News¶

LXCFS 6.0.2 LTS has been released¶

17 Sep 2024

Introduction¶

The LXCFS team is pleased to announce the release of LXCFS 6.0.2!

This is the second bugfix release for LXCFS 6.0 which is supported until June 2029.

Changes¶

Some of the highlights for this release are:

• Fix building of LXCFS on musl systems (missing include)

The full list of commits is available below:

Detailed changelog

• Add missing linux/limits.h include

Support and upgrade¶

The LXCFS 6.0 branch is supported until June 2029.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads¶

• Main release tarball: lxcfs-6.0.2.tar.gz
• GPG signature: lxcfs-6.0.2.tar.gz.asc

LXCFS 6.0.1 LTS has been released¶

26 Jun 2024

Introduction¶

The LXCFS team is pleased to announce the release of LXCFS 6.0.1!

This is the first bugfix release for LXCFS 6.0 which is supported until June 2029.

Changes¶

Some of the highlights for this release are:

• Support for running multiple instances of LXCFS (--runtime-dir)
• Detect systems that has a Yama policy preventing reading process personalities

The full list of commits is available below:

Detailed changelog

• github: add lxcfs live upgrade compatibility test
• proc: checks system security policy before trying to get personalities
• lxcfs/bindings: Refactor RUNTIME_PATH so that it can be overridden on startup
• lxcfs/bindings: add a flag for overriding the runtime dir
• github: update coverity test to use Ubuntu 22.04
• README.md: add info about how to collect a core dump
• github: add ISSUE_TEMPLATE.md
• tests: Update for multiple runtime paths

Support and upgrade¶

The LXCFS 6.0 branch is supported until June 2029.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads¶

• Main release tarball: lxcfs-6.0.1.tar.gz
• GPG signature: lxcfs-6.0.1.tar.gz.asc

LXCFS 6.0 LTS has been released¶

1 Apr 2024

Introduction¶

The LXCFS team is pleased to announce the release of LXCFS 6.0 LTS!

This is the result of two years of work since the LXCFS 5.0 release and is the fifth LTS release for the LXCFS project. This release will be supported until June 2029.

Highlights¶

New --enable-cgroup option¶

LXCFS can provide a virtual cgroupfs (v1) tree for use by containers.
This feature was implemented prior to cgroup namespaces being implemented in the kernel and effectively allow providing a similar experience on kernels lacking that feature.

As most supported Linux distributions now all feature a kernel supporting cgroup namespaces and most new distros have even switched away from cgroupv1, it didn't make sense to keep this feature enabled by default. As a result, it has now been moved behind a new startup argument, --enable-cgroup.

CPUs no longer masked in /sys/devices/system/cpu¶

LXCFS 5.0 shipped with logic to filter out entries in /sys/devices/system/cpu based on what CPUs were allowed in the caller's cpuset. This behavior doesn't actually reflect the behavior on normal systems where even offline CPUs still show up in /sys/devices/system/cpu.

As a result, LXCFS 6.0 reversed that logic and is now only making sure to keep the list of online/offline CPUs up to date while the individual CPU directories all remain accessible.

Full changelog¶

Changelog

• lxcfs_fuse: ensure lxcfs_fuse_compat.h is included after including fuse header
• tree-wide: remove struct stat argument from DIR_FILLER and make it static inline
• tree-wide: ensure that file information is set even with legacy fuse
• tests: add test for issue #522
• meson: Include documentation
• workflows: disable documentation generation
• sysfs: Don't incorrectly filter entries
• tests: Fix sysfs test
• utils: add and use opathdir()
• sysfs_fuse: fix indendation
• sysfs_fuse: generate file info for cpu entries as well
• meson: bump fuse version
• github: add fuse3 tests
• meson: handle fuse versions with buggy dt_type handling
• init/meson: Use libdir instead of hardcoded /lib path
• Query systemd system unit dir.
• support explicit fuse version choice
• github: Re-organize Github Actions
• tests: Skip sysfs test on older FUSE versions
• init: Fix install paths for sysvinit and openrc
• meson: Support multiple init systems
• meson: Syntax nit
• proc_fuse: extra space in /proc/stat
• util: remove doubled comment
• sysfs: correct file size of /sys/devices/system/cpu/online.
• sysfs: cleanup sys_devices_system_cpu_online_getsize
• cgroup v2: return cpuset cpu count when no quota is set
• re-initialize library after reload
• replace opathdir with opendir_flags
• github: Restrict permissions
• github: Validate target branch
• fix reinitialization with fuse3
• set oom_score_adj of lxcfs process to -1000
• init: respect --prefix when installing systemd unit files
• Fix build on ia64
• doc: guide for mount /sys/devices/system/cpu in docker demo
• utils: add safe_uint32() helper
• macro.h: add strnprintf macro
• utils: add get_task_personality helper
• cpuview: paththrough personality when reading cpuinfo
• cpuview: fix possible use-after-free in find_proc_stat_node
• github: make coverity workflow work with meson
• README: how to build with sanitizers
• cpuset_parse: check input string in cpuset_nexttok
• github: enable ASAN and UBSAN during PR tests
• lxcfs: explicitly enable direct_IO for libfuse3
• lxcfs: fix copypaste typo in error message
• /proc/stat: render physical cpu number in non-view mode
• sysfs: don't mask cpus in /sys/devices/system/cpu
• lxcfs: handle NULL path in lxcfs_releasedir/lxcfs_release
• cpuview: fix ABBA deadlock in find_proc_stat_node
• build: tools: keep trailing newline in jinja2 renderer
• Revert "init: respect --prefix when installing systemd unit files"
• proc: fix /proc/diskstats output format
• github: start using ubuntu-22.04 image
• github: remove ubuntu-18.04
• tests: adapt for cgroup2
• cpuview: resolve cpu cgroup path separately from cpuset the cgroup path is different in kubernetes with containerd runtime.
• lxcfs: preparation for FUSE_INTERRUPT support
• lxcfs: add fuse interruptible locks
• cpuview: start to use interruptible lock primitives
• github: Update for main branch
• proc_loadavg: fix ABBA deadlock between read/refresh
• proc: Fix /proc/cpuinfo not respecting personality
• proc_loadavg.c: Fix incompatible integer to pointer conversion
• cgroups: cleanup and remove unused cgroup2_devices code
• loadavg: make cleanup of start_loadavg
• cpuview: pass a correct argument to lxcfs_debug
• lxcfs: Add startup message
• proc: fix MemAvailable in /proc/meminfo to exclude tmpfs files
• systemd: mkdir -p the target mount dir
• typofix: fix incorrect printing in lxcfs help interface
• Add macro pivot&bpf for loongarch64
• lxc.mount.hook: Skip cpu sysfs logic if missing target
• sysfs: forbid write()
• lxcfs: introduce new option --enable-cgroup
• tests: use --enable-cgroup for tests
• github: workaround CI issue with ASAN
• Revert "github: workaround CI issue with ASAN"
• proc_fuse: Fix get_swap_info typo swtotal == 0 -> *swtotal == 0
• proc: Fix swap handling for cgroups v2 (can_use_swap)
• proc: Fix swap handling for cgroups v2 (zero limits)
• cgroup_utils: explicitly check for cgroup2 FDs in cgroup_walkup_to_root

Support and upgrade¶

LXCFS 6.0 will be supported until June 2029 and our current LTS release, LXCFS 5.0 will now switch to a slower maintenance pace, only getting critical bugfixes and security updates.

We strongly recommend all LXCFS users to plan an upgrade to the 6.0 branch.

Future release cadence¶

To make new LXCFS features more readily available to users, we have decided to start producing non-LTS releases again. The planned interval is every 6 months with LXCFS 6.1 planned for October.

Those releases will not benefit from the LTS guarantees around stability, support and security maintenance and will only be supported until the next release comes out.

Production users will likely want to remain on an LTS release.

Downloads¶

• Main release tarball: lxcfs-6.0.0.tar.gz
• GPG signature: lxcfs-6.0.0.tar.gz.asc

Contributors¶

The LXCFS 6.0 release was brought to you by a total of 25 contributors.

LXCFS 5.0.4 LTS has been released¶

25 Jul 2023

Introduction¶

The LXCFS team is pleased to announce the release of LXCFS 5.0.4!

This is the fourth bugfix release for LXCFS 5.0 which is supported until June 2027.

Bugfixes¶

Some of the highlights for this release are:

• Fixed the output format of /proc/diskstats
• Fixed an issue with cpuset path tracking when used with containerd

The full list of commits is available below:

Detailed changelog

• build: tools: keep trailing newline in jinja2 renderer
• Revert "init: respect --prefix when installing systemd unit files"
• proc: fix /proc/diskstats output format
• github: start using ubuntu-22.04 image
• github: remove ubuntu-18.04
• tests: adapt for cgroup2
• cpuview: resolve cpu cgroup path separately from cpuset the cgroup path is different in kubernetes with containerd runtime.
• github: Update for main branch

Support and upgrade¶

The LXCFS 5.0 branch is supported until June 2027.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads¶

• Main release tarball: lxcfs-5.0.4.tar.gz
• GPG signature: lxcfs-5.0.4.tar.gz.asc

LXCFS 5.0.3 LTS has been released¶

17 Jan 2023

Introduction¶

The LXCFS team is pleased to announce the release of LXCFS 5.0.3!

This is the third bugfix release for LXCFS 5.0 which is supported until June 2027.

Bugfixes¶

Some of the highlights for this release are:

• Fixes VFS caching issues when run under FUSE3
• Fixes some behavioral issues with the new /sys/devices/system/cpu filtering
• Fixes building on ia64
• Properly handles cross-personality content for /proc/cpuinfo

The full list of commits is available below:

Detailed changelog

• set oom_score_adj of lxcfs process to -1000
• init: respect --prefix when installing systemd unit files
• Fix build on ia64
• doc: guide for mount /sys/devices/system/cpu in docker demo
• utils: add safe_uint32() helper
• macro.h: add strnprintf macro
• utils: add get_task_personality helper
• cpuview: paththrough personality when reading cpuinfo
• cpuview: fix possible use-after-free in find_proc_stat_node
• github: make coverity workflow work with meson
• README: how to build with sanitizers
• cpuset_parse: check input string in cpuset_nexttok
• github: enable ASAN and UBSAN during PR tests
• lxcfs: explicitly enable direct_IO for libfuse3
• lxcfs: fix copypaste typo in error message
• /proc/stat: render physical cpu number in non-view mode
• sysfs: don't mask cpus in /sys/devices/system/cpu
• lxcfs: handle NULL path in lxcfs_releasedir/lxcfs_release
• cpuview: fix ABBA deadlock in find_proc_stat_nod

Support and upgrade¶

The LXCFS 5.0 branch is supported until June 2027.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads¶

• Main release tarball: lxcfs-5.0.3.tar.gz
• GPG signature: lxcfs-5.0.3.tar.gz.asc

Older news¶

• 9 Agt 2022
• 26 Jul 2022
• 10 Mar 2022
• 2 Feb 2022
• 19 Okt 2021
• 17 Jul 2021
• 6 Mei 2021
• 8 Jan 2021
• 19 Okt 2020
• 3 Agt 2020
• 18 Jun 2020
• 17 Apr 2020
• 7 Apr 2020
• 19 Mar 2020
• 6 Mar 2020
• 24 Jul 2019
• 21 Jun 2019
• 23 Nov 2018
• 21 Agt 2018
• 4 Jun 2018
• 27 Mar 2018
• 19 Okt 2017
• 11 Mei 2017
• 23 Jan 2017
• 23 Nov 2016
• 5 Okt 2016
• 15 Agt 2016
• 28 Jun 2016
• 16 Mei 2016
• 31 Mar 2016
• 29 Mar 2016
• 21 Mar 2016
• 21 Mar 2016
• 17 Mar 2016
• 14 Mar 2016
• 11 Mar 2016
• 7 Mar 2016
• 24 Feb 2016
• 24 Feb 2016
• 19 Feb 2016
• 9 Feb 2016
• 4 Feb 2016
• 26 Jan 2016
• 8 Jan 2016
• 7 Jan 2016
• 7 Jan 2016
• 25 Nov 2015
• 17 Nov 2015
• 26 Okt 2015
• 3 Sep 2015
• 3 Jun 2015
• 7 Mei 2015
• 3 Apr 2015
• 16 Feb 2015
• 28 Jan 2015
• 23 Jan 2015
• 21 Jan 2015
• 20 Jan 2015
• 9 Jan 2015