Skip to content

Release history

LXC releases

LXC - Linux Containers

Back to tool Latest release

All releases

2 shown

v7.0.0 Breaking risk
Breaking changes
  • Cgroup1 support removed
  • Bionic/android support removed
  • Assumes kernel support for CLONE_PIDFD, clone3, and new mount API
Security fixes
  • Out-of-bounds read in lxc-user-nic (name_is_in_groupnames)
  • Security issue with lxc-user-nic and OpenVswitch networks
Notable features
  • Landlock protection for LXC monitor
  • Support for OpenRC init system
  • lxc.environment split into runtime and hooks
Full changelog

Announcement

https://discuss.linuxcontainers.org/t/lxc-7-0-lts-has-been-released/26612

What's Changed

  • meson: fix build on NixOS by @mihalicyn in https://github.com/lxc/lxc/pull/4428
  • Don't fail veth creation if ipv6 is disabled by @mihalicyn in https://github.com/lxc/lxc/pull/4432
  • Update lxc-attach.sgml.in by @MMFuba in https://github.com/lxc/lxc/pull/4442
  • Update lxc-execute.sgml.in by @MMFuba in https://github.com/lxc/lxc/pull/4441
  • Update lxc-{attach,execute}.sgml.in by @tenforward in https://github.com/lxc/lxc/pull/4446
  • lxc-local: fix broken templates processing by @jacobmcnamee in https://github.com/lxc/lxc/pull/4450
  • Apparmor profiles syntax fixes by @mihalicyn in https://github.com/lxc/lxc/pull/4452
  • AppArmor fixup by @mihalicyn in https://github.com/lxc/lxc/pull/4456
  • Update GitHub Actions to use Ubuntu 24.04 by @mihalicyn in https://github.com/lxc/lxc/pull/4453
  • meson: fix build with -Dtools-multicall=true on NixOS by @mihalicyn in https://github.com/lxc/lxc/pull/4459
  • Reduce logging for newuidmap/newgidmap by @stgraber in https://github.com/lxc/lxc/pull/4463
  • Exit 0 when there's no error by @Jip-Hop in https://github.com/lxc/lxc/pull/4462
  • doc: Fix definitions of get_config_path and set_config_path by @stgraber in https://github.com/lxc/lxc/pull/4472
  • README: Update security contact by @stgraber in https://github.com/lxc/lxc/pull/4475
  • fix possible clang compile error on AARCH by @yuncang123 in https://github.com/lxc/lxc/pull/4481
  • Add suppport for PuzzleFS images in the oci template by @ariel-miculas in https://github.com/lxc/lxc/pull/4483
  • meson.build: add -ffat-lto-objects by @hallyn in https://github.com/lxc/lxc/pull/4482
  • create_run_template: don't use txtuid and txtguid out of scope by @hallyn in https://github.com/lxc/lxc/pull/4487
  • Avoid null pointer dereference when using shared rootfs by @sgalgano in https://github.com/lxc/lxc/pull/4488
  • meson: fix minor typo by @tttuuu888 in https://github.com/lxc/lxc/pull/4493
  • lxc-net: Replace random IPv6 subnet by @stgraber in https://github.com/lxc/lxc/pull/4495
  • network config of unprivileged containers is not shown by @ElJeffe in https://github.com/lxc/lxc/pull/4497
  • init.lxc: Tweak signal handling by @stgraber in https://github.com/lxc/lxc/pull/4503
  • fix return code of recursive all of cgroup_tree_prune by @gjaekel in https://github.com/lxc/lxc/pull/4491
  • Github Actions improvements by @stgraber in https://github.com/lxc/lxc/pull/4506
    • LXC attach should exit on SIGCHLD by @asainkujovic in https://github.com/lxc/lxc/pull/4509
  • confile-vlanid: undefined is not a zero value by @asainkujovic in https://github.com/lxc/lxc/pull/4510
  • dbus: replace hardcoded dbus address with environment variable by @sdanailo-42 in https://github.com/lxc/lxc/pull/4511
  • conf: useful logging for capabilities by @sdanailo-42 in https://github.com/lxc/lxc/pull/4512
  • lxc/attach: Revert "- LXC attach should exit on SIGCHLD" by @mihalicyn in https://github.com/lxc/lxc/pull/4517
  • config-bcast: fix incorrect broadcast address calculation by @irnes in https://github.com/lxc/lxc/pull/4523
  • github: Switch to native arm64 runners by @stgraber in https://github.com/lxc/lxc/pull/4524
  • Added LXC_IPV6_ENABLE option for lxc-net to enable or disable IPv6 by @mathiasaerts in https://github.com/lxc/lxc/pull/4521
  • sysconfig/lxc: remove false comment by @Managor in https://github.com/lxc/lxc/pull/4527
  • Switch to new MAC address prefix by @stgraber in https://github.com/lxc/lxc/pull/4530
  • github: Add packaging workflow by @stgraber in https://github.com/lxc/lxc/pull/4532
  • A bunch of small fixes by @mihalicyn in https://github.com/lxc/lxc/pull/4533
  • lxc/start: do prctl(PR_SET_DUMPABLE) after last uid/gid switch by @mihalicyn in https://github.com/lxc/lxc/pull/4535
  • start: Re-introduce first SET_DUMPABLE call by @stgraber in https://github.com/lxc/lxc/pull/4536
  • Remove bionic/android support by @stgraber in https://github.com/lxc/lxc/pull/4537
  • meson_options.txt: don't use str when defining bool default values by @simondeziel in https://github.com/lxc/lxc/pull/4540
  • selinux: fix typo (AppArmor) by @hallyn in https://github.com/lxc/lxc/pull/4543
  • lxc/conf,start: fix setting container_ttys environment variable by @RomanGenexis in https://github.com/lxc/lxc/pull/4544
  • delay assumption of apparmor labels by @ianmerin in https://github.com/lxc/lxc/pull/4539
  • meson.build: remove quirk for Ubuntu 14.04 libcap-dev by @simondeziel in https://github.com/lxc/lxc/pull/4548
  • re-enable some tests by @mihalicyn in https://github.com/lxc/lxc/pull/4549
  • conf: Add support for "move" mount flag by @stgraber in https://github.com/lxc/lxc/pull/4550
  • Mount options (lxc.mount.entry) handling improvements by @mihalicyn in https://github.com/lxc/lxc/pull/4547
  • src/tests/oss-fuzz: pin meson to 1.7.2 to workaround build failures by @mihalicyn in https://github.com/lxc/lxc/pull/4552
  • Revert (delay assumption of apparmor labels) to fix a regression by @mihalicyn in https://github.com/lxc/lxc/pull/4554
  • Add loong64 to list of recognized architectures by @gibmat in https://github.com/lxc/lxc/pull/4555
  • meson.build: set LXC_DISTRO_SYSCONF when -Dspecfile=true by @RomanGenexis in https://github.com/lxc/lxc/pull/4557
  • meson.build: fix checks for fsconfig and calls by @DreamConnected in https://github.com/lxc/lxc/pull/4564
  • lxc/lxccontainer: stop printing misleading errors in enter_net_ns() by @mihalicyn in https://github.com/lxc/lxc/pull/4566
  • lxc/process_utils.h: use strsignal() or sys_siglist[] for Non-GNU dis… by @DreamConnected in https://github.com/lxc/lxc/pull/4565
  • A bunch of fixes (Jul 2025) by @mihalicyn in https://github.com/lxc/lxc/pull/4567
  • build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in https://github.com/lxc/lxc/pull/4571
  • README: update links by @kadinsayani in https://github.com/lxc/lxc/pull/4578
  • Implement initial protection of LXC monitor using Landlock by @stgraber in https://github.com/lxc/lxc/pull/4579
  • conf: split lxc.environment into runtime and hooks by @Filiprogrammer in https://github.com/lxc/lxc/pull/4582
  • Enable systemd to create /var/lib/lxc at runtime with StateDirectory by @vishwasudupa in https://github.com/lxc/lxc/pull/4583
  • doc: add lxc.environment.{runtime,hooks} in Japanese man page by @tenforward in https://github.com/lxc/lxc/pull/4584
  • Standardize log file create mode to 0640 by @rsyring in https://github.com/lxc/lxc/pull/4589
  • lxccontainer: check if target exists before remove in create_mount_target() by @kadinsayani in https://github.com/lxc/lxc/pull/4581
  • Automatically detect compression format in the lxc-local template by @stribika in https://github.com/lxc/lxc/pull/4590
  • start: Only include linux/landlock.h when landlock is enabled by @stgraber in https://github.com/lxc/lxc/pull/4592
  • github: Drop focal source packages by @stgraber in https://github.com/lxc/lxc/pull/4595
  • add MFD_NOEXEC_SEAL or MFD_EXEC by default if it‘s available by @DreamConnected in https://github.com/lxc/lxc/pull/4569
  • builds workflow: make .orig.tar.gz unique per build by @hallyn in https://github.com/lxc/lxc/pull/4596
  • build(deps): bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in https://github.com/lxc/lxc/pull/4599
  • Fix meson build generation of apparmor container-base by @gibmat in https://github.com/lxc/lxc/pull/4598
  • Update lxc.spec.in to use meson by @arrowd in https://github.com/lxc/lxc/pull/4602
  • apparmor: skip /proc and /sys restrictions if nesting is enabled by @ThomasLamprecht in https://github.com/lxc/lxc/pull/4609
  • build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in https://github.com/lxc/lxc/pull/4610
  • build: Check if P_PIDFD is defined by @jaeyoonjung in https://github.com/lxc/lxc/pull/4614
  • Ensure do_lxcapi_unfreeze returns false when getstate errors by @FernandoPicazo in https://github.com/lxc/lxc/pull/4601
  • Fix "initializer-string for character array is too long, array size is 16 but initializer has size 17" compile error with clang 21 by @James-Featherston in https://github.com/lxc/lxc/pull/4617
  • checkonfig: Fixed compatible with toybox/gunzip by @yangh in https://github.com/lxc/lxc/pull/4618
  • Fallback to XDG_RUNTIME_DIR when /run not found by @yangh in https://github.com/lxc/lxc/pull/4620
  • Add checks for "lxc-net fails when kernel has no IPv6" by @James-Featherston in https://github.com/lxc/lxc/pull/4621
  • added "--rbduser" option in "lxc-create -B rbd" by @Rahik-Sikder in https://github.com/lxc/lxc/pull/4622
  • build(deps): bump actions/upload-artifact from 5 to 6 by @dependabot[bot] in https://github.com/lxc/lxc/pull/4625
  • Add Meson option for enabling API documentation generation with Doxygen by @chackoj-1204 in https://github.com/lxc/lxc/pull/4615
  • Fix "lxc-copy with overlayfs throws an error" by @James-Featherston in https://github.com/lxc/lxc/pull/4624
  • Do not ignore lxc.init.groups when using userns by @Filiprogrammer in https://github.com/lxc/lxc/pull/4626
  • Added documentation on unprivileged LXC containers by @chackoj-1204 in https://github.com/lxc/lxc/pull/4616
  • cgfsng: fix reboots when using dbus by @hallyn in https://github.com/lxc/lxc/pull/4628
  • Improve the dbus scope creation error handling by @hallyn in https://github.com/lxc/lxc/pull/4629
  • Improve build flow in https://github.com/lxc/lxc/pull/4574
  • github: test io_uring-based event loop by @mihalicyn in https://github.com/lxc/lxc/pull/4631
  • lxc-attach: fix data corruption during heavy IO on PTS by @mihalicyn in https://github.com/lxc/lxc/pull/4633
  • src/confile: fix values of lxc.cap.keep and lxc.cap.drop by @DreamConnected in https://github.com/lxc/lxc/pull/4634
  • lxc: added support OpenRC init system by @GermanAizek in https://github.com/lxc/lxc/pull/4636
  • meson.build: fix openat2 include typo, fix with glibc-2.43 +FORTIFY by @juippis in https://github.com/lxc/lxc/pull/4642
  • meson.build: fix open_how include with glibc-2.43+ by @DreamConnected in https://github.com/lxc/lxc/pull/4645
  • lxc/network: save/restore physical network interfaces altnames by @mihalicyn in https://github.com/lxc/lxc/pull/4649
  • lxc/network: define netlink uAPI constants for link properties by @mihalicyn in https://github.com/lxc/lxc/pull/4650
  • cmd/lxc-user-nic: prevent OOB read in name_is_in_groupnames by @mihalicyn in https://github.com/lxc/lxc/pull/4651
  • Update Japanese man pages by @tenforward in https://github.com/lxc/lxc/pull/4653
  • build(deps): bump actions/upload-artifact from 6 to 7 by @dependabot[bot] in https://github.com/lxc/lxc/pull/4654
  • utils: Add quotes around exec arguments by @stgraber in https://github.com/lxc/lxc/pull/4659
  • utils: Update buffer size to account for quotes by @stgraber in https://github.com/lxc/lxc/pull/4660
  • Fix issue where pidfd_ functions were not being detected during meson… by @alex14641 in https://github.com/lxc/lxc/pull/4658
  • Fix issue where memfd functions were not being detected during meson setup. by @alex14641 in https://github.com/lxc/lxc/pull/4665
  • tests: mount_injection: ensure cleanup on test failure by @akash-hadke in https://github.com/lxc/lxc/pull/4639
  • Fix issue where lxc-start takes a long time to start up on a cgroup v2 system without systemd. by @alex14641 in https://github.com/lxc/lxc/pull/4666
  • [nesting] Extend mount permissions in apparmor to allow systemd servi… by @P-EB in https://github.com/lxc/lxc/pull/4668
  • remove cgroup1 support by @mihalicyn in https://github.com/lxc/lxc/pull/4671
  • assume CLONE_PIDFD, clone3, new mount api are supported by @mihalicyn in https://github.com/lxc/lxc/pull/4672
  • apparmor: allow nosymfollow remounts by @mihalicyn in https://github.com/lxc/lxc/pull/4466
  • lsm/apparmor: allow binfmt_misc RW mounts by @mihalicyn in https://github.com/lxc/lxc/pull/4673
  • tests/lxc-test-lxc-attach: Increase sleep time by @gibmat in https://github.com/lxc/lxc/pull/4674
  • Don't leak an open fd by @hallyn in https://github.com/lxc/lxc/pull/4677
  • lvm.c: make sure tp gets freed by @hallyn in https://github.com/lxc/lxc/pull/4676
  • Fix security issue with lxc-user-nic and OpenVswitch networks by @stgraber in https://github.com/lxc/lxc/pull/4678

New Contributors

  • @MMFuba made their first contribution in https://github.com/lxc/lxc/pull/4442
  • @Jip-Hop made their first contribution in https://github.com/lxc/lxc/pull/4462
  • @yuncang123 made their first contribution in https://github.com/lxc/lxc/pull/4481
  • @sgalgano made their first contribution in https://github.com/lxc/lxc/pull/4488
  • @tttuuu888 made their first contribution in https://github.com/lxc/lxc/pull/4493
  • @asainkujovic made their first contribution in https://github.com/lxc/lxc/pull/4509
  • @sdanailo-42 made their first contribution in https://github.com/lxc/lxc/pull/4511
  • @irnes made their first contribution in https://github.com/lxc/lxc/pull/4523
  • @mathiasaerts made their first contribution in https://github.com/lxc/lxc/pull/4521
  • @Managor made their first contribution in https://github.com/lxc/lxc/pull/4527
  • @RomanGenexis made their first contribution in https://github.com/lxc/lxc/pull/4544
  • @ianmerin made their first contribution in https://github.com/lxc/lxc/pull/4539
  • @DreamConnected made their first contribution in https://github.com/lxc/lxc/pull/4564
  • @kadinsayani made their first contribution in https://github.com/lxc/lxc/pull/4578
  • @Filiprogrammer made their first contribution in https://github.com/lxc/lxc/pull/4582
  • @vishwasudupa made their first contribution in https://github.com/lxc/lxc/pull/4583
  • @rsyring made their first contribution in https://github.com/lxc/lxc/pull/4589
  • @stribika made their first contribution in https://github.com/lxc/lxc/pull/4590
  • @arrowd made their first contribution in https://github.com/lxc/lxc/pull/4602
  • @jaeyoonjung made their first contribution in https://github.com/lxc/lxc/pull/4614
  • @FernandoPicazo made their first contribution in https://github.com/lxc/lxc/pull/4601
  • @James-Featherston made their first contribution in https://github.com/lxc/lxc/pull/4617
  • @yangh made their first contribution in https://github.com/lxc/lxc/pull/4618
  • @Rahik-Sikder made their first contribution in https://github.com/lxc/lxc/pull/4622
  • @chackoj-1204 made their first contribution in https://github.com/lxc/lxc/pull/4615
  • @GermanAizek made their first contribution in https://github.com/lxc/lxc/pull/4636
  • @juippis made their first contribution in https://github.com/lxc/lxc/pull/4642
  • @alex14641 made their first contribution in https://github.com/lxc/lxc/pull/4658
  • @akash-hadke made their first contribution in https://github.com/lxc/lxc/pull/4639

Full Changelog: https://github.com/lxc/lxc/compare/v6.0.0...v7.0.0

View release on GitHub
v6.0.6 Maintenance

Announcement: https://discuss.linuxcontainers.org/t/lxc-6-0-6-lts-has-been-released/26294 **Full Changelog**: https://github.com/lxc/lxc/compare/v6.0.5...v6.0.6

View release on GitHub

Beta — feedback welcome: [email protected]