[Blueprint servercloud-q-lxc] Lxc work for Q
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Sep 10 17:36:37 UTC 2012
Blueprint changed by Serge Hallyn:
Work items changed:
Work items:
[stgraber] Review list of extra packages in lxc-ubuntu and have it contain the right list for each release: DONE
[cooloney] check that all new cgroups are enabled in quantal kernel: DONE
[serge-hallyn] pre-mount cgroups during container startup (using optional mount hook): DONE
[serge-hallyn] send attach patch sets to kernel-team ASAP: DONE
[serge-hallyn] convert lxc-apparmor patchset to generic lsm set: DONE
[serge-hallyn] add smack support to lsm set: POSTPONED
[serge-hallyn] add selinux support to lsm set: POSTPONED
[kees] package libscecomp to aid bpf creation http://sourceforge.net/projects/libseccomp/: DONE
[serge-hallyn] exploit libseccomp in lxc-start: DONE
[serge-hallyn] come up with default seccomp containers profile (all syscalls - for x86-64, 0-300 and 1024-1079): DONE
[apw] expect SECCOMP to drop in v3.5 replacing our patches (confirmed): DONE
[ebiederm] fix lxc-attach upstream to use the new setns syntax: DONE
[serge-hallyn] write a patch for lxc to use user namespaces: BLOCKED
[ebiederm] patch adduser: POSTPONED
[ebiederm] get rest of v40 of userns patchset upstream: INPROGRESS
[ebiederm] push userns patches to allow containers to mount, pivot_root, and rename nics: DONE
[ebiederm] push remaining userns patches needed for simple containers: INPROGRESS
[ebiederm] get setns(mnt) upstream: DONE
[ebiederm] get setns(pid) upstream: POSTPONED
[serge-hallyn] extend lxc-attach to support attaching only to specific namespaces (done by community): DONE
[stgraber] add the lxc-nesting apparmor profile to the package in quantal: DONE
[serge-hallyn] send usernamespace patchset ASAP to kernel team (link to git repo for review): DONE
[stgraber] write the hookpoints and send to the lxc-devel list for review: DONE
[serge-hallyn] Post POC patchset implementing hookpoints to lxc-devel: DONE
[serge-hallyn] implement configuration file #includes (stretch goal): DONE
[serge-hallyn] example for encrypted root in the package README and blog: DONE
[serge-hallyn] investigate post commit hook to email out changes: DONE
[serge-hallyn] document mounts sharing through /shared using hooks: POSTPONED
[serge-hallyn] apport hook for lxc bugs: DONE
[stgraber] where do crashes in the container go: TODO
[james-page] hook testing up to jenkins: TODO
[serge-hallyn] convert the test suite to jenkins: TODO
[serge-hallyn] fedora 16 and 17 and open-suse templates need to be made to work (stretch goal): POSTPONED
[stgraber] make an liblxc API definition and publicise (+ serge-hallyn): DONE
[stgraber] Create python module using the API: DONE
[serge-hallyn] server guide 12.10 update for API: TODO
- [serge-hallyn] server guide 12.10 update for hooks: TODO
+ [serge-hallyn] server guide 12.10 update for hooks: DONE
[serge-hallyn] server guide 12.10 update using user namespaces: POSTPONED
[serge-hallyn] server guide 12.10 update apparmor changes: TODO
- [serge-hallyn] server guide 12.10 update for using seccomp: TODO
+ [serge-hallyn] server guide 12.10 update for using seccomp: DONE
--
Lxc work for Q
https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-lxc
More information about the Ubuntu-server-bugs
mailing list