Commit graph

372 commits

Author SHA1 Message Date
Antonio Terceiro
64f561073c forward_ports: bind to localhost only by default
This has been raised as security concern on vagrant itself, and fixed
there some time ago.
2015-08-28 14:58:16 +02:00
Michael Stucki
7eb3be37de driver.rb: Check for correct bridge device name 2015-08-25 10:20:21 +02:00
Michael Stucki
31bb4eadf9 Move away from using ifconfig to ip link for enabling / disabling bridge devices 2015-08-25 10:18:14 +02:00
Michael Stucki
c3508870fd Private networking: Create bridge if it is missing 2015-07-06 18:01:18 +02:00
Michael Stucki
fb661300e7 Move bridge_exists check into a function 2015-07-06 18:01:15 +02:00
Fabio Rehm
52cca8e7f6 Merge pull request #355 from lfaraone/use-current-ruby
vagrant-lxc-wrapper: Use correct ruby interpreter
2015-04-06 10:58:53 -03:00
Fabio Rehm
55bbadef6f Merge pull request #352 from ccope/private_dhcp
Support private networking using DHCP
2015-04-06 10:56:38 -03:00
Fabio Rehm
8cb0afeb39 Merge pull request #357 from agriffis/fedora-host-selinux-ro
Mount the selinux sys dir read-only [GH-301]
2015-04-06 10:51:30 -03:00
Cam Cope
caa3c53a8f move mountpoint creation to lxc template for lvm rootfs support 2015-04-05 17:46:22 -07:00
Aron Griffis
7d017ada1e Mount the selinux sys dir read-only [GH-301] 2015-03-24 17:42:11 -04:00
Luke Faraone
05fdb3e000 vagrant-lxc-wrapper: Use correct ruby interpreter
Previously, we hardcoded to using the ruby binary in /opt/vagrant[..].
On some systems, this path is incorrect, so instead we use the
path of the interpreter that is executing the `vagrant lxc sudoers`
command.
2015-03-19 16:22:00 -07:00
Cam Cope
5da3fc8be5 support containers with dhcp private networking 2015-03-08 19:58:29 -07:00
Fabio Rehm
3b45b92d1a v1.1.0 2015-01-14 21:44:28 -02:00
Fabio Rehm
156bc015c8 Allow backingstore options to be used along with the sudo wrapper script [GH-310] 2015-01-14 21:07:35 -02:00
Fabio Rehm
fb23e606cc action/create: Trim automatically generated container names to 64 chars
Fixes GH-337
2015-01-11 21:30:11 -02:00
Fabio Rehm
ef06ea622e Remove blank file 2015-01-11 21:18:56 -02:00
Fabio Rehm
555499d04a Merge branch 'master' of https://github.com/pruby/vagrant-lxc into next
Closes GH-329
2015-01-11 21:06:46 -02:00
Fabio Rehm
447d0dfc42 Experimental support for private networking [GH-298] 2015-01-11 20:59:38 -02:00
Fabio Rehm
bf3a9a5039 action: Some more tweaks around private networking + new pipework code [GH-298] 2015-01-08 03:57:49 -02:00
Fabio Rehm
28bdbe371d Merge remote-tracking branch 'origin/private-networks' into next 2015-01-08 02:28:45 -02:00
Fabio Rehm
758703ea6b provider: Use full which path when checking whether the lxc-create command is available
Fixes GH-322
2015-01-08 02:26:25 -02:00
Fabio Rehm
8b37056294 provider: Show an user friendly message when trying to use the plugin on non-Linux environments 2015-01-08 02:17:32 -02:00
Fabio Rehm
2a667b88b6 plugin: Give the provider a higher priority over Vagrant's builtin VBox provider 2015-01-08 00:55:19 -02:00
Fabio Rehm
2a48f366d4 Merge branch 'tempfile_problem' of https://github.com/stefan-langenmaier/vagrant-lxc into next 2015-01-08 02:07:02 +00:00
Fabio Rehm
67523019aa 👋 to support for Vagrant < 1.5 2015-01-07 23:48:10 -02:00
Tim Goddard
fe532525c8 Support for formatted overlayfs path spec when finding the root FS path
We're using snapshots in a CI set-up so that a Vagrant cluster can be built
once, then each push to the repository only checked as an incremental
update to the cluster. We copy each LXC VM to a master image, then re-create
the original names as snapshots.

This change corrects a method which assumes the LXC root path in the config
file is a simple directory name, which is only true for directory-backed
instances.

Conflicts:
	spec/unit/driver_spec.rb
2014-11-12 15:21:28 +13:00
Stefan Langenmaier
188a1eb089 uninitialized constant Tempfile 2014-11-05 08:50:46 -05:00
Fabio Rehm
71e210f683 v1.0.1 2014-10-15 01:04:37 -03:00
Fabio Rehm
186d453621 Prefix action to fetch containers IP with ssh so that vagrant does not lock around its execution
Closes GH-321
2014-10-15 01:02:52 -03:00
Fabio Rehm
80ca559258 Tweaks to get the changes introduced on GH-317 to work with the sudo wrapper 2014-10-15 01:01:43 -03:00
Fabio Rehm
b4a642bc8a Merge pull request #318 from rtkrruvinskiy/lock_race
Work around WaitForCommunicator lock race condition
2014-10-15 00:31:10 -03:00
Ray Ruvinskiy
dc55c914e4 Work around WaitForCommunicator lock race condition
The LXC provider issues the "fetch_ip" action to look up the IP address
of the container as part of its "ssh_info" action.
Vagrant::LXC::Action.action_fetch_ip checks the machine state using
Builtin::IsState, which calls Vagrant::Machine.state, which also updates
the state in the machine index and acquires a machine index entry lock to do that.
A race condition ensues in WaitForCommunicator.call, where ready_thr tries
to acquire the machine index lock while running ssh_info, and states_thr tries
to acquire the same lock doing its own state look up (env[:machine].state.id).
If they both try to acquire the lock at the same time, one will fail, and
an exception will be raised.

Work around this issue by checking for the desired machine state (:running) in
Vagrant::LXC::Provider.ssh_info, which can get the state from
Vagrant::LXC::Provider.state, which in turn does not write out the state into
the index file and does not acquire the index entry lock.
2014-09-29 16:47:29 -04:00
Azamat Khudaygulov
f454924a59 The path of storage containers taken from lxc-config, instead of using a constant for lxc>=1.0.0.
* for lxc to 1.0.0 using constant Vagrant::LXC::Driver::DEFAULT_CONTAINERS_PATH
 * change method Vagrant::LXC::Driver::CLI#version to call lxc-create if lxc-version command not exists (to lxc version 1.0.0)
2014-09-23 16:07:03 +04:00
Fabio Rehm
e76a18185c 🎆 v1.0.0 🎆 2014-09-23 01:03:48 -03:00
Fabio Rehm
5fa6f0dd09 synced_folder: Emit vagrant-mounted upstart event when starting containers
Closes GH-302
2014-09-22 23:44:01 -03:00
Fabio Rehm
8ffc9ef92a Remove version suffix from generated sudoers commands 2014-09-22 23:07:12 -03:00
Franz Pletz
ec4a52559a Add check for box updates to start action
This action apparently needs to be added to every provider. See
lib/vagrant/plugins/providers/virtualbox/action.rb from the Vagrant
source for reference how the virtualbox provider is doing it.
2014-09-05 20:52:03 +02:00
Fabio Rehm
3f7c7ecabf v1.0.0.alpha.3 2014-08-09 16:37:40 -03:00
Fabio Rehm
aac8c31410 driver: Remove calls to in favor of Vagrant's built in graceful halt 2014-07-24 21:58:04 -03:00
Fabio Rehm
d0642c95fd command/sudoers: Move wrapper string out to a template and use the full path to the scripts in order to make things work properly across different distros
Closes GH-304
Closes GH-305
2014-07-24 21:58:04 -03:00
Fabio Rehm
d3b9d53097 driver/cli: Deal with namespaces args for lxc-attach when the sudo wrapper script is in place [GH-300] 2014-07-24 21:58:04 -03:00
Fabio Rehm
752fa9b4e5 action/fetch_ip_with_lxc_attach: Attach to the MOUNT namespace in order to fix GH-300 2014-07-24 21:58:04 -03:00
Fabio Rehm
5232f2c7b1 Begin work on supporting private networks 2014-06-09 00:48:52 -03:00
Fabio Rehm
09f855dc76 command/sudoers: Remove Cmnd_Alias from sudoers file
Since the wrapper is versioned, we would end up having multiple `LXC`
command aliases, making `sudo` unusable:

```
>>> /etc/sudoers.d/vagrant-lxc-1-0-0-alpha-3-dev: Alias `LXC' already
>>> defined near line 2 <<<
sudo: parse error in /etc/sudoers.d/vagrant-lxc-1-0-0-alpha-3-dev near
line 2
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
```
2014-06-08 23:44:02 -03:00
Fabio Rehm
b4376ef995 command/sudoers: Use Vagrant's ruby for the sudoers file
This makes things work on systems that don't have a global ruby
installation in place and fix GH-289
2014-06-08 23:36:29 -03:00
Fabio Rehm
3e22f424e6 driver: Escape synced folders with spaces
Fix GH-291
2014-06-08 23:27:27 -03:00
Fabio Rehm
a284d66f9e Lets release another alpha before going to beta 2014-06-08 22:52:33 -03:00
Fabio Rehm
f49585db51 driver/cli: Improved lxc-attach check [GH-294] 2014-06-08 22:52:33 -03:00
Kristof Willaert
a4768c26ca Add fallback mechanism for platforms without attach support
Some platforms (most notably CentOS and RHEL) use a kernel without
'attach' support. This patch detects this absence and falls back
to the alternative ways of doing things like detection of IP address
and halting the container.
It does so by running the command "true" through lxc-attach.
2014-06-03 17:53:26 +02:00
Fabio Rehm
3a4c0ca79d Up dev version 2014-05-13 00:29:42 -03:00