Update 'README.md'

Ref https://github.com/fgrehm/vagrant-lxc/issues/492

.travis.yml

@@ -3,6 +3,7 @@ rvm:
   - 2.2
   - 2.3
   - 2.4
+  - 2.5
 install:
   - gem install -v 1.12.5 bundler
   - bundle _1.12.5_ install --jobs=3 --retry=3

CHANGELOG.md

@@ -1,3 +1,30 @@
+## [1.4.2](https://github.com/fgrehm/vagrant-lxc/compare/v1.4.1...v1.4.2) (Jul 17, 2018)
+
+FIXES:
+  - Fix problems with `redir` 3.x command line. [[GH-467]]
+
+## [1.4.1](https://github.com/fgrehm/vagrant-lxc/compare/v1.4.0...v1.4.1) (Apr 30, 2018)
+
+FEATURES:
+  - Add support for LXC v3.0
+  - Add support for `redir` 3.x command line. [[GH-460]]
+
+[GH-460]: https://github.com/fgrehm/vagrant-lxc/issues/460
+
+## [1.4.0](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.1...v1.4.0) (Mar 04, 2018)
+
+FEATURES:
+  - Add support for unprivileged containers. [[GH-312]]
+
+[GH-312]: https://github.com/fgrehm/vagrant-lxc/issues/312
+
+## [1.3.1](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.0...v1.3.1) (Fev 06, 2018)
+
+FIXES:
+  - Fix problems with `tmpfs` fiddling in v1.3.0. [[GH-455]]
+
+[GH-455]: https://github.com/fgrehm/vagrant-lxc/pull/455
+
 ## [1.3.0](https://github.com/fgrehm/vagrant-lxc/compare/v1.2.4...v1.3.0) (Jan 20, 2018)
 
 FEATURES:

Gemfile

@@ -1,7 +1,7 @@
 source 'https://rubygems.org'
 
 group :development do
-  gem 'vagrant', git: 'https://github.com/mitchellh/vagrant.git', tag: 'v1.8.7'
+  gem 'vagrant', git: 'https://github.com/mitchellh/vagrant.git'
   gem 'guard'
   gem 'guard-rspec'
   gem 'rb-inotify'
@@ -9,10 +9,9 @@ end
 
 group :development, :test do
   gem 'rake', '~> 10.4.2'
-  gem 'rspec', '~> 2.99.0'
+  gem 'rspec', '~> 3.5.0'
   gem 'coveralls', '~> 0.7.2', require: (ENV['COVERAGE'] == 'true')
-  # The is the ref *just* before we switch to childprocess 0.6, which conflicts with vagrant 1.8 deps.
-  gem 'vagrant-spec', git: 'https://github.com/mitchellh/vagrant-spec.git', ref: '5006bc73cd8796465ca09307d4774f8ec8375aa0'
+  gem 'vagrant-spec', git: 'https://github.com/mitchellh/vagrant-spec.git'
 end
 
 group :plugins do

README.md

@@ -1,8 +1,12 @@
+🟢 We plan to support and maintain vagrant-lxc, as well as clean it up.<br/>
+🟢 Please feel free to contribute Issues and pull requests.<br/>
+🟢 P.S: Thanks [Fabio Rehm](https://fabiorehm.com) for the amazing initial project.
+
 # vagrant-lxc
 
 [![Build Status](https://travis-ci.org/fgrehm/vagrant-lxc.png?branch=master)](https://travis-ci.org/fgrehm/vagrant-lxc) [![Gem Version](https://badge.fury.io/rb/vagrant-lxc.png)](http://badge.fury.io/rb/vagrant-lxc) [![Code Climate](https://codeclimate.com/github/fgrehm/vagrant-lxc.png)](https://codeclimate.com/github/fgrehm/vagrant-lxc) [![Coverage Status](https://coveralls.io/repos/fgrehm/vagrant-lxc/badge.png?branch=master)](https://coveralls.io/r/fgrehm/vagrant-lxc) [![Gitter chat](https://badges.gitter.im/fgrehm/vagrant-lxc.png)](https://gitter.im/fgrehm/vagrant-lxc)
 
-[LXC](http://lxc.sourceforge.net/) provider for [Vagrant](http://www.vagrantup.com/) 1.8+
+[LXC](http://lxc.sourceforge.net/) provider for [Vagrant](http://www.vagrantup.com/) 1.9+
 
 This is a Vagrant plugin that allows it to control and provision Linux Containers
 as an alternative to the built in VirtualBox provider for Linux hosts. Check out
@@ -12,13 +16,13 @@ to see it in action.
 ## Features
 
 * Provides the same workflow as the Vagrant VirtualBox provider
-* Port forwarding via [`redir`](http://linux.die.net/man/1/redir)
+* Port forwarding via [`redir`](https://github.com/troglobit/redir)
 * Private networking via [`pipework`](https://github.com/jpetazzo/pipework)
 
 ## Requirements
 
-* [Vagrant 1.8+](http://www.vagrantup.com/downloads.html)
-* lxc >=1.0
+* [Vagrant 1.9+](http://www.vagrantup.com/downloads.html)
+* lxc >=2.1
 * `redir` (if you are planning to use port forwarding)
 * `brctl` (if you are planning to use private networks, on Ubuntu this means `apt-get install bridge-utils`)
 
@@ -51,8 +55,9 @@ _More information about skipping the `--provider` argument can be found at the
 
 ## Base boxes
 
-Base boxes can be found on [Atlas](https://atlas.hashicorp.com/boxes/search?provider=lxc)
-and some scripts to build your own are available at [fgrehm/vagrant-lxc-base-boxes](https://github.com/fgrehm/vagrant-lxc-base-boxes).
+Base boxes provided on Atlas haven't been refreshed for a good while and shouldn't be relied on.
+Your best best is to build your boxes yourself. Some scripts to build your own are available at
+[hsoft/vagrant-lxc-base-boxes](https://github.com/hsoft/vagrant-lxc-base-boxes).
 
 If you want to build your own boxes, please have a look at [`BOXES.md`](https://github.com/fgrehm/vagrant-lxc/tree/master/BOXES.md)
 for more information.
@@ -78,7 +83,7 @@ prior to starting it.
 
 For other configuration options, please check the [lxc.conf manpages](http://manpages.ubuntu.com/manpages/precise/man5/lxc.conf.5.html).
 
-### Private Networks [EXPERIMENTAL]
+### Private Networks
 
 Starting with vagrant-lxc 1.1.0, there is some rudimentary support for configuring
 [Private Networks](https://docs.vagrantup.com/v2/networking/private_network.html)
@@ -137,25 +142,29 @@ Vagrant.configure("2") do |config|
 end
 ```
 
-For old versions of lxc (like 0.7.5 shipped with Ubuntu 12.04 by default) that
-does not support `best` for the backingstore option, changing it to `none` is
-required and a default for all Vagrant environments can be set from your
-`~/.vagrant.d/Vagrantfile` using the same `provider` block:
+## Unprivileged containers support
+
+Since v1.4.0, `vagrant-lxc` gained support for unprivileged containers. For now, since it's a new
+feature, privileged containers are still the default, but you can have your `Vagrantfile` use
+unprivileged containers with the `privileged` flag (which defaults to `true`). Example:
 
 ```ruby
 Vagrant.configure("2") do |config|
   config.vm.provider :lxc do |lxc|
-    lxc.backingstore = 'none'
+    lxc.privileged = false
   end
 end
 ```
 
+For unprivileged containers to work with `vagrant-lxc`, you need a properly configured system. On
+some distros, it can be somewhat of a challenge. Your journey to configuring your system can start
+with [Stéphane Graber's blog post about it](https://stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/).
+
 ## Avoiding `sudo` passwords
 
-This plugin requires **a lot** of `sudo`ing since [unprivileged containers](https://github.com/fgrehm/vagrant-lxc/issues/312)
-are not supported yet. To work around that, you can use the `vagrant lxc sudoers`
-command which will create a file under `/etc/sudoers.d/vagrant-lxc` whitelisting
-all commands required by `vagrant-lxc` to run.
+If you're not using unprivileged containers, this plugin requires **a lot** of `sudo`ing To work
+around that, you can use the `vagrant lxc sudoers` command which will create a file under
+`/etc/sudoers.d/vagrant-lxc` whitelisting all commands required by `vagrant-lxc` to run.
 
 If you are interested on what will be generated by that command, please check
 [this code](lib/vagrant-lxc/command/sudoers.rb).

lib/vagrant-lxc/action.rb

@@ -12,7 +12,6 @@ require 'vagrant-lxc/action/handle_box_metadata'
 require 'vagrant-lxc/action/prepare_nfs_settings'
 require 'vagrant-lxc/action/prepare_nfs_valid_ids'
 require 'vagrant-lxc/action/private_networks'
-require 'vagrant-lxc/action/remove_temporary_files'
 require 'vagrant-lxc/action/setup_package_files'
 require 'vagrant-lxc/action/warn_networks'
 
@@ -125,7 +124,6 @@ module Vagrant
             end
 
             b2.use ClearForwardedPorts
-            b2.use RemoveTemporaryFiles
             b2.use GcPrivateNetworkBridges
             b2.use Builtin::Call, Builtin::GracefulHalt, :stopped, :running do |env2, b3|
               if !env2[:result]

lib/vagrant-lxc/action/boot.rb

@@ -8,11 +8,15 @@ module Vagrant
 
         def call(env)
           @env = env
-
+          driver = env[:machine].provider.driver
           config = env[:machine].provider_config
 
           utsname = env[:machine].config.vm.hostname || env[:machine].id
+          if driver.supports_new_config_format
+            config.customize 'uts.name', utsname
+          else
             config.customize 'utsname', utsname
+          end
 
           # Fix apparmor issues when starting Ubuntu 14.04 containers
           # See https://github.com/fgrehm/vagrant-lxc/issues/278 for more information
@@ -26,8 +30,13 @@ module Vagrant
             config.customize 'mount.entry', '/sys/fs/selinux sys/fs/selinux none bind,ro 0 0'
           end
 
+          if config.tmpfs_mount_size && !config.tmpfs_mount_size.empty?
+            # Make /tmp a tmpfs to prevent init scripts from nuking synced folders mounted in here
+            config.customize 'mount.entry', "tmpfs tmp tmpfs nodev,nosuid,size=#{config.tmpfs_mount_size} 0 0"
+          end
+
           env[:ui].info I18n.t("vagrant_lxc.messages.starting")
-          env[:machine].provider.driver.start(config.customizations)
+          driver.start(config.customizations)
 
           @app.call env
         end

lib/vagrant-lxc/action/create.rb

@@ -19,14 +19,26 @@ module Vagrant
               container_name = generate_container_name(env)
           end
 
+          backingstore = config.backingstore
+          if backingstore.nil?
+            backingstore = config.privileged ? "best" : "dir"
+          end
           driver = env[:machine].provider.driver
+          template_options = env[:lxc_template_opts]
+          if driver.supports_new_config_format
+            if env[:lxc_box_config]
+              driver.update_config_keys(env[:lxc_box_config])
+            end
+          else
+            template_options['--oldconfig'] = ''
+          end
           driver.create(
             container_name,
-            config.backingstore,
+            backingstore,
             config.backingstore_options,
             env[:lxc_template_src],
             env[:lxc_template_config],
-            env[:lxc_template_opts]
+            template_options
           )
           driver.update_config_keys
 

lib/vagrant-lxc/action/fetch_ip_with_lxc_info.rb

@@ -21,6 +21,7 @@ module Vagrant
           fetch_ip_tries = config.fetch_ip_tries
           driver = env[:machine].provider.driver
           ip = ''
+          return config.ssh_ip_addr if not config.ssh_ip_addr.nil?
           retryable(:on => LXC::Errors::ExecuteError, :tries => fetch_ip_tries, :sleep => 3) do
             unless ip = get_container_ip_from_ip_addr(driver)
               # retry

lib/vagrant-lxc/action/forward_ports.rb

@@ -1,3 +1,5 @@
+require 'open3'
+
 module Vagrant
   module LXC
     module Action
@@ -78,8 +80,12 @@ module Vagrant
         end
 
         def redirect_port(host_ip, host_port, guest_ip, guest_port)
+          if redir_version >= 3
+            params = %W( -n #{host_ip}:#{host_port} #{guest_ip}:#{guest_port} )
+          else
             params = %W( --lport=#{host_port} --caddr=#{guest_ip} --cport=#{guest_port} )
             params.unshift "--laddr=#{host_ip}" if host_ip
+          end
           params << '--syslog' if ENV['REDIR_LOG']
           if host_port < 1024
             redir_cmd = "sudo redir #{params.join(' ')} 2>/dev/null"
@@ -99,6 +105,13 @@ module Vagrant
           end
         end
 
+        def redir_version
+          stdout, stderr, _ = Open3.capture3 "redir --version"
+          # For some weird reason redir printed version information in STDERR prior to 3.2
+          version = stdout.empty? ? stderr : stdout
+          version.split('.')[0].to_i
+        end
+
         def redir_installed?
           system "which redir > /dev/null"
         end

lib/vagrant-lxc/action/handle_box_metadata.rb

@@ -33,8 +33,10 @@ module Vagrant
           end
 
           if template_config_file.exist?
+            @env[:lxc_box_config] = template_config_file.to_s
             @env[:lxc_template_opts].merge!('--config' => template_config_file.to_s)
           elsif old_template_config_file.exist?
+            @env[:lxc_box_config] = old_template_config_file.to_s
             @env[:lxc_template_config] = old_template_config_file.to_s
           end
 

lib/vagrant-lxc/action/remove_temporary_files.rb

@@ -1,23 +0,0 @@
-module Vagrant
-  module LXC
-    module Action
-      class RemoveTemporaryFiles
-        def initialize(app, env)
-          @app    = app
-          @logger = Log4r::Logger.new("vagrant::lxc::action::remove_tmp_files")
-        end
-
-        def call(env)
-          @logger.debug 'Removing temporary files'
-          driver = env[:machine].provider.driver
-          # To prevent host-side data loss, it's important that all mounts under /tmp are unmounted
-          # before we proceed with the `rm -rf` operation. See #68 and #360.
-          driver.attach("findmnt -R /tmp -o TARGET --list --noheadings | xargs -L 1 --no-run-if-empty umount")
-          driver.attach("rm -rf /tmp/*")
-
-          @app.call env
-        end
-      end
-    end
-  end
-end

lib/vagrant-lxc/config.rb

@@ -18,14 +18,29 @@ module Vagrant
       # machine name, set this to :machine
       attr_accessor :container_name
 
+      # Size (as a string like '400M') of the tmpfs to mount at /tmp on boot.
+      # Set to false or nil to disable the tmpfs mount altogether. Defaults to '2G'.
+      attr_accessor :tmpfs_mount_size
+
       attr_accessor :fetch_ip_tries
 
+      attr_accessor :ssh_ip_addr
+
+      # Whether the container needs to be privileged. Defaults to true (unprivileged containers
+      # is a very new feature in vagrant-lxc). If false, will try creating an unprivileged
+      # container. If it can't, will revert to the old "sudo wrapper" method to create a privileged
+      # container.
+      attr_accessor :privileged
+
       def initialize
         @customizations = []
         @backingstore = UNSET_VALUE
         @backingstore_options = []
         @container_name = UNSET_VALUE
+        @tmpfs_mount_size = UNSET_VALUE
         @fetch_ip_tries = UNSET_VALUE
+        @ssh_ip_addr = UNSET_VALUE
+        @privileged = UNSET_VALUE
       end
 
       # Customize the container by calling `lxc-start` with the given
@@ -50,9 +65,12 @@ module Vagrant
 
       def finalize!
         @container_name = nil if @container_name == UNSET_VALUE
-        @backingstore = "best" if @backingstore == UNSET_VALUE
+        @backingstore = nil if @backingstore == UNSET_VALUE
         @existing_container_name = nil if @existing_container_name == UNSET_VALUE
+        @tmpfs_mount_size = '2G' if @tmpfs_mount_size == UNSET_VALUE
         @fetch_ip_tries = 10 if @fetch_ip_tries == UNSET_VALUE
+        @ssh_ip_addr = nil if @ssh_ip_addr == UNSET_VALUE
+        @privileged = true if @privileged == UNSET_VALUE
       end
     end
   end

lib/vagrant-lxc/driver.rb

@@ -20,9 +20,9 @@ module Vagrant
       attr_reader :container_name,
                   :customizations
 
-      def initialize(container_name, sudo_wrapper = nil, cli = nil)
+      def initialize(container_name, sudo_wrapper = nil, cli = nil, privileged: true)
         @container_name = container_name
-        @sudo_wrapper   = sudo_wrapper || SudoWrapper.new()
+        @sudo_wrapper   = sudo_wrapper || SudoWrapper.new(privileged: privileged)
         @cli            = cli || CLI.new(@sudo_wrapper, container_name)
         @logger         = Log4r::Logger.new("vagrant::provider::lxc::driver")
         @customizations = []
@@ -50,20 +50,20 @@ module Vagrant
       end 
 
       def rootfs_path
-        config_entry = config_string.match(/^lxc\.rootfs\s+=\s+(.+)$/)[1]
-        case config_entry
-        when /^overlayfs:/
+        pathtype, path = config_string.match(/^lxc\.rootfs(?:\.path)?\s+=\s+(.+:)?(.+)$/)[1..2]
+        case pathtype
+        when 'overlayfs:'
           # Split on colon (:), ignoring any colon escaped by an escape character ( \ )
           # Pays attention to when the escape character is itself escaped.
-          fs_type, master_path, overlay_path = config_entry.split(/(?<!\\)(?:\\\\)*:/)
+          _, overlay_path = config_entry.split(/(?<!\\)(?:\\\\)*:/)
           if overlay_path
             Pathname.new(overlay_path)
           else
             # Malformed: fall back to prior behaviour
-            Pathname.new(config_entry)
+            Pathname.new(path)
           end
         else
-          Pathname.new(config_entry)
+          Pathname.new(path)
         end
       end
 
@@ -83,6 +83,7 @@ module Vagrant
         @cli.name = @container_name = name
 
         @logger.debug "Creating container..."
+
         @cli.create template_path, backingstore, backingstore_options, config_file, template_options
       end
 
@@ -121,10 +122,6 @@ module Vagrant
         @cli.destroy
       end
 
-      def supports_attach?
-        @cli.supports_attach?
-      end
-
       def attach(*command)
         @cli.attach(*command)
       end
@@ -214,6 +211,10 @@ module Vagrant
         @version ||= @cli.version
       end
 
+      def supports_new_config_format
+        Gem::Version.new(version) >= Gem::Version.new('2.1.0')
+      end
+
       # TODO: This needs to be reviewed and specs needs to be written
       def compress_rootfs
         # TODO: Pass in tmpdir so we can clean up from outside
@@ -244,8 +245,9 @@ module Vagrant
         write_config(contents)
       end
 
-      def update_config_keys
-        @cli.update_config(config_path)
+      def update_config_keys(path = nil)
+        path = path || config_path
+        @cli.update_config(path)
       rescue Errors::ExecuteError
         # not on LXC 2.1+. Doesn't matter, ignore.
       end
@@ -266,12 +268,21 @@ module Vagrant
       end
 
       def write_config(contents)
+        confpath = base_path.join('config').to_s
+        begin
+          File.open(confpath, File::RDWR) do |file|
+            file.write contents
+          end
+        rescue
+          # We don't have permissions to write in the conf file. That's probably because it's a
+          # privileged container. Work around that through sudo_wrapper.
           Tempfile.new('lxc-config').tap do |file|
             file.chmod 0644
             file.write contents
             file.close
-          @sudo_wrapper.run 'cp', '-f', file.path, config_path
-          @sudo_wrapper.run 'chown', 'root:root', config_path
+            @sudo_wrapper.run 'cp', '-f', file.path, confpath
+            @sudo_wrapper.run 'chown', 'root:root', confpath
+          end
         end
       end
     end

lib/vagrant-lxc/driver/cli.rb

@@ -59,7 +59,7 @@ module Vagrant
             config_opts = ['-f', config_file]
           end
 
-          extra = template_opts.to_a.flatten
+          extra = template_opts.to_a.flatten.reject { |elem| elem.empty? }
           extra.unshift '--' unless extra.empty?
 
           run :create,
@@ -89,7 +89,6 @@ module Vagrant
         # Man Page:
         # 2      The specified container exists but was not running.
         def stop
-          attach '/sbin/halt' if supports_attach?
           begin
             run :stop, '--name', @name
           rescue LXC::Errors::ExecuteError => e
@@ -142,19 +141,6 @@ module Vagrant
           end
         end
 
-        def supports_attach?
-          unless defined?(@supports_attach)
-            begin
-              @supports_attach = true
-              run(:attach, '--name', @name, '--', '/bin/true')
-            rescue LXC::Errors::ExecuteError
-              @supports_attach = false
-            end
-          end
-
-          return @supports_attach
-        end
-
         private
 
         def run(command, *args)

lib/vagrant-lxc/plugin.rb

@@ -10,7 +10,7 @@ module Vagrant
       EOF
 
       provider(:lxc, parallel: true, priority: 7) do
-        require File.expand_path("../provider", __FILE__)
+        require_relative 'provider'
         init!
         Provider
       end
@@ -22,13 +22,13 @@ module Vagrant
       end
 
       config(:lxc, :provider) do
-        require File.expand_path("../config", __FILE__)
+        require_relative 'config'
         init!
         Config
       end
 
       synced_folder(:lxc) do
-        require File.expand_path("../synced_folder", __FILE__)
+        require_relative 'synced_folder'
         SyncedFolder
       end
 

lib/vagrant-lxc/provider.rb

@@ -2,7 +2,6 @@ require "log4r"
 
 require "vagrant-lxc/action"
 require "vagrant-lxc/driver"
-require "vagrant-lxc/sudo_wrapper"
 
 module Vagrant
   module LXC
@@ -27,7 +26,7 @@ module Vagrant
 
       def ensure_lxc_installed!
         begin
-          SudoWrapper.new().run("which", "lxc-create")
+          SudoWrapper.new(privileged: @machine.provider_config.privileged).run("which", "lxc-create")
         rescue Vagrant::LXC::Errors::ExecuteError
           raise Errors::LxcNotInstalled
         end
@@ -40,7 +39,7 @@ module Vagrant
 
         begin
           @logger.debug("Instantiating the container for: #{id.inspect}")
-          @driver = Driver.new(id)
+          @driver = Driver.new(id, privileged: @machine.provider_config.privileged)
           @driver.validate!
         rescue Driver::ContainerNotFound
           # The container doesn't exist, so we probably have a stale

lib/vagrant-lxc/sudo_wrapper.rb

@@ -10,8 +10,9 @@ module Vagrant
         "/usr/local/bin/vagrant-lxc-wrapper"
       end
 
-      def initialize()
+      def initialize(privileged: true)
         @wrapper_path = Pathname.new(SudoWrapper.dest_path).exist? && SudoWrapper.dest_path || nil
+        @privileged   = privileged
         @logger       = Log4r::Logger.new("vagrant::lxc::sudo_wrapper")
       end
 
@@ -27,12 +28,16 @@ module Vagrant
         File.umask(old_mask & 022)  # allow all `r` and `x` bits
 
         begin
+          if @privileged
             if @wrapper_path && !options[:no_wrapper]
               command.unshift @wrapper_path
               execute *(['sudo'] + command)
             else
               execute *(['sudo', '/usr/bin/env'] + command)
             end
+          else
+            execute *(['/usr/bin/env'] + command)
+          end
         ensure
           File.umask(old_mask)
         end

lib/vagrant-lxc/version.rb

@@ -1,5 +1,5 @@
 module Vagrant
   module LXC
-    VERSION = "1.3.0"
+    VERSION = "1.4.2"
   end
 end

scripts/lxc-template

@@ -33,8 +33,10 @@ LXC_PATH=
 LXC_ROOTFS=
 LXC_TARBALL=
 LXC_CONFIG=
+LXC_USE_OLDCONFIG=
 LXC_STRIP_COMPONENTS=2
 
+
 usage() {
     cat <<EOF
 vagrant-lxc default template
@@ -44,6 +46,7 @@ Required arguments:
 
 Optional arguments:
 [ --config ]: Configuration file to be used when building the container
+[ --oldconfig ]: Use pre LXC 2.1 config format
 [ -h | --help ]: This help message
 
 LXC internal arguments (do not pass manually!):
@@ -57,7 +60,7 @@ EOF
     return 0
 }
 
-options=$(getopt -o h -l tarball:,config:,help:,name:,path:,rootfs:,mapped-uid:,mapped-gid:,strip-components: -- "$@")SS
+options=$(getopt -o h -l tarball:,config:,oldconfig,help:,name:,path:,rootfs:,mapped-uid:,mapped-gid:,strip-components: -- "$@")SS
 
 if [ $? -ne 0 ]; then
     usage $(basename $0)
@@ -70,6 +73,7 @@ do
     case "$1" in
         -h|--help)          usage $0 && exit 0;;
         --config)           LXC_CONFIG=$2; shift 2;;
+        --oldconfig)        LXC_USE_OLDCONFIG=1; shift 1;;
         --tarball)          LXC_TARBALL=$2; shift 2;;
         --name)             LXC_NAME=$2; shift 2;;
         --path)             LXC_PATH=$2; shift 2;;
@@ -144,7 +148,12 @@ if [ -e "${LXC_PATH}/config-auto" ]; then
     cat ${LXC_PATH}/config-auto >> ${LXC_PATH}/config
     rm ${LXC_PATH}/config-auto
 fi
-echo "lxc.utsname = ${LXC_NAME}" >> ${LXC_PATH}/config
+
+if [ $LXC_USE_OLDCONFIG ]; then
+    echo "lxc.utsname = ${LXC_NAME}" >> ${LXC_PATH}/config
+else
+    echo "lxc.uts.name = ${LXC_NAME}" >> ${LXC_PATH}/config
+fi
 
 ## Re-add the previously removed network config
 if [ -e "${LXC_PATH}/config-network" ]; then

scripts/pipework

@@ -390,7 +390,7 @@ else
       ;;
     "")
       if installed ipcalc; then
-        eval $(ipcalc -b $IPADDR)
+        eval "$(ipcalc -b $IPADDR)"
         ip netns exec "$NSPID" ip addr add "$IPADDR" brd "$BROADCAST" dev "$CONTAINER_IFNAME"
       else
         ip netns exec "$NSPID" ip addr add "$IPADDR" dev "$CONTAINER_IFNAME"

spec/unit/action/forward_ports_spec.rb

@@ -24,6 +24,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
     machine.stub_chain(:config, :vm, :networks).and_return(networks)
     machine.stub(provider: provider, data_dir: data_dir)
 
+    subject.stub(redir_version: 3)
     subject.stub(exec: true)
     subject.stub(spawn: pid)
   end
@@ -34,7 +35,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
     subject.stub(system: true)
     subject.call(env)
     expect(subject).to have_received(:spawn).with(
-      "redir --laddr=#{host_ip} --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+      "redir -n #{host_ip}:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
     )
   end
 
@@ -43,7 +44,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
     subject.stub(system: true)
     subject.call(env)
     expect(subject).to have_received(:spawn).with(
-      "redir --laddr=127.0.0.1 --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+      "redir -n 127.0.0.1:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
     )
   end
 
@@ -52,7 +53,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
     subject.stub(system: true)
     subject.call(env)
     expect(subject).to have_received(:spawn).with(
-      "redir --laddr=127.0.0.1 --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+      "redir -n 127.0.0.1:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
     )
   end
 
@@ -70,6 +71,15 @@ describe Vagrant::LXC::Action::ForwardPorts do
     expect(subject).not_to have_received(:spawn)
   end
 
+  it 'uses redir 2.x command line interface' do
+    subject.stub(system: true)
+    subject.stub(redir_version: 2)
+    subject.call(env)
+    expect(subject).to have_received(:spawn).with(
+      "redir --laddr=#{host_ip} --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+    )
+  end
+
   it 'raises RedirNotInstalled error if `redir` is not installed' do
     subject.stub(system: false)
     expect { subject.call(env) }.to raise_error(Vagrant::LXC::Errors::RedirNotInstalled)
@@ -82,7 +92,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
       subject.stub(system: true)
       subject.call(env)
       expect(subject).to have_received(:spawn).with(
-        "sudo redir --laddr=#{host_ip} --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+        "sudo redir -n #{host_ip}:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
       )
     end
 
@@ -91,7 +101,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
       subject.stub(system: true)
       subject.call(env)
       expect(subject).to have_received(:spawn).with(
-        "sudo redir --laddr=127.0.0.1 --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+        "sudo redir -n 127.0.0.1:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
       )
     end
 
@@ -100,7 +110,7 @@ describe Vagrant::LXC::Action::ForwardPorts do
       subject.stub(system: true)
       subject.call(env)
       expect(subject).to have_received(:spawn).with(
-        "sudo redir --laddr=127.0.0.1 --lport=#{host_port} --caddr=#{container_ip} --cport=#{guest_port} 2>/dev/null"
+        "sudo redir -n 127.0.0.1:#{host_port} #{container_ip}:#{guest_port} 2>/dev/null"
       )
     end
   end

spec/unit/driver/cli_spec.rb

@@ -134,39 +134,14 @@ describe Vagrant::LXC::Driver::CLI do
 
     before do
       allow(subject).to receive(:run)
-    end
-
-    context 'lxc-attach is supported' do
-      before do
-        subject.stub(attach: true, supports_attach?: true)
       subject.stop
     end
 
-      it 'runs a /sbin/halt within the container' do
-        expect(subject).to have_received(:attach).with('/sbin/halt')
-      end
-
     it 'issues a lxc-stop with provided container name' do
       expect(subject).to have_received(:run).with(:stop, '--name', name)
     end
   end
 
-    context 'lxc-attach is not supported' do
-      before do
-        subject.stub(attach: false, supports_attach?: false)
-        subject.stop
-      end
-
-      it 'runs a /sbin/halt within the container' do
-        expect(subject).to_not have_received(:attach)
-      end
-
-      it 'issues a lxc-stop with provided container name' do
-        expect(subject).to have_received(:run).with(:stop, '--name', name)
-      end
-    end
-  end
-
   describe 'state' do
     let(:name) { 'a-container' }
     subject    { described_class.new(sudo_wrapper, name) }
@@ -231,33 +206,4 @@ describe Vagrant::LXC::Driver::CLI do
 
     skip 'waits for the expected container state'
   end
-
-  describe 'check for whether lxc-attach is supported' do
-    let(:name) { 'a-running-container' }
-    subject    { described_class.new(sudo_wrapper, name) }
-
-    context 'lxc-attach is present on system' do
-      before { subject.stub(run: true) }
-
-      it 'returns true if `lxc-attach --name CNAME -- /bin/true` works' do
-        expect(subject.supports_attach?).to be_truthy
-        expect(subject).to have_received(:run).with(
-          :attach, '--name', name, '--', '/bin/true'
-        )
-      end
-    end
-
-    context 'lxc-attach is not present on system' do
-      before do
-        allow(subject).to receive(:run).and_raise(Vagrant::LXC::Errors::ExecuteError.new('msg'))
-      end
-
-      it 'returns true if `lxc-attach --name CNAME -- /bin/true` works' do
-        expect(subject.supports_attach?).to be_falsy
-        expect(subject).to have_received(:run).with(
-          :attach, '--name', name, '--', '/bin/true'
-        )
-      end
-    end
-  end
 end

spec/unit/driver_spec.rb

@@ -75,17 +75,6 @@ describe Vagrant::LXC::Driver do
     end
   end
 
-  describe 'supports_attach?' do
-    let(:cli) { double(Vagrant::LXC::Driver::CLI, supports_attach?: true) }
-
-    subject { described_class.new('name', nil, cli) }
-
-    it 'delegates to cli object' do
-      expect(subject.supports_attach?).to be_truthy
-      expect(cli).to have_received(:supports_attach?)
-    end
-  end
-
   describe 'start' do
     let(:customizations)         { [['a', '1'], ['b', '2']] }
     let(:internal_customization) { ['internal', 'customization'] }
@@ -211,9 +200,9 @@ describe Vagrant::LXC::Driver do
           # Blah blah comment
           lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
           lxc.mount.entry = sysfs sys sysfs defaults  0 0
-          lxc.tty = 4
-          lxc.pts = 1024
-          lxc.rootfs = #{rootfs_path}
+          lxc.tty.max = 4
+          lxc.pty.max = 1024
+          lxc.rootfs.path = #{rootfs_path}
           # VAGRANT-BEGIN
           lxc.network.type=veth
           lxc.network.name=eth1
@@ -241,9 +230,9 @@ describe Vagrant::LXC::Driver do
           # Blah blah comment
           lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
           lxc.mount.entry = sysfs sys sysfs defaults  0 0
-          lxc.tty = 4
-          lxc.pts = 1024
-          lxc.rootfs = overlayfs:/path/to/master/directory:#{rootfs_path}
+          lxc.tty.max = 4
+          lxc.pty.max = 1024
+          lxc.rootfs.path = overlayfs:/path/to/master/directory:#{rootfs_path}
           # VAGRANT-BEGIN
           lxc.network.type=veth
           lxc.network.name=eth1