227651bf69
Bumping lxc to version v6.0.5, which comprises the following commits:
9e4e69ed1 Release LXC 6.0.5
a0fb994a5 build(deps): bump actions/checkout from 4 to 5
93a06e70f lxc/conf: do not leak opts.data memory in __lxc_idmapped_mounts_child()
97eeb8a9a lxc/network: null-terminate ifname string in lxc_network_recv_name_and_ifindex_from_child()
7a94d11d9 tests/lxc-test-snapdeps: try to load overlay kernel module
0bf6aedf0 tests/lxc-test-rootfs: add idmapped rootfs testcase
98ebede63 lxc/lxccontainer: stop printing misleading errors in enter_net_ns()
7111f9d83 lxc/process_utils.h: use strsignal() or sys_siglist[] for Non-GNU distros
032290ec8 meson.build: use has_header_symbol() instead of get_define() to improve compatibility
85c5312be meson.build: fix checks for fsconfig and calls
4da694582 meson.build: set `LXC_DISTRO_SYSCONF` when `-Dspecfile=true`
e4cddef06 Add loong64 to list of recognized architectures
e9980ac90 Revert "re-add onexec for apparmor, move label assumption until after container has been setup for attach"
ab55d52a5 src/tests/oss-fuzz: pin meson to 1.7.2 to workaround build failures
9041ae313 lxc/conf: support flag kind of mount options in lxc.mount.entry options
859f736f0 lxc/conf: support nosymfollow mount flag
c42951b71 conf: Add support for "move" mount flag
e6bce2a2d src/tests/lxc-test-unpriv: prevent fail on cleanup path
601576a08 src/tests/lxc-test-apparmor-mount: prevent fail on cleanup path
b12d1bf89 src/tests/lxc-test-apparmor-generated: enable test
e35133a54 meson.build: remove quirk for Ubuntu 14.04 libcap-dev
cbe34bcc2 apparmor test: add an overlay container start
1541bd8f2 re-add onexec for apparmor, move label assumption until after container has been setup for attach
8ab6ad25b lxc/conf,start: fix setting container_ttys environment variable
b185e523f selinux: fix typo (AppArmor)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
The meta-virtualization layer is the authoritative resource for virtualization technologies in OpenEmbedded / Yocto built distributions. It provides support or both hypervisor-based virtualization (such as KVM, Xen, and QEMU) and system-level virtualization (Linux containers), along with the host and guest technologies required to build complete solutions ranging from embedded systems to full deep CNCF stack deployments.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernetes configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Collaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.