News

LXCFS 4.0.9 LTS has been released

17th of July 2021

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.9!

This is the ninth bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Improve libfuse2/libfuse3 handling

The full list of commits is available below:

  • lxcfs: rework argument parsing
  • lxcfs: remove obsolete logging
  • bindings: introduce lxcfs_has_opt() helper
  • cpuset_parse: drop unneeded dependencies
  • bindings: fix struct lxcfs_opts by making it versioned
  • proc_fuse: don't spam log needlessly
  • cgroup_fuse: replace potentially problematic terminology
  • lxcfs: handle libfuse2 vs libfuse3
  • lxcfs: handle libfuse2 vs libfuse3

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXC/LXD/LXCFS 2.0 - End of Life announcement

14th of June 2021

Introduction

The 2.0 LTS branch has reached its end of life.

This affects the following projects:

  • LXC 2.0 (released 6th of April 2016)
  • LXCFS 2.0 (released 31st of March 2016)
  • LXD 2.0 (released 11th of April 2016)

After over 5 years of bugfixes and security maintenance, those releases have now reached the end of their supported lifetime.

Concretely, this means that we will not be issuing any new releases, that our stable branches will be closed and associated CI disabled.

All remaining users should upgrade to a supported release as soon as possible.

Long term support releases

Upstream commits to 5 years support for its LTS branches. Such branches exist for LXC, LXCFS and LXD and see bugfixes and security fixes backported to them.

No new features get added to those branches and only the latest LTS branch sees most bugfixes backported, once a new LTS branch is released, the previous one will only get security and critical bugfixes.

Currently supported releases

There are currently two remaining LTS releases, 3.0 with support lasting until June 2023 and 4.0 with support until June 2025.

Additionally, some projects (currently LXD) may have more frequent feature releases. Those do not get long term support and are usually only supported until the next one comes out.

LXCFS 4.0.8 LTS has been released

6th of May 2021

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.8!

This is the eight bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Correct file size for proc files

The full list of commits is available below:

  • proc_cpuview: release lock before returning
  • Determine the file size from the current system file size
  • Switch to Github Actions

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.7 LTS has been released

8th of January 2021

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.6!

This is the seventh bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Consistent swap behavior (documented in README)

The full list of commits is available below:

  • meminfo: show host swap values when no limit or equal limits are set
  • README: clarify SWAP
  • cgroups: Add get_memory_swappiness
  • swap: Fix usage reporting
  • swap: Only report usage when swappiness is 0
  • swap: Tweak meminfo logic
  • swap: Make /proc/swaps match /proc/meminfo
  • swap: Remove now unused variable
  • docs: fix simple typo, throuh -> through

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.6 LTS has been released

19th of October 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.6!

This is the sixth bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Add support for fuse3
  • Update for new diskstats fields
  • Fix some build issues

The full list of commits is available below:

  • fix epoll create socket error message
  • Add support for fuse3
  • Fix get_min_memlimit() on non-glibc
  • Update options passed to fuse_main
  • rename fuse_compat.h to avoid conflict with system header
  • Set the file size to 4k
  • diskstats: support new fields in 4.18+ kernels

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.5 LTS has been released

3rd of August 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.5!

This is the fifth bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Fix bad swap value on hosts without memsw enabled
  • Fix some build issues

The full list of commits is available below:

  • proc_fuse: provide host values when kernel does not support swap accounting
  • bindings: update terminology
  • cgroups: update terminology
  • cgroups: replace leftover reference to legacy terms
  • bindings: provide lxcfs_clone() as wrapper around lxcfs_raw_clone()
  • .travis: use RTLD_NOW for tests
  • proc_fuse: remove unused variable
  • fix type mismatch

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.4 LTS has been released

18th of June 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.4!

This is the fourth bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

Some of the highlights for this release are:

  • Fix internal cache (big performance improvement)
  • Fix many memory leaks (especially in loadavg tracking)
  • Reworked swap usage logic

The full list of commits is available below:

  • proc_fuse: silence error when we find no memlimit
  • sysfs: cpuinfo: show cgroup cpuset value
  • sysfs_fuse: remove logically dead code
  • Fix https://github.com/lxc/lxcfs/issues/404
  • coverity: Use build custom build script
  • bindings: fix init pid hashing
  • bindings: make opts pointer const
  • bindings: use brackets to make logic clearer
  • bindings: cleanup cache locking
  • bindings: cleanup init pid verification
  • cpuview: fix /proc/stat virtualization
  • bindings: s/get_init_pid_for_task()/scm_init_pid()/g
  • proc_loadavg: don't leak getline() memory in calc_pid()
  • proc_loadavg: ensure pointer is NULL when passing to calc_pid()
  • proc_loadavg: don't leak getline() memory
  • proc_loadavg: replace malloc() with asprintf() in calc_pid()
  • macro: use ISO C compatible typeof
  • proc_loadavg(): use strdup() in calc_pid()
  • proc_loadavg: simplify calc_pid()
  • bindings: wipe initpid cache on library reload
  • bindings: avoid dynamic stack allocations in clone()
  • lxcfs: free opts on lxcfs binary exit
  • proc_fuse: use zalloc()
  • proc_loadavg: use must_* alloc helpers
  • proc_loadavg: remove dummy variable
  • proc_loadavg: avoid needless memory allocation
  • proc_fuse: move get_reaper_busy() down
  • proc_fuse: cleanup proc_uptime_read() a little
  • utils: don't leak fds in in_same_namespace()
  • proc_fuse: improve swap calculation a little
  • proc_fuse: don't cause invalid swap values
  • proc_fuse: cap swap to global values
  • proc_cpuview: tweak cpuacct.percpu_usage fallback
  • proc_fuse: more swap tweaks
  • proc_cpuview: cleanup new_proc_stat_node()
  • proc_cpuview: use more descriptive labels in add_proc_stat_node()
  • proc_cpuview: reduce variable scope in cpuview_free_head()
  • proc_cpuview: cleanup add_proc_stat_node()
  • proc_cpuview: use correct comment style
  • proc_cpuview: clean up expand_proc_stat_node()
  • proc_cpuview: clean up prune_proc_stat_list()
  • proc_cpuview: clean up find_or_create_proc_stat_node()
  • proc_cpuview: cleanup add_cpu_usage()
  • proc_cpuview: cleanup read_cpu_cfs_param()
  • proc_cpuview: fix exact_cpu_count()
  • proc_cpuview: fix max_cpu_count()
  • proc_cpuview: cleanup cpuview_proc_stat()
  • proc_cpuview: cleanup cpuview_init_head()

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.3 LTS has been released

17th of April 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.3!

This is the third bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

This release fixes a number of issues that were reported shortly following the original 4.0.0, 4.0.1 and 4.0.2 releases. Some of the highlights include:

  • Fix some issues detected by Coverity Scan
  • Fix issue with some meminfo fields
  • Fix SWAP calculation logic to avoid overflows

The full list of commits is available below:

  • Include : in matching of lines in /proc/meminfo
  • relax init pid store locking a bit
  • travis: enable coverity integration
  • memory_utils: make it easier for Coverity
  • .travis: fix coverity
  • cgroup_fuse: do not double-close
  • lxcfs: remove fl.* prefix
  • cgroup_fuse: s/clone/lxcfs_clone/g
  • bindings: do not falsely return
  • cgroup_fuse: be cautios when dereferencing d->controller
  • lxcfs: don't cause a uaf
  • utils: fix recv_creds()
  • bindings: use zalloc()
  • cgroups: more cgroup2 fun
  • tests: correctly skip readdir test
  • cgroups: please Coverity
  • cgroups: simplify cgroup_walkup_to_root()
  • proc_fuse: improve swap calculation

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.2 LTS has been released

7th of April 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.2!

This is the second bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

This release fixes a number of issues that were reported shortly following the original 4.0.0 and 4.0.1 releases. Some of the highlights include:

  • Fix memory virtualization issues (swap reporting)
  • Fix tests when run in distro packaging

The full list of commits is available below:

  • proc_fuse: improve /proc/meminfo
  • proc_fuse: memory virtualization improvements
  • proc_fuse: improve /proc/uptime virtualization
  • tree-wide: add and use syscall_numbers.h
  • proc_fuse: fix swap calculations
  • tests: Handle different lib paths

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0.1 LTS has been released

19th of March 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.1!

This is the first bugfix release for LXCFS 4.0 which is supported until June 2025.

Bugfixes

This release fixes a number of issues that were reported shortly following the original 4.0.0 release. Some of the highlights include:

  • CPU view (CFS) on CgroupV2 systems
  • Incorrect meminfo on CgroupV2 systems
  • Build failures on some Linux distributions
  • Crash on upgrade when CWD is no longer reachable
  • Harden upgrade logic, including a fall-back mechanism showing host values
  • Incorrect meminfo values on 32bit systems
  • Crash when accessing some virtual cgroupfs files
  • Improvements to tests

The full list of commits is available below:

  • proc_cpuview: add minimal support for unified cgroup layout
  • proc_fuse: fix meminfo with unified cgroup layout
  • configure: add -Wvla and -std=gnu11
  • tree-wide: add missing O_CLOEXEC
  • bindings: handle current working directory on upgrade
  • tree-wide: mark lxcfs fuse ops
  • bindings: make constructor failures non-fatal
  • liblxcfs: handle broken upgrade gracefully
  • usage: Fix cfs help
  • usage: Fix lxcfs description
  • proc_fuse: port to uint64_t
  • tree-wide: use {u}int64_t types
  • bindings: allow users to switch between virtualization and non-virtualization mode
  • test_proc: add SIGUSR2 virtualization switch tests
  • proc_fuse: remove unused variable
  • test_sigusr2: improve tests
  • bindings: introduce set_signal_handler
  • cgroup_fuse: fix cgroupfs virtualization needed on non-cgns systems
  • tree-wide: memory utils improvements
  • tree-wide: fix dot_or_empty()
  • cgroups: remove unused function
  • utils: shut up compiler
  • proc_loadvg: fixes
  • proc_cpuview: fix compiler warning
  • tree-wide: add and use must_make_path_relative()
  • tree-wide: remove is_relative() and use must_make_path_relative()
  • cgroup_fuse: rework is_child_cgroup()
  • cgroup_fuse: rework cgfs_get_key()
  • cgroup_fuse: rework cgfs_create()
  • cgroup_fuse: rework cgfs_remove()
  • cgroup_fuse: rework cgfs_chmod_file()
  • cgroup_fuse: rework cgfs_chown_file()
  • cgroup_fuse: rework open_pids_file()
  • cgroup_fuse: rework cgfs_set_value()
  • cgroup_fuse: rework cgfs_iterate_cgroup()
  • cgroup_utils: remove dot_or_empty()
  • tests: Silence build output
  • cgroup_fuse: actually make asz check mean something

Support and upgrade

The LXCFS 4.0 branch is supported until June 2025. Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 4.0 LTS has been released

6th of March 2020

Introduction

The LXCFS team is pleased to announce the release of LXCFS 4.0.0!

This is the result of two years of work since the LXCFS 3.0.0 release and is the third LTS release for the LXCFS project. This release will be supported until June 2025.

Major changes

Repository re-organization

The LXCFS repo has been completely reorganized. Prior to LXCFS 4.0 all functionality used to live in a single file. This used to work fine for a long time since LXCFS encompassed a very small set of features. Over the years LXCFS has grown a range of new abilities and has seen major improvements in how various aspects of the system are virtualized for containers. This meant that the single file approach was not feasible anymore.

With LXCFS 4.0 various large virtualization features have been moved into separate files under a common source directory. This has also necessitated various changes to the build system. While we have stuck with the autotools build suite we have had to make significant changes how LXCFS is built. The most obvious change is that the location of the compiled binaries has changed from the top level directory under the source directory. For distributions packaging LXCFS this might mean that the package tooling needs to be made aware of this.

cgroup2: Support for the new unified cgroup hierarchy

The virtualization abilities of LXCFS are often centered around cgroups, i.e. cgroups are used to calculate container specific values that are shown in various files that provide access to system resources. So far, LXCFS has only supported virtualization based on the legacy cgroup hierarchy. With more systems slowly migrating to the unified cgroup hierarchy we have extended LXCFS to provide the same virtualization abilities based on the unified cgroup hierarchy whenever possible. The qualifying "whenever possible" clause needs to be highlighted. Currently, there are various smaller features that can't be virtualized based on the current implementation of the unified cgroup hierarchy. That might change over time as the unified cgroup hierarchy grows new features in the upstream kernel but we can't guarantee that it will provide full feature parity with the legacy cgroup hierarchy as there is no such guarantee or intention from the kernel developers. We hope however, to come to feature parity in what LXCFS provides. When sending patches upstream we would appreciate if you could try to make sure that the legacy cgroup and unified cgroup hierarchy support the new feature alike and provide both implementations in one go whenever possible.

/proc/cpuinfo and cpu output in /proc/stat based on cpu shares

CPU information provided in cpuinfo and stat in procfs can now be based on cpu shares. This can provide a more fine-grained and precise view then the regular virtualization we do but requires more state be kept by LXCFS. For full functionality the legacy cpu and cpuacct controllers need to be enabled on the system. When the unified hierarchy is used only a very rough approximation can be provided though we expec the cpu controller in the unified hierarchy to support some of the features that the cpu and cpuacct controllers in the legacy hierarchy support. This feature can be enabled by passing the --enable-cfs flag to LXCFS.

Improved command line options

LXCFS has grown support for features over time and they have mostly been placed behind new command line options. Some of the options had no long or short options and so the experience could feel a little dated. With LXCFS 4.0 we have updated our command line experience. The following options are now supported:

Usage: lxcfs <directory>

lxcfs set up fuse- and cgroup-based virtualizing filesystem

Options :
  -d, --debug          Run lxcfs with debugging enabled
  --enable-cfs        Enable cpu virtualization via cpu shares
  -f, --foreground     Run lxcfs in the foreground
  -n, --help           Print help
  -l, --enable-loadavg Enable loadavg virtualization
  -o                   Options to pass directly through fuse
  -p, --pidfile=FILE   Path to use for storing lxcfs pid
                       Default pidfile is /run/lxcfs.pid
  -u, --disable-swap   Disable swap virtualization
  -v, --version        Print lxcfs version
  --enable-pidfd       Use pidfd for process tracking

/proc/loadavg virtualization

It is now possible for LXCFS to virtualize loadavg output. If --enable-loadavg is passed that LXCFS will provide a container-specific /proc/loadavg view based on cgroups.

pidfd supported process tracking

LXCFS needs to keep track of each container's init process in order to correctly virtualize various values. This means LXCFS needs to detect when a container's process has died. Detecting this is suspect to the usual pid reuse races which have plagued Linux for a long time. Newer kernels provide the concept of a pidfd which solves pid reuse problems. When LXCFS is started with --enable-pidfd it will make use of this feature when the underlying kernel supports it. This will ensure reliable process tracking.

Compiler based hardening

For a long time LXC has supported compiler based hardening, i.e. a set of well-known compiler and linker options are automatically enabled whenever the compiler or linker support them. The set of currently supported hardening flags is:

-Wimplicit-fallthrough=5
-Wcast-align
-Wstrict-prototypes
-fno-strict-aliasing
-fstack-clash-protection
-fstack-protector-strong
--param=ssp-buffer-size=4
-g
--mcet -fcf-protection
-Werror=implicit-function-declaration
-Wlogical-op
-Wmissing-include-dirs
-Wold-style-definition
-Winit-self
-Wunused-but-set-variable
-Wfloat-equal
-Wsuggest-attribute=noreturn
-Werror=return-type
-Werror=incompatible-pointer-types
-Wformat=2
-Wshadow
-Wendif-labels
-Werror=overflow
-fdiagnostics-show-option
-Werror=shift-count-overflow
-Werror=shift-overflow=2
-Wdate-time
-Wnested-externs
-fasynchronous-unwind-tables
-pipe
-fexceptions
-fvisibility=hidden

Minimal compiler based resource management

As has been the case a long time for LXC, LXCFS will now make use of the cleanup macro feature of clang and gcc to provide automatic cleanup of resources such as memory and file descriptors. For LXC this has significantly reduced the number of resource leaks and we expect the same to be the case for LXCFS.

Full test suite enabled on all supported architectures

Prior to the LXCFS 4.0 release we have finally come around to enabling our test-suite on all supported architectures. This will ensure more rigorous testing going forward.

Support and upgrade

LXCFS 4.0.0 will be supported until June 2025 and our current LTS release, LXCFS 3.0 will now switch to a slower maintenance pace, only getting critical bugfixes and security updates.

We strongly recommend all LXCFS users to plan an upgrade to the 4.0 branch.

Downloads

Contributors

The LXCFS 4.0.0 release was brought to you by a total of 15 contributors.

LXCFS 3.1.2 has been released

24th of July 2019

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.1.2!

We had to re-roll the 3.1.0 release twice, first because of a bad Makefile causing an invalid release tarball to be generated, then again to fix an upgrade issue affecting some users of LXCFS 3.0.4

New features

Add support for per-container cpu usage in /proc/stat

Newer LXCFS releases make it possible to virtualize cpu usage per container by using the cpuacct cgroup.

Add support for load average (loadavg) virtualization

LXCFS now supports virtualizing /proc/loadavg. It will calculate the loadavg for a container based on the cpu cgroup.

Display cpus in /proc/cpuinfo based on cpu quotas

LXCFS will virtualize the cpus displayed in /proc/cpuinfo using the cpu cgroup and quotas calculated there.

Allow to disable swap in /proc/meminfo output

This adds the -u option to disable swap info output in /proc/meminfo.

Virtualize /sys/devices/system/cpu/online

LXCFS now also partially virtualizes sysfs. The first file to virtualize is /sys/devices/system/cpu/online per container.

Enable higher precision output in /proc/uptime

The calculations for /proc/uptime are now more correct.

Add support for FUSE nonempty option

The lxcfs binary can now be passed the -d option. When passed, lxcfs will also start when the mountpoint is not empty.

Bugfixes

  • bindings: ensure that opts is non NULL
  • Makefile: Fix typo in file name
  • remove unused functions
  • sys dirs do not need to implement 'read' method
  • lxcfs: coding style update
  • config: Adds RPM spec file.
  • config: Adds reload mode to sysvinit and systemd scripts.
  • bindings: prevent NULL pointer dereference
  • stat: check for out of bound access to cpuacct usage data
  • calc_hash(): do not apply modulo LOAD_SIZE
  • tests: include missing sys/sysmacros.h header
  • bindings: prevent double free
  • bindings: better logging for write_string()
  • meminfo: set ShmemHugePages and ShmemPmdMapped to zero
  • bindings: fix memory leak in calc_pid()
  • travis: fix .travis.yml
  • bindings: fix memory leak in proc_loadavg_read()

Support and upgrade

LXCFS 3.1.2 is only supported until the next feature release of LXCFS. For long term support, you should prefer LXCFS 3.0.4 LTS which is supported until June 2023.

Downloads

LXCFS 3.0.4 has been released

21st of June 2019

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.0.4!

As a stable bugfix release, no major changes have been done, instead focusing on bugfixes and minor usability improvements.

Bugfixes improvements

  • cpuinfo: use cpu view based on cpu quotas
  • bindings: prevent NULL pointer dereference
  • config: Adds reload mode to sysvinit and systemd scripts.
  • hooks: Adds --skip-cgroup-mounts flag to lxc.mount.hook script.
  • config: Adds RPM spec file.

Support and upgrade

LXCFS 3.0.4 is supported until June 2023 and is our current LTS release, users are encouraged to update to the latest bugfix releases as they're made available.

Downloads

LXCFS 3.0.3 has been released

23rd of November 2018

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.0.3!

As a stable bugfix release, no major changes have been done, instead focusing on bugfixes and minor usability improvements.

Bugfixes improvements

  • bindings: prevent double free
  • tests: include missing sys/sysmacros.h header

Support and upgrade

LXCFS 3.0.3 is supported until June 2023 and is our current LTS release, users are encouraged to update to the latest bugfix releases as they're made available.

Downloads

LXCFS 3.0.2 has been released

21st of August 2018

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.0.2!

As a stable bugfix release, no major changes have been done, instead focusing on bugfixes and minor usability improvements.

Bugfixes improvements

  • travis: add coverity support
  • travis: fix .travis.yml
  • meminfo: read shmem from cgroup parameter memory.stat
  • meminfo: set ShmemHugePages and ShmemPmdMapped to zero
  • bindings: better logging for write_string()

Support and upgrade

LXCFS 3.0.2 is supported until June 2023 and is our current LTS release, users are encouraged to update to the latest bugfix releases as they're made available.

Downloads

LXCFS 3.0.1 has been released

4th of June 2018

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.0.1!

As a stable bugfix release, no major changes have been done, instead focusing on bugfixes and minor usability improvements.

Minor improvements

  • Add support for the nonempty FUSE mount option

Support and upgrade

LXCFS 3.0.1 is supported until June 2023 and is our current LTS release, users are encouraged to update to the latest bugfix releases as they're made available.

Downloads

LXCFS 3.0.0 has been released

27th of March 2018

Introduction

The LXCFS team is pleased to announce the release of LXCFS 3.0.0!

This is the result of two years of work since the LXCFS 2.0.0 release This is the second LTS release for the LXCFS project and will be supported until June 2023.

Major changes

The most significant change to LXCFS 3.0.0 is the removal of the PAM module libpam-cgfs which has now been moved to the LXC codebase instead.

This was motivated by the fact that all LXC users, whether they use LXCFS or not can benefit from that PAM module and that much more code can be shared with LXC than it could with LXCFS.

All other changes included in LXCFS 3.0.0 are considered to be bugfixes and have or will be backported to the LXCFS 2.0 branch, making this a very lightweight update.

Support and upgrade

LXCFS 3.0.0 will be supported until June 2023 and our current LTS release, LXCFS 2.0 will now switch to a slower maintenance pace, only getting critical bugfixes and security updates.

We strongly recommend all LXCFS users to plan an upgrade to the 3.0 branch. Due to the transition of libpam-cgfs to LXC, this should be done at the same time as the upgrade to LXC 3.0 to avoid regressions.

Downloads

Contributors

The LXCFS 3.0.0 release was brought to you by a total of 16 contributors.

LXCFS 2.0.8 release announcement

19th of October 2017

This is the eigth bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • bindings: Add mountpoint for unified hierarchy
  • bindings: Calculate uptime via proc//stat
  • bindings: Revert virtualization of 'btime' field due to regressions in ps
  • doc: Update README
  • init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers
  • lib: Add common fallback dlopen for liblxcfs.so
  • lib: Fix the installation directory for liblxcfs to ${libdir}/lxcfs
  • pam: Add a 'all' option for -c
  • pam: Chown cgroup.procs file on unified hierarchy
  • pam: Report back when we find a unified hierarchy
  • tests: Fix invalid comparison
  • uptime: Fix a problem with subsequent reads

LXCFS 2.0.7 release announcement

11th of May 2017

This is the seventh bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Remove unused variable
  • Also check next variable for NULL on cg_rmdir
  • virtualize the 'btime' field of /proc/stat
  • cleanup: return false instead of NULL as bool
  • Limit memswlimit by TotalSwap
  • pam_cgfs: remove dead assignment
  • pam_cgfs: return created directly
  • pam_cgfs: make sure that **p is not NULL
  • bindings: Want space for ints? Call sizeof(int)!
  • pam_cgfs: make trim() safer
  • pam_cgfs: error out on failure in cgv2_init()
  • pam_cgfs: remove dead assignment
  • bindings: implement guest nice
  • bindings: increase reserved buffer size a little

LXCFS 2.0.6 release announcement

23rd of January 2017

This is the sixth bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Fix swap values with nested cgroups
  • tests: Fix run on ppc64el
  • Fix wrong scanning of memory.stat

LXCFS 2.0.5 release announcement

23rd of November 2016

This is the fifth bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Add Documentation key to systemd unit
  • bindings: allow getattr on O_WRONLY files
  • bindings: remove noop check
  • fix Active/Inactive /proc/meminfo
  • macro: add header for shared macros
  • pam_cgfs: reimplement and add cgroupfs v2 support
  • pam_cgfs: re-use cgroups that already belong to us
  • pam_cgfs: handle cgroupfs v1 cpuset controller
  • pam_cgfs: improve logging
  • cgroups: handle non-existent isolcpus file

LXCFS 2.0.4 release announcement

5th of October 2016

This is the fourth bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Fix test_reload for lxcfs chroot
  • Virtualize more of the meminfo fields
  • pam: fix race in cgroup creation
  • meminfo: don't show negative swapfree
  • bindings: improve debugging
  • bindings: use openat fd for fstatat(), unlinkat()
  • bindings: close open fds on error
  • bindings: grant access to /var/lib/lxcfs
  • bindings: enable access to /var/lib/lxcfs/cgroup
  • bindings: allow access to /var/lib/lxcfs/proc
  • lxcfs, bindings: show "." and ".." dir entries
  • lxcfs: better fs behavior on /var/lib/lxcfs
  • bindings: non functional changes
  • bindings: set errno in pick_controller_from_path()
  • bindings: more consistent fs behavior
  • add pld linux support
  • don't use argv[0] in usage output
  • bindings: revert cgroup check
  • bindings: improve returned errnos
  • bindings: make rmdir behave more consistently
  • libtool: do not link lxcfs against liblxcfs
  • bindings, lxcfs: improve debugging
  • bindings: fix debug macro
  • autotools: add -avoid-version
  • bindings: restore original working directory
  • bindings: add function to check fs type
  • bindings: agnostic naming
  • bindings: use chroot() on ramfs
  • bindings: fix type weirdness with statfs f_type
  • bindings: make pivot_enter() contain all its code

LXCFS 2.0.3 release announcement

15th of August 2016

This is the third bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Skip empty entries under /proc/self/cgroup
  • Setup and use a minimal chroot and mount namespace for cgroup mounts
  • Code cleanup and minor refactoring

LXCFS 2.0.2 release announcement

28th of June 2016

This is the second bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Don't build pam/ when --with-pamdir=none
  • libpam_cgfs: Don't create new path if we are under /user.slice/user-$uid.slice

LXCFS 2.0.1 release announcement

16th of May 2016

This is the first bugfix release for LXCFS 2.0.

This includes the following bugfixes:

  • Fix cpuinfo on s390x.
  • Use recursive cgroup values in diskstats.
  • Allow traversal (rx) to controller directories.
  • Fix do_mount_cgroups() crash on failure.
  • Better error handling in a number of path processing functions.
  • Better error handling in swap calculation.

LXCFS 2.0.0 release announcement

31st of March 2016

  • We are happy to release version 2.0.0 of lxcfs.

LXCFS 2.0.0.rc9 release announcement

29th of March 2016

  • This is the ninth release candidate for 2.0.0
  • This guards against potential double-releasing of fuse file info.

LXCFS 2.0.0.rc8 release announcement

21st of March 2016

  • This is the eight release candidate for 2.0.0
  • This implements access(2) which is required by the lxcfs cgfsng driver.

LXCFS 2.0.0.rc7 release announcement

21st of March 2016

  • This is the seventh release candidate for 2.0.0
  • This includes some important fixes to the upstart jobs and mount hooks
  • Makes the reload handler async-safe, and a few more posix compliancy fixes.

LXCFS 2.0.0.rc6 release announcement

17th of March 2016

  • This is the sixth release candidate for 2.0.0
  • Adds support for the systemd cgroup naming scheme used in 14.04.

LXCFS 2.0.0.rc5 release announcement

14th of March 2016

  • This is the fifth release candidate for 2.0.0
  • Fixes libpam-cgfs mis-chowning systemd cgroups when running (for instance) 'sudo'.

LXCFS 2.0.0.rc4 release announcement

11th of March 2016

  • This is the fourth release candidate for 2.0.0
  • Fix from stgraber to the mount hook and upstart job.

LXCFS 2.0.0.rc3 release announcement

7th of March 2016

  • This is the third release candidate for 2.0.0
  • Fixes in this release:
    • Not mounting lxcfs procfiles when /sys/fs/cgroup is not mounted in container.
    • Occasional corrupted output in free -m.

LXCFS 2.0.0.rc2 release announcement

24th of February 2016

  • This is the second release candidate for 2.0.0
  • This adds the previously missing config/ directory to the release tarball.

LXCFS 2.0.0.rc1 release announcement

24th of February 2016

  • This is the first release candidate for 2.0.0
  • This adds sysvinit, upstart and systemd jobs.

LXCFS 2.0.0.beta2 release announcement

19th of February 2016

  • Fix a bug causing PAM module to hang if there are unmounted controllers
  • Avoid a rare but not impossible bug due to a faulty glibc assert when forking a pid after setns.

LXCFS 2.0.0.beta1 release announcement

9th of February 2016

Changes

  • Add support for /proc/swaps
  • Create or chown systemd cgroups if asked
  • Move liblxcfs.so to /usr/lib/lxcfs.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.18 release announcement

4th of February 2016

Changes

  • Support restarting lxcfs in most cases, by moving most functionality into a library which is reloaded on SIGUSR1

Downloads

The release tarballs can be found on our download page.

LXCFS 0.17 release announcement

26th of January 2016

Changes

  • Add a PAM module
  • Allow users to see all cgroup directories under their init's.
  • Use a task's init process' cgroup usage+limits to virtualize procfiles, rather than the task's own limits.
  • Improve swap accounting

Downloads

The release tarballs can be found on our download page.

LXCFS 0.16 release announcement

8th of January 2016

Bugfix release.

  • This provides a fix for the memory allocation bugs in the last two releases.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.14 release announcement

7th of January 2016

Changes

  • Listen to hint from lxc regarding cgroup namespaces.
  • Several important bugfixes in code introduced during the switch from libnih.
  • Fix to swap usage reporting.
  • Fix overly strict visibility checks for tasks in root cgroup.
  • Many fixes to the tests.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.15 release announcement

7th of January 2016

Bugfix release.

  • Fixing a critical memory allocation bug which makes 0.14 unusable.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.13 release announcement

25th of November 2015

Bugfix release.

  • This fixes several bugs which prevented newer systemd-based containers from starting, and some more general bugs.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.12 release announcement

17th of November 2015

Critical bug/security fix update for LXCFS.

  • This fixes two critical CVEs.
  • Also switches to using cgroup filesystem natively instead of using cgmanager, resulting in dramatic speedup.
  • Several improvements in uptime, cpuinfo, and meminfo virtualization
  • Enable tests at code checkin
  • Set FUSE attr caching to half a second, and ship lxc stop hook to wait half a second before reboot.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.11 release announcement

26th of October 2015

Changes

  • Switch from libnih and dbus to glib and GDbus. Since these are thread-safe, enable threading by default.
  • Support newer systemd which places itself into init.scope.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.10 release announcement

3rd of September 2015

Bugfix release.

  • Detect libnih threading support and use when available.
  • Fix threading issues related to DBus.
  • Handle missing memory cgroup.
  • Turn off threading globally because of problems with libdbus.
  • Tweak lxcfs mounts to better accommodate systemd.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.9 release announcement

3rd of June 2015

Bugfix release.

  • Fixes from Michael McCracken to fix lxcfs crashes

Downloads

The release tarballs can be found on our download page.

LXCFS 0.8 release announcement

7th of May 2015

Changes

  • Use direct io
  • Cache file and dir open work and re-use at read/write
  • Force the fuse options we need (especially threading)
  • Fix some errors in the manpage
  • Fix handling of cpusets
  • Some fixes for the lxc hook

Downloads

The release tarballs can be found on our download page.

LXCFS 0.7 release announcement

3rd of April 2015

Bugfix release.

  • Support for /proc/diskstats.
  • Fixes a few bugs that were causing hangs.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.6 release announcement

16th of February 2015

Bugfix release.

  • Fixes some memory and fd leaks.
  • Fixes cpu-average in /proc/stat.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.5 release announcement

28th of January 2015

Bugfix release.

This tweaks configure.ac to detect cgmanager version and tweak the LXC hook.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.4 release announcement

23rd of January 2015

Critical bug/security fix update for LXCFS.

Prior versions of LXCFS would replace the host's /proc with the container's when a read to /proc/uptime was done on a system with / mounted rshared (default on systemd).

This release includes ONLY this bugfix and should be immediately deployed by anyone currently using lxcfs.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.3 release announcement

21st of January 2015

This release is identical to 0.2 except for a fixed installation path of the LXC configuration file.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.2 release announcement

20th of January 2015

Packager-friendly release of LXCFS 0.2.

This release now installs /usr/share/lxcfs/lxc.mount.hook and /usr/share/lxc/common.conf.d/00-lxcfs.conf which when combined with LXC 1.1 will automatically enable lxcfs for all containers.

Additionally this release also includes some fixes to the testsuite.

Downloads

The release tarballs can be found on our download page.

LXCFS 0.1 release announcement

9th of January 2015

This is the initial LXCFS release.

It offers a basic cgroupfs-like interface which writes through CGManager as well as cgroup-ified versions of the cpuinfo, meminfo, stat and uptime proc files.

Note that as the first release of LXCFS, things can still be very rough and we would advice against using this in production.

Downloads

The release tarballs can be found on our download page.