News

LXCFS 6.0.3 LTS has been released

Dec 19, 2024

Introduction

The LXCFS team is pleased to announce the release of LXCFS 6.0.3!

This is the third bugfix release for LXCFS 6.0 which is supported until June 2029.

Changes

Some of the highlights for this release are:

  • Better detection of swap accounting support
  • Reworked testsuite including support for 64-bit Arm

The full list of commits is available below:

Detailed changelog
  • lxcfs_read: Added LXCFS_TYPE macro to all FUSE filesystem calls
  • lxcfs: fix readdir for procfs subtree
  • tests: add proc readdir test
  • cgroups/cgfsng: improve swap accounting support detection
  • github: Bump Ubuntu version
  • github: Simplify tests workflow
  • github: Add arm64 tests
  • tests: Make sure to enable cpuset controller
  • github: Use shared logic
  • github: Update coverity workflow
  • github: Simplify build action
  • github: Update checkout to v4
  • github: Cleanup testsuite action
  • github: Improve progress reporting

Support and upgrade

The LXCFS 6.0 branch is supported until June 2029.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

Thanks

This LTS release update was made possible thanks to funding provided by the Sovereign Tech Fund (now part of the Sovereign Tech Agency).

ST-Fund-Logo-Default-White-RGB|690x219

[quote]
The Sovereign Tech Fund supports the development, improvement, and maintenance of open digital infrastructure. Its goal is to sustainably strengthen the open source ecosystem, focusing on security, resilience, technological diversity, and the people behind the code.
[/quote]

Find out more at: https://www.sovereign.tech

LXCFS 6.0.2 LTS has been released

Sep 17, 2024

Introduction

The LXCFS team is pleased to announce the release of LXCFS 6.0.2!

This is the second bugfix release for LXCFS 6.0 which is supported until June 2029.

Changes

Some of the highlights for this release are:

  • Fix building of LXCFS on musl systems (missing include)

The full list of commits is available below:

Detailed changelog
  • Add missing linux/limits.h include

Support and upgrade

The LXCFS 6.0 branch is supported until June 2029.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 6.0.1 LTS has been released

Jun 26, 2024

Introduction

The LXCFS team is pleased to announce the release of LXCFS 6.0.1!

This is the first bugfix release for LXCFS 6.0 which is supported until June 2029.

Changes

Some of the highlights for this release are:

  • Support for running multiple instances of LXCFS (--runtime-dir)
  • Detect systems that has a Yama policy preventing reading process personalities

The full list of commits is available below:

Detailed changelog
  • github: add lxcfs live upgrade compatibility test
  • proc: checks system security policy before trying to get personalities
  • lxcfs/bindings: Refactor RUNTIME_PATH so that it can be overridden on startup
  • lxcfs/bindings: add a flag for overriding the runtime dir
  • github: update coverity test to use Ubuntu 22.04
  • README.md: add info about how to collect a core dump
  • github: add ISSUE_TEMPLATE.md
  • tests: Update for multiple runtime paths

Support and upgrade

The LXCFS 6.0 branch is supported until June 2029.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

LXCFS 6.0 LTS has been released

Apr 1, 2024

Introduction

The LXCFS team is pleased to announce the release of LXCFS 6.0 LTS!

This is the result of two years of work since the LXCFS 5.0 release and is the fifth LTS release for the LXCFS project. This release will be supported until June 2029.

Highlights

New --enable-cgroup option

LXCFS can provide a virtual cgroupfs (v1) tree for use by containers.
This feature was implemented prior to cgroup namespaces being implemented in the kernel and effectively allow providing a similar experience on kernels lacking that feature.

As most supported Linux distributions now all feature a kernel supporting cgroup namespaces and most new distros have even switched away from cgroupv1, it didn't make sense to keep this feature enabled by default. As a result, it has now been moved behind a new startup argument, --enable-cgroup.

CPUs no longer masked in /sys/devices/system/cpu

LXCFS 5.0 shipped with logic to filter out entries in /sys/devices/system/cpu based on what CPUs were allowed in the caller's cpuset. This behavior doesn't actually reflect the behavior on normal systems where even offline CPUs still show up in /sys/devices/system/cpu.

As a result, LXCFS 6.0 reversed that logic and is now only making sure to keep the list of online/offline CPUs up to date while the individual CPU directories all remain accessible.

Full changelog

Changelog
  • lxcfs_fuse: ensure lxcfs_fuse_compat.h is included after including fuse header
  • tree-wide: remove struct stat argument from DIR_FILLER and make it static inline
  • tree-wide: ensure that file information is set even with legacy fuse
  • tests: add test for issue #522
  • meson: Include documentation
  • workflows: disable documentation generation
  • sysfs: Don't incorrectly filter entries
  • tests: Fix sysfs test
  • utils: add and use opathdir()
  • sysfs_fuse: fix indendation
  • sysfs_fuse: generate file info for cpu entries as well
  • meson: bump fuse version
  • github: add fuse3 tests
  • meson: handle fuse versions with buggy dt_type handling
  • init/meson: Use libdir instead of hardcoded /lib path
  • Query systemd system unit dir.
  • support explicit fuse version choice
  • github: Re-organize Github Actions
  • tests: Skip sysfs test on older FUSE versions
  • init: Fix install paths for sysvinit and openrc
  • meson: Support multiple init systems
  • meson: Syntax nit
  • proc_fuse: extra space in /proc/stat
  • util: remove doubled comment
  • sysfs: correct file size of /sys/devices/system/cpu/online.
  • sysfs: cleanup sys_devices_system_cpu_online_getsize
  • cgroup v2: return cpuset cpu count when no quota is set
  • re-initialize library after reload
  • replace opathdir with opendir_flags
  • github: Restrict permissions
  • github: Validate target branch
  • fix reinitialization with fuse3
  • set oom_score_adj of lxcfs process to -1000
  • init: respect --prefix when installing systemd unit files
  • Fix build on ia64
  • doc: guide for mount /sys/devices/system/cpu in docker demo
  • utils: add safe_uint32() helper
  • macro.h: add strnprintf macro
  • utils: add get_task_personality helper
  • cpuview: paththrough personality when reading cpuinfo
  • cpuview: fix possible use-after-free in find_proc_stat_node
  • github: make coverity workflow work with meson
  • README: how to build with sanitizers
  • cpuset_parse: check input string in cpuset_nexttok
  • github: enable ASAN and UBSAN during PR tests
  • lxcfs: explicitly enable direct_IO for libfuse3
  • lxcfs: fix copypaste typo in error message
  • /proc/stat: render physical cpu number in non-view mode
  • sysfs: don't mask cpus in /sys/devices/system/cpu
  • lxcfs: handle NULL path in lxcfs_releasedir/lxcfs_release
  • cpuview: fix ABBA deadlock in find_proc_stat_node
  • build: tools: keep trailing newline in jinja2 renderer
  • Revert "init: respect --prefix when installing systemd unit files"
  • proc: fix /proc/diskstats output format
  • github: start using ubuntu-22.04 image
  • github: remove ubuntu-18.04
  • tests: adapt for cgroup2
  • cpuview: resolve cpu cgroup path separately from cpuset the cgroup path is different in kubernetes with containerd runtime.
  • lxcfs: preparation for FUSE_INTERRUPT support
  • lxcfs: add fuse interruptible locks
  • cpuview: start to use interruptible lock primitives
  • github: Update for main branch
  • proc_loadavg: fix ABBA deadlock between read/refresh
  • proc: Fix /proc/cpuinfo not respecting personality
  • proc_loadavg.c: Fix incompatible integer to pointer conversion
  • cgroups: cleanup and remove unused cgroup2_devices code
  • loadavg: make cleanup of start_loadavg
  • cpuview: pass a correct argument to lxcfs_debug
  • lxcfs: Add startup message
  • proc: fix MemAvailable in /proc/meminfo to exclude tmpfs files
  • systemd: mkdir -p the target mount dir
  • typofix: fix incorrect printing in lxcfs help interface
  • Add macro pivot&bpf for loongarch64
  • lxc.mount.hook: Skip cpu sysfs logic if missing target
  • sysfs: forbid write()
  • lxcfs: introduce new option --enable-cgroup
  • tests: use --enable-cgroup for tests
  • github: workaround CI issue with ASAN
  • Revert "github: workaround CI issue with ASAN"
  • proc_fuse: Fix get_swap_info typo swtotal == 0 -> *swtotal == 0
  • proc: Fix swap handling for cgroups v2 (can_use_swap)
  • proc: Fix swap handling for cgroups v2 (zero limits)
  • cgroup_utils: explicitly check for cgroup2 FDs in cgroup_walkup_to_root

Support and upgrade

LXCFS 6.0 will be supported until June 2029 and our current LTS release, LXCFS 5.0 will now switch to a slower maintenance pace, only getting critical bugfixes and security updates.

We strongly recommend all LXCFS users to plan an upgrade to the 6.0 branch.

Future release cadence

To make new LXCFS features more readily available to users, we have decided to start producing non-LTS releases again. The planned interval is every 6 months with LXCFS 6.1 planned for October.

Those releases will not benefit from the LTS guarantees around stability, support and security maintenance and will only be supported until the next release comes out.

Production users will likely want to remain on an LTS release.

Downloads

Contributors

The LXCFS 6.0 release was brought to you by a total of 25 contributors.

LXCFS 5.0.4 LTS has been released

Jul 25, 2023

Introduction

The LXCFS team is pleased to announce the release of LXCFS 5.0.4!

This is the fourth bugfix release for LXCFS 5.0 which is supported until June 2027.

Bugfixes

Some of the highlights for this release are:

  • Fixed the output format of /proc/diskstats
  • Fixed an issue with cpuset path tracking when used with containerd

The full list of commits is available below:

Detailed changelog
  • build: tools: keep trailing newline in jinja2 renderer
  • Revert "init: respect --prefix when installing systemd unit files"
  • proc: fix /proc/diskstats output format
  • github: start using ubuntu-22.04 image
  • github: remove ubuntu-18.04
  • tests: adapt for cgroup2
  • cpuview: resolve cpu cgroup path separately from cpuset the cgroup path is different in kubernetes with containerd runtime.
  • github: Update for main branch

Support and upgrade

The LXCFS 5.0 branch is supported until June 2027.
Only bugfixes and securitiy issues get included into the stable bugfix releases, so it's always safe and recommended to keep up and run the latest bugfix release.

Downloads

Older news