE, false))
2015-11-17 20:37:10 -05:00
AC_CHECK_FUNCS([getsubopt],
AM_CONDITIONAL(HAVE_GETSUBOPT, true)
AC_DEFINE(HAVE_GETSUBOPT,1,[Have getsubopt]),
AM_CONDITIONAL(HAVE_GETSUBOPT, false))
2012-12-20 13:46:57 +01:00
AC_CHECK_FUNCS([fgetln],
AM_CONDITIONAL(HAVE_FGETLN, true)
AC_DEFINE(HAVE_FGETLN,1,[Have fgetln]),
AM_CONDITIONAL(HAVE_FGETLN, false))
2018-09-28 13:14:25 +02:00
AC_CHECK_FUNCS([keyctl],
AM_CONDITIONAL(HAVE_KEYCTL, true)
AC_DEFINE(HAVE_KEYCTL,1,[Have keyctl]),
AM_CONDITIONAL(HAVE_KEYCTL, false))
2017-04-14 23:25:11 +02:00
AC_CHECK_FUNCS([prlimit],
AM_CONDITIONAL(HAVE_PRLIMIT, true)
AC_DEFINE(HAVE_PRLIMIT,1,[Have prlimit]),
AM_CONDITIONAL(HAVE_PRLIMIT, false))
2017-11-02 16:00:33 +01:00
AC_CHECK_FUNCS([prlimit64],
AM_CONDITIONAL(HAVE_PRLIMIT64, true)
AC_DEFINE(HAVE_PRLIMIT64,1,[Have prlimit64]),
AM_CONDITIONAL(HAVE_PRLIMIT64, false))
2018-06-15 00:17:01 +02:00
AC_CHECK_FUNCS([pthread_setcancelstate],
AM_CONDITIONAL(HAVE_PTHREAD_SETCANCELSTATE, true)
AC_DEFINE(HAVE_PTHREAD_SETCANCELSTATE,1,[Have pthread_setcancelstate]),
AM_CONDITIONAL(HAVE_PTHREAD_SETCANCELSTATE, false))
2018-05-11 12:57:51 +02:00
AC_CHECK_FUNCS([strlcpy],
AM_CONDITIONAL(HAVE_STRLCPY, true)
AC_DEFINE(HAVE_STRLCPY,1,[Have strlcpy]),
AM_CONDITIONAL(HAVE_STRLCPY, false))
2018-06-20 13:44:02 +02:00
AC_CHECK_FUNCS([strlcat],
AM_CONDITIONAL(HAVE_STRLCAT, true)
AC_DEFINE(HAVE_STRLCAT,1,[Have strlcat]),
AM_CONDITIONAL(HAVE_STRLCAT, false))
2012-12-20 13:46:57 +01:00
2018-09-30 12:25:27 +02:00
# HAVE_STRUCT_RTNL_LINK_STATS64={0,1}
AC_CHECK_TYPES([struct rtnl_link_stats64], [], [], [[#include <linux/if_link.h>]])
2013-02-19 11:36:07 -05:00
# Check for some libraries
2017-11-26 16:45:22 -02:00
AX_PTHREAD
2013-02-22 10:55:54 -05:00
AC_SEARCH_LIBS(clock_gettime, [rt])
2013-02-19 11:36:07 -05:00
2013-01-08 12:02:52 -05:00
# Check for some standard binaries
2008-08-06 14:32:29 +00:00
AC_PROG_GCC_TRADITIONAL
2012-09-07 14:53:19 -04:00
AC_PROG_SED
2008-08-06 14:32:29 +00:00
2014-01-04 00:00:04 -05:00
# See if we support thread-local storage.
LXC_CHECK_TLS
2018-09-21 14:54:06 +02:00
AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-color"],,[-Werror])
2018-09-28 13:29:58 +02:00
AX_CHECK_COMPILE_FLAG([-Wimplicit-fallthrough], [CFLAGS="$CFLAGS -Wimplicit-fallthrough"],,[-Werror])
2018-09-23 13:16:52 +02:00
AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror])
2018-09-23 13:19:55 +02:00
AX_CHECK_COMPILE_FLAG([-Wstrict-prototypes], [CFLAGS="$CFLAGS -Wstrict-prototypes"],,[-Werror])
2018-10-12 21:23:07 +02:00
AX_CHECK_COMPILE_FLAG([-fno-strict-aliasing], [CFLAGS="$CFLAGS -fno-strict-aliasing"],,[-Werror])
2018-10-20 00:22:18 +02:00
AX_CHECK_COMPILE_FLAG([-fstack-clash-protection], [CFLAGS="$CFLAGS -fstack-clash-protection"],,[-Werror])
2018-12-04 08:40:05 +01:00
AX_CHECK_LINK_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
2018-10-20 00:22:18 +02:00
AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
AX_CHECK_COMPILE_FLAG([--mcet -fcf-protection], [CFLAGS="$CFLAGS --mcet -fcf-protection"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Werror=implicit-function-declaration], [CFLAGS="$CFLAGS -Werror=implicit-function-declaration"],,[-Werror])
2018-09-21 14:54:06 +02:00
2018-09-28 22:58:20 +02:00
AX_CHECK_LINK_FLAG([-z relro], [LDLAGS="$LDLAGS -z relro"],,[])
AX_CHECK_LINK_FLAG([-z now], [LDLAGS="$LDLAGS -z now"],,[])
2018-09-08 21:05:58 +02:00
CFLAGS="$CFLAGS -Wvla -std=gnu11"
2018-07-26 13:38:21 +02:00
if test "x$enable_werror" = "xyes"; then
2018-09-08 21:05:58 +02:00
CFLAGS="$CFLAGS -Werror"
2008-08-06 14:32:29 +00:00
fi
2018-08-22 13:13:29 +02:00
AC_ARG_ENABLE([thread-safety],
[AC_HELP_STRING([--enable-thread-safety], [enforce thread-safety otherwise fail the build [default=yes]])],
[], [enable_thread_safety=yes])
AM_CONDITIONAL([ENFORCE_THREAD_SAFETY], [test "x$enable_thread_safety" = "xyes"])
2018-09-11 16:04:25 +09:00
AC_ARG_ENABLE([dlog],
[AC_HELP_STRING([--enable-dlog], [enable dlog support [default=no]])],
[], [enable_dlog=no])
AM_CONDITIONAL([ENABLE_DLOG], [test "x$enable_dlog" = "xyes"])
AM_COND_IF([ENABLE_DLOG],
[PKG_CHECK_MODULES([DLOG],[dlog],[],[
AC_CHECK_HEADER([dlog.h],[],[AC_MSG_ERROR([You must install the dlog development package in order to compile lxc])])
AC_CHECK_LIB([dlog], [dlog_print],[],[AC_MSG_ERROR([You must install the dlog development package in order to compile lxc])])
AC_SUBST([DLOG_LIBS], [-ldlog])
])
])
2013-01-08 12:02:52 -05:00
# Files requiring some variable expansion
2008-08-06 14:32:29 +00:00
AC_CONFIG_FILES([
2010-05-12 23:44:28 +02:00
Makefile
2009-06-10 18:21:48 +02:00
lxc.pc
2008-08-06 14:32:29 +00:00
lxc.spec
2013-11-29 19:19:09 -05:00
2010-05-12 23:44:28 +02:00
config/Makefile
2014-01-16 16:27:51 -05:00
config/apparmor/Makefile
2018-09-20 15:55:21 -07:00
config/apparmor/abstractions/start-container
2014-07-24 17:25:46 -04:00
config/selinux/Makefile
2014-01-20 23:49:19 -05:00
config/bash/Makefile
config/bash/lxc
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
config/init/Makefile
2014-08-25 15:00:46 -04:00
config/init/common/Makefile
config/init/common/lxc-containers
config/init/common/lxc-net
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
config/init/systemd/Makefile
2014-05-19 15:57:26 -04:00
config/init/systemd/lxc.service
2015-06-30 13:19:17 -07:00
config/init/systemd/lxc@.service
2014-07-31 08:53:53 +02:00
config/init/systemd/lxc-net.service
2014-08-25 15:00:46 -04:00
config/init/sysvinit/Makefile
config/init/sysvinit/lxc-containers
config/init/sysvinit/lxc-net
2016-03-04 16:40:21 +01:00
config/init/upstart/lxc.conf
2014-08-25 15:00:46 -04:00
config/init/upstart/lxc-net.conf
init: Add upstart jobs and some more changes (v3)
This adds the 3 upstart jobs that we've had in Ubuntu for a while:
- lxc.conf: Main upstart job, triggers lxc-net.conf based on config
- lxc-instance.conf: Triggered by lxc.conf for each auto-started container
- lxc-net.conf: Triggered by lxc.conf, sets up lxcbr0, NAT, mangling, ...
In addition, there are two extra config files in /etc/default:
- lxc: Allows setting some values like http proxying, disabling autostart, ...
- lxc-net: Network configuration for the lxcbr0 bridge
This change also disables the sysv script for all distros but Oracle as
the current script won't work on either Ubuntu nor Debian and I suspect
quite a few more distros, so it's not nearly as distro-agnostic as we
thought.
For Debian, only install the upstart jobs and systemd unit.
For Ubuntu, only install the upstart jobs.
This change also moves all the init related stuff to config/init/
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-01-16 14:13:14 -05:00
config/init/upstart/Makefile
2013-11-29 19:19:09 -05:00
config/etc/Makefile
config/templates/Makefile
Reduce duplication in new style configs
This is a rather massive cleanup of config/templates/*
As new templates were added, I've noticed that we pretty much all share
the tty/pts configs, some capabilities being dropped and most of the
cgroup configuration. All the userns configs were also almost identical.
As a result, this change introduces two new files:
- common.conf.in
- userns.conf.in
Each is included by the relevant <template>.<type>.conf.in templates,
this means that the individual per-template configs are now overlays on
top of the default config.
Once we see a specific key becoming popular, we ought to check whether
it should also be applied to the other templates and if more than 50% of
the templates have it set to the same value, that value ought to be
moved to the master config file and then overriden for the templates
that do not use it.
This change while pretty big and scary, shouldn't be very visible from a
user point of view, the actual changes can be summarized as:
- Extend clonehostname to work with Debian based distros and use it for
all containers.
- lxc.pivotdir is now set to lxc_putold for all templates, this means
that instead of using /mnt in the container, lxc will create and use
/lxc_putold instead. The reason for this is to avoid failures when the
user bind-mounts something else on top of /mnt.
- Some minor cgroup limit changes, the main one I remember is
/dev/console now being writable by all of the redhat based containers.
The rest of the set should be identical with additions in the per-distro
ones.
- Drop binfmtmisc and efivars bind-mounts for non-mountall based
unpriivileged containers as I assumed they got those from copy/paste
from Ubuntu and not because they actually need those entries. (If I'm
wrong, we probably should move those to userns.conf then).
Additional investigation and changes to reduce the config delta between
distros would be appreciated. In practice, I only expect lxc.cap.drop
and lxc.mount.entry to really vary between distros (depending on the
init system, the rest should be mostly common.
Diff from the RFC:
- Add archlinux to the mix
- Drop /etc/hostname from the clone hook
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-06-20 17:20:06 -04:00
config/templates/common.conf
2015-01-19 15:16:14 -05:00
config/templates/common.conf.d/Makefile
Add a nesting.conf which can be included to support nesting containers (v2)
Newer kernels have added a new restriction: if /proc or /sys on the
host has files or non-empty directories which are over-mounted, and
there is no /proc which fully visible, then it assumes there is a
"security" reason for this. It prevents anyone in a non-initial user
namespace from creating a new proc or sysfs mount.
To work around this, this patch adds a new 'nesting.conf' which can be
lxc.include'd from a container configuration file. It adds a
non-overmounted mount of /proc and /sys under /dev/.lxc, so that the
kernel can see that we're not trying to *hide* things like /proc/uptime.
and /sys/devices/virtual/net. If the host adds this to the config file
for container w1, then container w1 will support unprivileged child
containers.
The nesting.conf file also sets the apparmor profile to the with-nesting
variant, since that is required anyway. This actually means that
supporting nesting isn't really more work than it used to be, just
different. Instead of adding
lxc.aa_profile = lxc-container-default-with-nesting
you now just need to
lxc.include = /usr/share/lxc/config/nesting.conf
(Look, fewer characters :)
Finally, in order to maintain the current apparmor protections on
proc and sys, we make /dev/.lxc/{proc,sys} non-read/writeable.
We don't need to be able to use them, we're just showing the
kernel what's what.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2015-09-03 20:24:06 +00:00
config/templates/nesting.conf
2017-12-07 22:24:48 -08:00
config/templates/oci.common.conf
Reduce duplication in new style configs
This is a rather massive cleanup of config/templates/*
As new templates were added, I've noticed that we pretty much all share
the tty/pts configs, some capabilities being dropped and most of the
cgroup configuration. All the userns configs were also almost identical.
As a result, this change introduces two new files:
- common.conf.in
- userns.conf.in
Each is included by the relevant <template>.<type>.conf.in templates,
this means that the individual per-template configs are now overlays on
top of the default config.
Once we see a specific key becoming popular, we ought to check whether
it should also be applied to the other templates and if more than 50% of
the templates have it set to the same value, that value ought to be
moved to the master config file and then overriden for the templates
that do not use it.
This change while pretty big and scary, shouldn't be very visible from a
user point of view, the actual changes can be summarized as:
- Extend clonehostname to work with Debian based distros and use it for
all containers.
- lxc.pivotdir is now set to lxc_putold for all templates, this means
that instead of using /mnt in the container, lxc will create and use
/lxc_putold instead. The reason for this is to avoid failures when the
user bind-mounts something else on top of /mnt.
- Some minor cgroup limit changes, the main one I remember is
/dev/console now being writable by all of the redhat based containers.
The rest of the set should be identical with additions in the per-distro
ones.
- Drop binfmtmisc and efivars bind-mounts for non-mountall based
unpriivileged containers as I assumed they got those from copy/paste
from Ubuntu and not because they actually need those entries. (If I'm
wrong, we probably should move those to userns.conf then).
Additional investigation and changes to reduce the config delta between
distros would be appreciated. In practice, I only expect lxc.cap.drop
and lxc.mount.entry to really vary between distros (depending on the
init system, the rest should be mostly common.
Diff from the RFC:
- Add archlinux to the mix
- Drop /etc/hostname from the clone hook
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
2014-06-20 17:20:06 -04:00
config/templates/userns.conf
2014-03-27 16:46:38 -04:00
config/yum/Makefile
2014-08-25 15:00:46 -04:00
config/sysconfig/Makefile
config/sysconfig/lxc
2008-11-18 13:45:49 +00:00
2010-05-12 23:44:28 +02:00
doc/Makefile
2013-11-25 13:42:09 +00:00
doc/api/Makefile
2013-02-08 18:49:52 -05:00
doc/lxc-attach.sgml
2013-12-16 15:32:47 -05:00
doc/lxc-autostart.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-cgroup.sgml
doc/lxc-checkconfig.sgml
Add support for checkpoint and restore via CRIU
This patch adds support for checkpointing and restoring containers via CRIU.
It adds two api calls, ->checkpoint and ->restore, which are wrappers around
the CRIU CLI. CRIU has an RPC API, but reasons for preferring exec() are
discussed in [1].
To checkpoint, users specify a directory to dump the container metadata (CRIU
dump files, plus some additional information about veth pairs and which
bridges they are attached to) into this directory. On restore, this
information is read out of the directory, a CRIU command line is constructed,
and CRIU is exec()d. CRIU uses the lxc-restore-net callback (which in turn
inspects the image directory with the NIC data) to properly restore the
network.
This will only work with the current git master of CRIU; anything as of
a152c843 should work. There is a known bug where containers which have been
restored cannot be checkpointed [2].
[1]: http://lists.openvz.org/pipermail/criu/2014-July/015117.html
[2]: http://lists.openvz.org/pipermail/criu/2014-August/015876.html
v2: fixed some problems with the s/int/bool return code form api function
v3: added a testcase, fixed up the man page synopsis
v4: fix a small typo in lxc-test-checkpoint-restore
v5: remove a reference to the old CRIU_PATH, and a bad error about the same
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
2014-08-26 09:09:36 -05:00
doc/lxc-checkpoint.sgml
2014-01-23 11:38:47 -05:00
doc/lxc-config.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-console.sgml
2015-11-12 21:11:30 +01:00
doc/lxc-copy.sgml
2008-11-18 13:45:49 +00:00
doc/lxc-create.sgml
doc/lxc-destroy.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-device.sgml
2008-11-18 13:45:49 +00:00
doc/lxc-execute.sgml
doc/lxc-freeze.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-info.sgml
2008-11-18 13:45:49 +00:00
doc/lxc-ls.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-monitor.sgml
2013-09-12 15:07:11 -05:00
doc/lxc-snapshot.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-start.sgml
doc/lxc-stop.sgml
2013-01-24 11:42:22 -05:00
doc/lxc-top.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-unfreeze.sgml
doc/lxc-unshare.sgml
2017-09-19 12:41:24 +02:00
doc/lxc-update-config.sgml
2013-12-17 11:02:44 -06:00
doc/lxc-user-nic.sgml
2014-01-17 15:15:45 -06:00
doc/lxc-usernsexec.sgml
2013-02-08 18:49:52 -05:00
doc/lxc-wait.sgml
2008-11-19 16:58:09 +00:00
doc/lxc.conf.sgml
2014-01-22 16:13:24 -05:00
doc/lxc.container.conf.sgml
doc/lxc.system.conf.sgml
2013-12-17 11:02:44 -06:00
doc/lxc-usernet.sgml
2008-11-20 15:04:09 +00:00
doc/lxc.sgml
2009-05-28 15:32:30 +02:00
doc/common_options.sgml
2009-05-28 15:32:29 +02:00
doc/see_also.sgml
2008-11-18 13:45:49 +00:00
2010-05-27 14:27:13 +02:00
doc/rootfs/Makefile
2009-11-19 15:06:02 +01:00
doc/examples/Makefile
doc/examples/lxc-macvlan.conf
2009-12-15 10:14:27 +01:00
doc/examples/lxc-vlan.conf
2009-11-19 15:06:02 +01:00
doc/examples/lxc-no-netns.conf
doc/examples/lxc-empty-netns.conf
doc/examples/lxc-phys.conf
doc/examples/lxc-veth.conf
2010-01-08 15:19:20 +01:00
doc/examples/lxc-complex.conf
2009-11-19 15:06:02 +01:00
2013-09-05 11:38:32 +00:00
doc/ja/Makefile
doc/ja/lxc-attach.sgml
2013-12-20 21:27:45 +09:00
doc/ja/lxc-autostart.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc-cgroup.sgml
doc/ja/lxc-checkconfig.sgml
2014-08-27 16:09:52 +09:00
doc/ja/lxc-checkpoint.sgml
2014-01-24 18:37:22 +09:00
doc/ja/lxc-config.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc-console.sgml
2015-12-03 18:13:41 +09:00
doc/ja/lxc-copy.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc-create.sgml
doc/ja/lxc-destroy.sgml
doc/ja/lxc-device.sgml
doc/ja/lxc-execute.sgml
doc/ja/lxc-freeze.sgml
doc/ja/lxc-info.sgml
doc/ja/lxc-ls.sgml
doc/ja/lxc-monitor.sgml
2013-10-08 16:15:05 +09:00
doc/ja/lxc-snapshot.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc-start.sgml
doc/ja/lxc-stop.sgml
doc/ja/lxc-top.sgml
doc/ja/lxc-unfreeze.sgml
doc/ja/lxc-unshare.sgml
2017-09-25 20:14:57 +09:00
doc/ja/lxc-update-config.sgml
2013-12-18 16:25:45 +09:00
doc/ja/lxc-user-nic.sgml
2014-01-20 16:07:46 +09:00
doc/ja/lxc-usernsexec.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc-wait.sgml
doc/ja/lxc.conf.sgml
2014-01-23 19:56:41 +09:00
doc/ja/lxc.container.conf.sgml
doc/ja/lxc.system.conf.sgml
2013-12-18 16:25:45 +09:00
doc/ja/lxc-usernet.sgml
2013-09-05 11:38:32 +00:00
doc/ja/lxc.sgml
doc/ja/common_options.sgml
doc/ja/see_also.sgml
2015-06-11 09:16:54 +09:00
doc/ko/Makefile
doc/ko/lxc-attach.sgml
doc/ko/lxc-autostart.sgml
doc/ko/lxc-cgroup.sgml
doc/ko/lxc-checkconfig.sgml
doc/ko/lxc-checkpoint.sgml
doc/ko/lxc-config.sgml
doc/ko/lxc-console.sgml
2015-11-19 12:10:25 +09:00
doc/ko/lxc-copy.sgml
2015-06-11 09:16:54 +09:00
doc/ko/lxc-create.sgml
doc/ko/lxc-destroy.sgml
doc/ko/lxc-device.sgml
doc/ko/lxc-execute.sgml
doc/ko/lxc-freeze.sgml
doc/ko/lxc-info.sgml
doc/ko/lxc-ls.sgml
doc/ko/lxc-monitor.sgml
doc/ko/lxc-snapshot.sgml
doc/ko/lxc-start.sgml
doc/ko/lxc-stop.sgml
doc/ko/lxc-top.sgml
doc/ko/lxc-unfreeze.sgml
doc/ko/lxc-unshare.sgml
doc/ko/lxc-user-nic.sgml
doc/ko/lxc-usernsexec.sgml
doc/ko/lxc-wait.sgml
doc/ko/lxc.conf.sgml
doc/ko/lxc.container.conf.sgml
doc/ko/lxc.system.conf.sgml
doc/ko/lxc-usernet.sgml
doc/ko/lxc.sgml
doc/ko/common_options.sgml
doc/ko/see_also.sgml
2013-02-19 15:44:19 -05:00
hooks/Makefile
2017-12-07 22:04:36 -08:00
hooks/dhclient
2013-02-19 15:44:19 -05:00
2010-06-07 11:33:55 +02:00
templates/Makefile
2014-01-14 00:06:26 +01:00
templates/lxc-busybox
2014-01-10 17:28:07 -05:00
templates/lxc-download
2018-02-26 12:49:10 +01:00
templates/lxc-local
2017-08-05 11:24:25 -05:00
templates/lxc-oci
2008-11-28 15:36:51 +00:00
2010-05-12 23:44:28 +02:00
src/Makefile
2008-08-06 14:32:29 +00:00
src/lxc/Makefile
2013-02-06 15:11:19 -06:00
src/lxc/lxc.functions
2018-01-12 13:49:55 +01:00
src/lxc/cmd/lxc-checkconfig
2018-01-12 13:56:37 +01:00
src/lxc/cmd/lxc-update-config
2013-12-01 23:14:17 -05:00
src/lxc/version.h
2012-08-27 19:04:43 -04:00
2012-08-27 18:53:00 -04:00
src/tests/Makefile
2014-01-24 12:51:01 -05:00
src/tests/lxc-test-usernic
2008-08-06 14:32:29 +00:00
])
AC_CONFIG_COMMANDS([default],[[]],[[]])
AC_OUTPUT
2013-12-15 18:48:38 -05:00
# Configuration overview
cat << EOF
----------------------------
2018-02-14 11:33:33 +01:00
Binaries
- Command Line Tools:
- lxc-attach: $enable_tools
- lxc-autostart: $enable_tools
- lxc-cgroup: $enable_tools
- lxc-checkpoint: $enable_tools
- lxc-config: $enable_tools
- lxc-console: $enable_tools
- lxc-copy: $enable_tools
- lxc-create: $enable_tools
- lxc-destroy: $enable_tools
- lxc-device: $enable_tools
- lxc-execute: $enable_tools
- lxc-freeze: $enable_tools
- lxc-info: $enable_tools
- lxc-ls: $enable_tools
- lxc-monitor: $enable_tools
- lxc-snapshot: $enable_tools
- lxc-start: $enable_tools
- lxc-stop: $enable_tools
- lxc-top: $enable_tools
- lxc-unfreeze: $enable_tools
- lxc-unshare: $enable_tools
- lxc-wait: $enable_tools
- liblxc Commands:
- lxc-checkconfig: $enable_commands
- lxc-update-config: $enable_commands
- lxc-init: $enable_commands
- lxc-monitord: $enable_commands
- lxc-user-nic: $enable_commands
- lxc-usernsexec: $enable_commands
2013-12-15 18:48:38 -05:00
Environment:
- compiler: $CC
- distribution: $with_distro
2014-01-06 14:05:12 -05:00
- init script type(s): $init_script
2013-12-15 18:48:38 -05:00
- rpath: $enable_rpath
2013-12-23 22:12:17 +01:00
- GnuTLS: $enable_gnutls
2014-01-20 23:49:19 -05:00
- Bash integration: $enable_bash
2013-12-15 18:48:38 -05:00
Security features:
- Apparmor: $enable_apparmor
- Linux capabilities: $enable_capabilities
- seccomp: $enable_seccomp
- SELinux: $enable_selinux
2018-02-26 16:54:57 +01:00
PAM:
2018-02-26 16:57:03 +01:00
- PAM module: $enable_pam
2018-02-26 16:54:57 +01:00
- cgroup PAM module: $pamdir
2013-12-15 18:48:38 -05:00
Documentation:
- examples: $enable_examples
- API documentation: $enable_api_docs
- user documentation: $enable_doc
Debugging:
- tests: $enable_tests
- mutex debugging: $enable_mutex_debugging
Paths:
- Logs in configpath: $enable_configpath_log
2018-08-22 13:13:29 +02:00
Thread-safety:
- enforce: $enable_thread_safety
2018-09-11 16:04:25 +09:00
Dlog:
- enable: $enable_dlog
2013-12-15 18:48:38 -05:00
EOF
