[Blueprint servercloud-q-lxc] Lxc work for Q

Serge Hallyn serge.hallyn at ubuntu.com
Tue Sep 25 16:38:44 UTC 2012 

Blueprint changed by Serge Hallyn:

Work items changed:
  Work items:
  [stgraber] Review list of extra packages in lxc-ubuntu and have it contain the right list for each release: DONE
  [cooloney] check that all new cgroups are enabled in quantal kernel: DONE
  [serge-hallyn] pre-mount cgroups during container startup (using optional mount hook): DONE
  [serge-hallyn] send attach patch sets to kernel-team ASAP: DONE
  [serge-hallyn] convert lxc-apparmor patchset to generic lsm set: DONE
  [serge-hallyn] add smack support to lsm set: POSTPONED
  [serge-hallyn] add selinux support to lsm set: POSTPONED
  [kees] package libscecomp to aid bpf creation http://sourceforge.net/projects/libseccomp/: DONE
  [serge-hallyn] exploit libseccomp in lxc-start: DONE
  [serge-hallyn] come up with default seccomp containers profile (all syscalls - for x86-64, 0-300 and 1024-1079): DONE
  [apw] expect SECCOMP to drop in v3.5 replacing our patches (confirmed): DONE
  [ebiederm] fix lxc-attach upstream to use the new setns syntax: DONE
  [serge-hallyn] write a patch for lxc to use user namespaces: BLOCKED
  [ebiederm] patch adduser: POSTPONED
- [ebiederm] get rest of v40 of userns patchset upstream: INPROGRESS
  [ebiederm] push userns patches to allow containers to mount, pivot_root, and rename nics: DONE
- [ebiederm] push remaining userns patches needed for simple containers: INPROGRESS
  [ebiederm] get setns(mnt) upstream: DONE
  [ebiederm] get setns(pid) upstream: POSTPONED
  [serge-hallyn] extend lxc-attach to support attaching only to specific namespaces (done by community): DONE
  [stgraber] add the lxc-nesting apparmor profile to the package in quantal: DONE
  [serge-hallyn] send usernamespace patchset ASAP to kernel team (link to git repo for review): DONE
  [stgraber] write the hookpoints and send to the lxc-devel list for review: DONE
  [serge-hallyn] Post POC patchset implementing hookpoints to lxc-devel: DONE
  [serge-hallyn] implement configuration file #includes (stretch goal): DONE
  [serge-hallyn] example for encrypted root in the package README and blog: DONE
  [serge-hallyn] investigate post commit hook to email out changes: DONE
  [serge-hallyn] document mounts sharing through /shared using hooks: POSTPONED
  [serge-hallyn] apport hook for lxc bugs: DONE
  [stgraber] where do crashes in the container go (they're caught by the kernel core_pattern and sent to the host which fails to parse them as apport isn't lxc aware): DONE
  [james-page] hook testing up to jenkins: TODO
  [serge-hallyn] convert the test suite to utah: DONE
  [serge-hallyn] fedora 16 and 17 and open-suse templates need to be made to work (stretch goal): POSTPONED
  [stgraber] make an liblxc API definition and publicise (+ serge-hallyn): DONE
  [stgraber] Create python module using the API: DONE
  [serge-hallyn] server guide 12.10 update for API: DONE
  [serge-hallyn] server guide 12.10 update for hooks: DONE
  [serge-hallyn] server guide 12.10 update using user namespaces: POSTPONED
  [serge-hallyn] server guide 12.10 update apparmor changes: DONE
  [serge-hallyn] server guide 12.10 update for using seccomp: DONE

-- 
Lxc work for Q
https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-lxc

More information about the Ubuntu-server-bugs mailing list