Djam/lxc
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/lxc.git synced 2025-02-23 13:42:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

upd: v2 -> v4 (based on OpenMandriva package)

Browse source
This commit is contained in:
Mikhail Novosyolov 2021-01-02 14:23:51 +03:00
parent ac4665f7d9
commit 8a373a85f9
12 changed files with 1195 additions and 673 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.abf.yml
View file

@ -1,2 +1,5 @@
sources:
lxc-2.0.8.tar.gz: 65883786c24312ab36e53231e312d94851957516
lua-lxc-3.0.2.tar.gz: bb958257c86b70f9bde90c604f7fbe7de971d61f
lxc-4.0.5.tar.gz: 357d13be8bbf6513b7db7fd55adf834944eff735
lxc-templates-3.0.4.tar.gz: 8a726151ff3fe0e51950783cccee39608fb4ccac
python3-lxc-3.0.4.tar.gz: 1f1251146d7828d6d27080cd0730458c74fc6a34

7
dnsmasq-rule Normal file
View file

@ -0,0 +1,7 @@
# Tell any system-wide dnsmasq instance to make sure to bind to interfaces
# instead of listening on 0.0.0.0
# WARNING: changes to this file will get lost if lxc is removed.
bind-interfaces
listen-address=10.0.3.1
dhcp-range=10.0.3.2,10.0.3.254
interface=lxcbr0

11
fix-systemd-path.patch Normal file
View file

@ -0,0 +1,11 @@
--- lxc-1.0.5/config/init/systemd/Makefile.am.0003~ 2014-08-29 10:25:23.586235868 +0200
+++ lxc-1.0.5/config/init/systemd/Makefile.am 2014-08-29 10:26:47.246189975 +0200
@@ -3,7 +3,7 @@ EXTRA_DIST = \
lxc.service
if INIT_SCRIPT_SYSTEMD
-SYSTEMD_UNIT_DIR = $(prefix)/lib/systemd/system
+SYSTEMD_UNIT_DIR = /lib/systemd/system
lxc-autostart-helper: ../sysvinit/lxc.in $(top_builddir)/config.status
$(AM_V_GEN)sed \

6
ifcfg-lxcbr0 Normal file
View file

@ -0,0 +1,6 @@
DEVICE="lxcbr0"
TYPE="Bridge"
BOOTPROTO="static"
IPADDR=10.0.3.1
NETMASK=255.255.255.0
ONBOOT="yes"

13
lxc-3.1.0-python-linkage.patch Normal file
View file

@ -0,0 +1,13 @@
diff -up lxc-3.1.0/python3-lxc-3.0.4/setup.py.omv~ lxc-3.1.0/python3-lxc-3.0.4/setup.py
--- lxc-3.1.0/python3-lxc-3.0.4/setup.py.omv~ 2018-12-18 23:25:39.983905986 +0100
+++ lxc-3.1.0/python3-lxc-3.0.4/setup.py 2018-12-18 23:26:45.824787110 +0100
@@ -59,6 +59,9 @@ class LxcBuildExtCommand(BuildExtCommand
self.no_pkg_config = False
def build_extensions(self):
+ self.compiler.add_include_dir('../src')
+ self.compiler.add_library_dir('../src/lxc')
+ self.compiler.add_library_dir('../src/lxc/.libs')
if not self.no_pkg_config:
pkg_config_executable = os.environ.get('PKG_CONFIG_EXECUTABLE',
'pkg-config')

677
lxc-templates-openmandriva.patch Normal file
View file

@ -0,0 +1,677 @@
diff -up lxc-4.0.4/lxc-templates-3.0.4/templates/lxc-openmandriva.in.omv~ lxc-4.0.4/lxc-templates-3.0.4/templates/lxc-openmandriva.in
--- lxc-4.0.4/lxc-templates-3.0.4/templates/lxc-openmandriva.in.omv~ 2020-09-05 04:53:14.855357587 +0200
+++ lxc-4.0.4/lxc-templates-3.0.4/templates/lxc-openmandriva.in 2020-09-05 05:03:24.410757803 +0200
@@ -10,6 +10,7 @@
# Authors:
# Alexander Khryukin <alexander@mezon.ru>
# Vokhmin Alexey V <avokhmin@gmail.com>
+# Bernhard Rosenkraenzer <bero@lindev.ch>
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -28,12 +29,12 @@
# Detect use under userns (unsupported)
for arg in "$@"; do
- [ "$arg" = "--" ] && break
- if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
- echo "This template can't be used for unprivileged containers." 1>&2
- echo "You may want to try the \"download\" template instead." 1>&2
- exit 1
- fi
+ [ "$arg" = "--" ] && break
+ if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
+ echo "This template can't be used for unprivileged containers." 1>&2
+ echo "You may want to try the \"download\" template instead." 1>&2
+ exit 1
+ fi
done
# Make sure the usual locations are in PATH
@@ -50,184 +51,183 @@ lxc_network_type=veth
-lxc_network_link=br0
+lxc_network_link=lxcbr0
# is this openmandriva?
-[ -f /etc/mandriva-release ] && is_openmandriva=true
+grep -q OpenMandriva /etc/os-release && is_openmandriva=true
configure_openmandriva()
{
-mkdir -p ${rootfs_path}/etc/sysconfig/network-scripts/
+ # set the hostname
+ echo "${utsname}" > ${rootfs_path}/etc/hostname
- # configure the network using the dhcp
- cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
-DEVICE=eth0
-ONBOOT=yes
-BOOTPROTO=dhcp
-NM_CONTROLLED=no
-HOSTNAME=${utsname}
-EOF
-
- # set the hostname
- cat <<EOF > ${rootfs_path}/etc/sysconfig/network
-NETWORKING=yes
-HOSTNAME=${utsname}
-EOF
-
-echo "${utsname}" > ${rootfs_path}/etc/hostname
-
- # set minimal hosts
- cat <<EOF > $rootfs_path/etc/hosts
+ # set minimal hosts
+ cat <<EOF > $rootfs_path/etc/hosts
127.0.0.1 localhost.localdomain localhost $utsname
-::1 localhost6.localdomain6 localhost6
+::1 localhost6.localdomain6 localhost6
EOF
}
populate_dev()
{
- echo -n "Create devices in /dev/"
- dev_path="${rootfs_path}/dev"
- rm -rf $dev_path
- mkdir -p $dev_path
- mknod -m 666 ${dev_path}/null c 1 3
- mknod -m 666 ${dev_path}/zero c 1 5
- mknod -m 666 ${dev_path}/random c 1 8
- mknod -m 666 ${dev_path}/urandom c 1 9
- mkdir -m 755 ${dev_path}/pts
- mkdir -m 1777 ${dev_path}/shm
- mknod -m 666 ${dev_path}/tty c 5 0
- mknod -m 666 ${dev_path}/tty0 c 4 0
- mknod -m 666 ${dev_path}/tty1 c 4 1
- mknod -m 666 ${dev_path}/tty2 c 4 2
- mknod -m 666 ${dev_path}/tty3 c 4 3
- mknod -m 666 ${dev_path}/tty4 c 4 4
- mknod -m 600 ${dev_path}/console c 5 1
- mknod -m 666 ${dev_path}/full c 1 7
- mknod -m 600 ${dev_path}/initctl p
- mknod -m 666 ${dev_path}/ptmx c 5 2
- mkdir -m 755 ${dev_path}/net
- mknod -m 666 ${dev_path}/net/tun c 10 200
-
+ echo -n "Create devices in /dev/"
+ dev_path="${rootfs_path}/dev"
+ rm -rf $dev_path
+ mkdir -p $dev_path
+ mknod -m 666 ${dev_path}/null c 1 3
+ mknod -m 666 ${dev_path}/zero c 1 5
+ mknod -m 666 ${dev_path}/random c 1 8
+ mknod -m 666 ${dev_path}/urandom c 1 9
+ mkdir -m 755 ${dev_path}/pts
+ mkdir -m 1777 ${dev_path}/shm
+ mknod -m 666 ${dev_path}/tty c 5 0
+ mknod -m 666 ${dev_path}/tty0 c 4 0
+ mknod -m 666 ${dev_path}/tty1 c 4 1
+ mknod -m 666 ${dev_path}/tty2 c 4 2
+ mknod -m 666 ${dev_path}/tty3 c 4 3
+ mknod -m 666 ${dev_path}/tty4 c 4 4
+ mknod -m 666 ${dev_path}/tty5 c 4 5
+ mknod -m 666 ${dev_path}/tty6 c 4 6
+ mknod -m 600 ${dev_path}/console c 5 1
+ mknod -m 666 ${dev_path}/full c 1 7
+ mknod -m 600 ${dev_path}/initctl p
+ mknod -m 666 ${dev_path}/ptmx c 5 2
+ mkdir -m 755 ${dev_path}/net
+ mknod -m 666 ${dev_path}/net/tun c 10 200
}
set_guest_root_password()
{
- [ -z "$root_password" ] && return # pass is empty, abort
+ [ -z "$root_password" ] && return # pass is empty, abort
- echo " - setting guest root password.."
- echo "root passwd is: $root_password"
- echo "root:$root_password" | chroot "$rootfs_path" chpasswd
- echo "done."
+ echo " - setting guest root password.."
+ echo "root passwd is: $root_password"
+ echo "root:$root_password" | chroot "$rootfs_path" chpasswd
+ echo "done."
}
create_chroot_openmandriva()
{
- # check the mini openmandriva was not already downloaded
- INSTALL_ROOT=$cache/cache
- mkdir -p $INSTALL_ROOT
- if [ $? -ne 0 ]; then
- echo "Failed to create '$INSTALL_ROOT' directory"
- return 1
- fi
- # package list to install
- PKG_LIST="basesystem-minimal locales locales-en initscripts urpmi cronie dhcp-client kbd"
- # download a mini openmandriva into a cache
- echo "Downloading openmandriva minimal ..."
- URPMI="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main http://abf.rosalinux.ru/downloads/$release/repository/$arch/main/release"
- echo $URPMI
- URPMI_BASE="/usr/sbin/urpmi --no-suggests --no-verify-rpm --ignorearch --root $INSTALL_ROOT --urpmi-root $INSTALL_ROOT --auto $PKG_LIST"
- $URPMI
- $URPMI_BASE
- # We're splitting the old loop into two loops plus a directory retrival.
- # First loop... Try and retrive a mirror list with retries and a slight
- # delay between attempts...
- if [ $? -ne 0 ]; then
- echo "Failed to download the rootfs, aborting."
- return 1
- fi
+ # check the mini openmandriva was not already downloaded
+ INSTALL_ROOT=$cache/cache
+ mkdir -p $INSTALL_ROOT
+ if [ $? -ne 0 ]; then
+ echo "Failed to create '$INSTALL_ROOT' directory"
+ return 1
+ fi
+
+ # Poor man's version of "dnf install --installroot=" --
+ # need to get the repository configs from rpm packages
+ # without having the repositories configured...
+ PKGS=http://abf-downloads.openmandriva.org/$release/repository/$arch/main/release/
+ curl -s -L $PKGS |grep '^<a' |cut -d'"' -f2 >PACKAGES
+ PRE_PACKAGES="distro-release-repos"
+ for i in $PRE_PACKAGES; do
+ P=`grep "^$i-[0-9].*" PACKAGES`
+ if [ "$?" != "0" ]; then
+ echo "Can't find $i package for target" >&2
+ exit 1
+ fi
+ curl -O $PKGS/$P
+ rpm -r $INSTALL_ROOT -Uvh --ignorearch --nodeps $P
+ done
+
+ # package list to install
+ PKG_LIST="basesystem-minimal locales locales-en systemd dnf networkmanager kbd"
+ # download a mini openmandriva into a cache
+ echo "Downloading openmandriva minimal ..."
+ DNF="/usr/bin/dnf -y install --nogpgcheck --installroot=$INSTALL_ROOT --releasever=$release --forcearch=arch $PKG_LIST"
+ echo $DNF
+ $DNF
+ # We're splitting the old loop into two loops plus a directory retrival.
+ # First loop... Try and retrive a mirror list with retries and a slight
+ # delay between attempts...
+ if [ $? -ne 0 ]; then
+ echo "Failed to download the rootfs, aborting."
+ return 1
+ fi
- mv "$INSTALL_ROOT" "$cache/rootfs"
- echo "Download complete."
-
- return 0
+ mv "$INSTALL_ROOT" "$cache/rootfs"
+ echo "Download complete."
+ return 0
}
copy_openmandriva()
{
- echo -n "Copying rootfs to $rootfs_path ..."
- mkdir -p $rootfs_path
- rsync -SHaAX $cache/rootfs/ $rootfs_path/
- return 0
+ echo -n "Copying rootfs to $rootfs_path ..."
+ mkdir -p $rootfs_path
+ rsync -SHaAX $cache/rootfs/ $rootfs_path/
+ return 0
}
update_openmandriva()
{
- echo "automated update in progress..."
- urpmi --root $cache/rootfs --urpmi-root $cache/rootfs --auto --auto-update --ignorearch
+ echo "automated update in progress..."
+ dnf -y distro-sync --installroot=$cache/rootfs
}
configure_openmandriva_systemd()
{
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd.service
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
- # remove numlock service
- # KDGKBLED: Inappropriate ioctl for device
- rm -f ${rootfs_path}/etc/systemd/system/getty@.service.d/enable-numlock.conf
-
- unlink ${rootfs_path}/etc/systemd/system/default.target
- chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
- sed -i 's!ConditionPathExists=/dev/tty0!ConditionPathExists=|/dev/tty0\nConditionVirtualization=|lxc!' \
- ${rootfs_path}/lib/systemd/system/getty\@.service
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd.service
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
+ # remove numlock service
+ # KDGKBLED: Inappropriate ioctl for device
+ rm -f ${rootfs_path}/etc/systemd/system/getty@.service.d/enable-numlock.conf
+
+ unlink ${rootfs_path}/etc/systemd/system/default.target
+ chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+ sed -i 's!ConditionPathExists=/dev/tty0!ConditionPathExists=|/dev/tty0\nConditionVirtualization=|lxc!' \
+ ${rootfs_path}/lib/systemd/system/getty\@.service
}
install_openmandriva()
{
- mkdir -p @LOCALSTATEDIR@/lock/subsys/
- (
- flock -x 9
- if [ $? -ne 0 ]; then
- echo "Cache repository is busy."
- return 1
- fi
-
- echo "Checking cache download in $cache/rootfs ... "
- if [ ! -e "$cache/rootfs" ]; then
- echo $cache/rootfs
- create_chroot_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to download 'openmandriva basesystem-minimal'"
- return 1
- fi
- else
- echo "Cache found. Updating..."
- update_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to update 'openmandriva base', continuing with last known good cache"
- else
- echo "Update finished"
- fi
- fi
-
- echo "Copy $cache/rootfs to $rootfs_path ... "
- copy_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to copy rootfs"
- return 1
- fi
- return 0
- ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
+ mkdir -p @LOCALSTATEDIR@/lock/subsys/
+ (
+ flock -x 9
+ if [ $? -ne 0 ]; then
+ echo "Cache repository is busy."
+ return 1
+ fi
+
+ echo "Checking cache download in $cache/rootfs ... "
+ if [ ! -e "$cache/rootfs" ]; then
+ echo $cache/rootfs
+ create_chroot_openmandriva
+ if [ $? -ne 0 ]; then
+ echo "Failed to download 'openmandriva basesystem-minimal'"
+ return 1
+ fi
+ else
+ echo "Cache found. Updating..."
+ update_openmandriva
+ if [ $? -ne 0 ]; then
+ echo "Failed to update 'openmandriva base', continuing with last known good cache"
+ else
+ echo "Update finished"
+ fi
+ fi
+
+ echo "Copy $cache/rootfs to $rootfs_path ... "
+ copy_openmandriva
+ if [ $? -ne 0 ]; then
+ echo "Failed to copy rootfs"
+ return 1
+ fi
+ return 0
+ ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
- return $?
+ return $?
}
copy_configuration()
{
- mkdir -p $config_path
- grep -q "^lxc.rootfs.path" $config_path/config 2>/dev/null || echo "lxc.rootfs.path = $rootfs_path" >> $config_path/config
- cat <<EOF >> $config_path/config
+ mkdir -p $config_path
+ grep -q "^lxc.rootfs.path" $config_path/config 2>/dev/null || echo "lxc.rootfs.path = $rootfs_path" >> $config_path/config
+ cat <<EOF >> $config_path/config
lxc.uts.name = $name
lxc.tty.max = 4
lxc.pty.max = 1024
@@ -245,26 +243,26 @@ lxc.net.0.name = eth0
lxc.net.0.mtu = 1500
EOF
if [ ! -z ${ipv4} ]; then
- cat <<EOF >> $config_path/config
+ cat <<EOF >> $config_path/config
lxc.net.0.ipv4.address = $ipv4
EOF
fi
if [ ! -z ${gw} ]; then
- cat <<EOF >> $config_path/config
+ cat <<EOF >> $config_path/config
lxc.net.0.ipv4.gateway = $gw
EOF
fi
if [ ! -z ${ipv6} ]; then
- cat <<EOF >> $config_path/config
+ cat <<EOF >> $config_path/config
lxc.net.0.ipv6.address = $ipv6
EOF
fi
if [ ! -z ${gw6} ]; then
- cat <<EOF >> $config_path/config
+ cat <<EOF >> $config_path/config
lxc.net.0.ipv6.gateway = $gw6
EOF
fi
- cat <<EOF >> $config_path/config
+ cat <<EOF >> $config_path/config
#cgroups
lxc.cgroup.devices.deny = a
# /dev/null and zero
@@ -284,201 +282,190 @@ lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 10:135 rwm
EOF
- if [ $? -ne 0 ]; then
- echo "Failed to add configuration"
- return 1
- fi
+ if [ $? -ne 0 ]; then
+ echo "Failed to add configuration"
+ return 1
+ fi
- return 0
+ return 0
}
clean()
{
- if [ ! -e $cache ]; then
- exit 0
- fi
-
- # lock, so we won't purge while someone is creating a repository
- (
- flock -x 9
- if [ $? != 0 ]; then
- echo "Cache repository is busy."
- exit 1
- fi
-
- echo -n "Purging the download cache for OpenMandriva-$release..."
- rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
- exit 0
- ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
+ if [ ! -e $cache ]; then
+ exit 0
+ fi
+
+ # lock, so we won't purge while someone is creating a repository
+ (
+ flock -x 9
+ if [ $? != 0 ]; then
+ echo "Cache repository is busy."
+ exit 1
+ fi
+
+ echo -n "Purging the download cache for OpenMandriva-$release..."
+ rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+ exit 0
+ ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
}
usage()
{
- cat <<EOF
+ cat <<EOF
usage:
- $1 -n|--name=<container_name>
- [-p|--path=<path>] [-c|--clean] [-R|--release=<openmandriva2013.0/rosa2012.1/cooker/ release>]
- [-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
- [-g|--gw=<gw address>] [-d|--dns=<dns address>]
- [-P|--profile=<name of the profile>] [--rootfs=<path>]
- [-A|--arch=<arch of the container>]
- [-h|--help]
+ $1 -n|--name=<container_name>
+ [-p|--path=<path>] [-c|--clean] [-R|--release=<openmandriva2013.0/rosa2012.1/cooker/ release>]
+ [-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
+ [-g|--gw=<gw address>] [-d|--dns=<dns address>]
+ [-P|--profile=<name of the profile>] [--rootfs=<path>]
+ [-A|--arch=<arch of the container>]
+ [-h|--help]
Mandatory args:
- -n,--name container name, used to as an identifier for that container from now on
+ -n,--name container name, used to as an identifier for that container from now on
Optional args:
- -p,--path path to where the container rootfs will be created, defaults to @LXCPATH@. The container config will go under @LXCPATH@ in that case
- -c,--clean clean the cache
- -R,--release openmandriva2013.0/cooker/rosa2012.1 release for the new container. if the host is OpenMandriva, then it will default to the host's release.
- -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
- -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
- -g,--gw specify the default gw, eg. 192.168.1.1
- -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
- -d,--dns specify the DNS server, eg. 192.168.1.2
- -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
- -A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl]
- ---rootfs rootfs path
- -h,--help print this help
+ -p,--path path to where the container rootfs will be created, defaults to @LXCPATH@. The container config will go under @LXCPATH@ in that case
+ -c,--clean clean the cache
+ -R,--release openmandriva2013.0/cooker/rosa2012.1 release for the new container. if the host is OpenMandriva, then it will default to the host's release.
+ -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
+ -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
+ -g,--gw specify the default gw, eg. 192.168.1.1
+ -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
+ -d,--dns specify the DNS server, eg. 192.168.1.2
+ -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
+ -A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl]
+ ---rootfs rootfs path
+ -h,--help print this help
EOF
- return 0
+ return 0
}
options=$(getopt -o hp:n:P:cR:4:6:g:d:A -l help,rootfs:,path:,name:,profile:,clean:,release:,ipv4:,ipv6:,gw:,dns:,arch: -- "$@")
if [ $? -ne 0 ]; then
- usage $(basename $0)
- exit 1
+ usage $(basename $0)
+ exit 1
fi
eval set -- "$options"
release=${release:-"cooker"}
-if [ -f /etc/lsb-release ]; then
- . /etc/lsb-release
- if [ "$DISTRIB_ID" = "OpenMandrivaLinux" ]; then
- release=openmandriva2013.0
- elif [ "$DISTRIB_ID" = "RosaDesktop.Fresh" ]; then
- release=rosa2012.1
- else
- echo "This is not an OpenMandriva or ROSA release"
- exit 1
- fi
-fi
while true
do
- case "$1" in
- -h|--help) usage $0 && exit 0;;
- -p|--path) path=$2; shift 2;;
- --rootfs) rootfs_path=$2; shift 2;;
- -n|--name) name=$2; shift 2;;
- -P|--profile) profile=$2; shift 2;;
- -c|--clean) clean=1; shift 1;;
- -R|--release) release=$2; shift 2;;
- -A|--arch) arch=$2; shift 2;;
- -4|--ipv4) ipv4=$2; shift 2;;
- -6|--ipv6) ipv6=$2; shift 2;;
- -g|--gw) gw=$2; shift 2;;
- -d|--dns) dns=$2; shift 2;;
- --) shift 1; break ;;
- *) break ;;
- esac
+ case "$1" in
+ -h|--help) usage $0 && exit 0;;
+ -p|--path) path=$2; shift 2;;
+ --rootfs) rootfs_path=$2; shift 2;;
+ -n|--name) name=$2; shift 2;;
+ -P|--profile) profile=$2; shift 2;;
+ -c|--clean) clean=1; shift 1;;
+ -R|--release) release=$2; shift 2;;
+ -A|--arch) arch=$2; shift 2;;
+ -4|--ipv4) ipv4=$2; shift 2;;
+ -6|--ipv6) ipv6=$2; shift 2;;
+ -g|--gw) gw=$2; shift 2;;
+ -d|--dns) dns=$2; shift 2;;
+ --) shift 1; break ;;
+ *) break ;;
+ esac
done
arch=${arch:-$hostarch}
if [ ! -z "$clean" -a -z "$path" ]; then
- clean || exit 1
- exit 0
+ clean || exit 1
+ exit 0
fi
if [ -z "${utsname}" ]; then
- utsname=${name}
+ utsname=${name}
fi
type urpmi >/dev/null 2>&1
if [ $? -ne 0 ]; then
- echo "'urpmi' command is missing"
- exit 1
+ echo "'urpmi' command is missing"
+ exit 1
fi
if [ -z "$path" ]; then
- path=$default_path
+ path=$default_path
fi
if [ -z "$profile" ]; then
- profile=$default_profile
+ profile=$default_profile
fi
-if [ $hostarch = "i586" -a $arch = "x86_64" ]; then
- echo "can't create x86_64 container on i586"
- exit 1
+if [ $hostarch = "i686" -a $arch = "x86_64" ]; then
+ echo "can't create x86_64 container on i686"
+ exit 1
fi
if [ -z "$ipv4" -a -z "$ipv6" ]; then
- BOOTPROTO="dhcp"
+ BOOTPROTO="dhcp"
else
- BOOTPROTO="static"
+ BOOTPROTO="static"
fi
if [ "$(id -u)" != "0" ]; then
- echo "This script should be run as 'root'"
- exit 1
+ echo "This script should be run as 'root'"
+ exit 1
fi
# check for 'lxc.rootfs.path' passed in through default config by lxc-create
if [ -z "$rootfs_path" ]; then
- if grep -q '^lxc.rootfs.path' $path/config 2>/dev/null ; then
- rootfs_path=$(awk -F= '/^lxc.rootfs.path =/{ print $2 }' $path/config)
- else
- rootfs_path=$path/$name/rootfs
- fi
+ if grep -q '^lxc.rootfs.path' $path/config 2>/dev/null ; then
+ rootfs_path=$(awk -F= '/^lxc.rootfs.path =/{ print $2 }' $path/config)
+ else
+ rootfs_path=$path/$name/rootfs
+ fi
fi
config_path=$default_path/$name
cache=$cache_base/$release/$arch/$profile
if [ ! -f $config_path/config ]; then
- echo "A container with that name exists, chose a different name"
- exit 1
+ echo "A container with that name exists, chose a different name"
+ exit 1
fi
install_openmandriva
if [ $? -ne 0 ]; then
- echo "failed to install openmandriva"
- exit 1
+ echo "failed to install openmandriva"
+ exit 1
fi
configure_openmandriva
if [ $? -ne 0 ]; then
- echo "failed to configure openmandriva for a container"
- exit 1
+ echo "failed to configure openmandriva for a container"
+ exit 1
fi
# If the systemd configuration directory exists - set it up for what we need.
if [ -d ${rootfs_path}/etc/systemd/system ]
then
- configure_openmandriva_systemd
+ configure_openmandriva_systemd
fi
populate_dev
if [ $? -ne 0 ]; then
- echo "failed to populated /dev/ devices"
- exit 1
+ echo "failed to populated /dev/ devices"
+ exit 1
fi
set_guest_root_password
if [ $? -ne 0 ]; then
- echo "failed to configure password for chroot"
- exit 1
+ echo "failed to configure password for chroot"
+ exit 1
fi
copy_configuration
if [ $? -ne 0 ]; then
- echo "failed write configuration file"
- exit 1
+ echo "failed write configuration file"
+ exit 1
fi
if [ ! -z "$clean" ]; then
- clean || exit 1
- exit 0
+ clean || exit 1
+ exit 0
fi
echo "container rootfs and config created"

1
lxc.rpmlintrc Normal file
View file

@ -0,0 +1 @@
addFilter("E: devel-file-in-non-devel-package")

293
lxc.sh Normal file
View file

@ -0,0 +1,293 @@
#!bash
# bash completion for lxc
### v1.1 20111211
#
# CHANGE LOG:
# v1.1:
# added basic completion for 'lxc $command $container' next syntax
# v1.0:
# initial kork
have lxc-start && {
_lxc_names()
{
COMPREPLY=( $( compgen -W "$( /usr/bin/lxc-ls )" "$cur" ) )
}
_lxc_status()
{
COMPREPLY=( $( compgen -W "RUNNING STOPPED" "$cur" ) )
}
_lxc_templates()
{
COMPREPLY=( $( compgen -W "$( /bin/ls /usr/share/lxc/templates/ | sed -e 's|^lxc-||' )" "$cur" ) )
}
_lxc-start()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -d -f -c -s -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-start lxc-start
_lxc-generic()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-generic lxc-stop
complete -F _lxc-generic lxc-halt
complete -F _lxc-generic lxc-shutdown
complete -F _lxc-generic lxc-kill
complete -F _lxc-generic lxc-monitor
complete -F _lxc-generic lxc-cgroup
complete -F _lxc-generic lxc-unfreeze
_lxc-info()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -s -p -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-info lxc-info
_lxc-wait()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
-s)
_lxc_status "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -s -p -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-wait lxc-wait
_lxc-create()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-t)
_lxc_templates "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -t -f' -- "$cur" ) )
fi
}
complete -F _lxc-create lxc-create
_lxc-console()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -t -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-console lxc-console
_lxc-destroy()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n' -- "$cur" ) )
fi
}
complete -F _lxc-destroy lxc-destroy
_lxc-execute()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -f -s -- -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-execute lxc-execute
_lxc-ps()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -- -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-ps lxc-ps
_lxc-restart()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -S -d -p -f -s -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-restart lxc-restart
_lxc-checkpoint()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
-n)
_lxc_names "$cur"
return 0
;;
esac
if [[ "$cur" == -* ]]
then
COMPREPLY=( $( compgen -W '-n -S -d -p -k -q -o -l' -- "$cur" ) )
fi
}
complete -F _lxc-checkpoint lxc-checkpoint
# next lxc command usage
_lxc-cmd()
{
local cur prev
COMPREPLY=()
_get_comp_words_by_ref cur prev
case $prev in
lxc)
COMPREPLY=( $( compgen -W 'attach cgroup checkconfig checkpoint clone console create destroy execute freeze halt shutdown info kill ls monitor netstat ps restart setcap setuid start stop unfreeze unshare version wait' -- "$cur" ) )
return 0
;;
attach|cgroup|checkconfig|checkpoint|clone|console|create|destroy|execute|freeze|halt|shutdown|info|kill|monitor|netstat|ps|restart|start|stop|unfreeze|unshare|wait)
_lxc_names "$cur"
return 0
;;
esac
}
complete -F _lxc-cmd lxc
}

289
lxc.spec
View file

@ -1,62 +1,76 @@
### XXX This package was mostly copypasted from OpenMandriva
# when upgrading very old lxc v2 to lxc v4 in ROSA 2019.1 (urpmi -> dnf)
# https://github.com/OpenMandrivaAssociation/lxc
# TODO:
# - get rid of network scripts crap
# - try to get rid of dnsmasq
# - rename distro from OpenMandriva to ROSA
# - check if distro script requires fixing
# - check if python bindings from an older version are needed and remove them
# - check what to do with templates from older version
%global _disable_rebuild_configure 0
# The python module doesn't link to libpython
%global _disable_ld_no_undefined 1
%define major 1
%define libname %mklibname lxc %{major}
%define devname %mklibname lxc -d
%define debugcflags %{nil}
%define debug_package %{nil}
%define develname %mklibname lxc -d
%define luaver 5.3
%define lualibdir %{_libdir}/lua/%{luaver}
%define luapkgdir %{_datadir}/lua/%{luaver}
%bcond_with lua
%bcond_without python
%bcond_without lua
%bcond_without python3
Summary: Linux Containers
Name: lxc
Version: 2.0.8
Release: 6
Epoch: 1
License: LGPLv2+
Version: 4.0.5
Release: 1
Summary: Linux Containers
Group: System/Kernel and hardware
Url: http://lxc.sourceforge.net
Source0: https://linuxcontainers.org/downloads/%{name}-%{version}.tar.gz
Patch1: rosa-template.patch
Patch2: rosa-template-make.patch
#Patch3: python-api-build.patch
License: LGPLv2
Epoch: 1
URL: http://lxc.sourceforge.net
Source0: http://linuxcontainers.org/downloads/%{name}-%{version}.tar.gz
Source1: http://linuxcontainers.org/downloads/%{name}-templates-3.0.4.tar.gz
Source2: http://linuxcontainers.org/downloads/lua-%{name}-3.0.2.tar.gz
Source3: http://linuxcontainers.org/downloads/python3-%{name}-3.0.4.tar.gz
Source4: %{name}.sh
Source5: dnsmasq-rule
Source6: ifcfg-lxcbr0
Source7: sysctl-rule
Source100: lxc.rpmlintrc
Patch0: lxc-templates-openmandriva.patch
Patch4: lxc-3.1.0-python-linkage.patch
BuildRequires: docbook-utils
BuildRequires: docbook2x
BuildRequires: doxygen
BuildRequires: kernel-headers
BuildRequires: locales-en
BuildRequires: cap-devel
BuildRequires: seccomp-devel
BuildRequires: selinux-devel
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(libcgmanager)
BuildRequires: pkgconfig(systemd)
BuildRequires: pkgconfig(libsystemd)
Buildrequires: docbook-dtd30-sgml
Buildrequires: docbook2x
BuildRequires: pkgconfig(bash-completion)
%if %{with lua}
BuildRequires: pkgconfig(lua)
Buildrequires: lua-devel
%endif
%if %{with python3}
BuildRequires: pkgconfig(python3)
Requires: python3
Requires: python3-lxc
%if %{with python}
Buildrequires: pkgconfig(python3)
Buildrequires: python3-setuptools
%endif
# needed for lxc-busybox
Recommends: busybox
#Requires: busybox
# needed for lxc-debian
Recommends: dpkg
#Requires: dpkg
# needed for lxc-debian, lxc-ubuntu:
Recommends: debootstrap
Recommends: rsync
#Requires: debootstrap
Requires: rsync
# needed for lxc-sshd
Requires: openssh-server
Recommends: openssh-server
# bridge
Requires: bridge-utils
Conflicts: lxc-doc < 0.7.5
Obsoletes: lxc-doc < 0.7.5
# for lxcbr0, but allow to create it in other ways
Recommends: iptables
Recommends: dnsmasq
%description
The package "%{name}" provides the command lines to create and manage
@ -69,30 +83,45 @@ or the freeze of the container. This package is useful to create
Virtual Private Server, or to run isolated applications like bash or
sshd.
%files -f %{name}.lang
%doc README MAINTAINERS AUTHORS CONTRIBUTING COPYING
%doc %{_docdir}/%{name}/examples/*.conf
%files
%doc %{_docdir}/%{name}
%{_datadir}/%{name}/config/common.conf.d/README
%{_datadir}/%{name}/config/common.seccomp
%{_datadir}/%{name}/selinux/lxc.if
%{_datadir}/%{name}/selinux/lxc.te
%{_sysconfdir}/lxc/default.conf
%{_sysconfdir}/default/lxc
%{_sysconfdir}/bash_completion.d/lxc
%{_sysconfdir}/default/%{name}
%{_bindir}/lxc-*
%{_datadir}/%{name}/%{name}.functions
%{_datadir}/%{name}/config/*.conf
%{_datadir}/lxc/hooks/*
%{_datadir}/lxc/templates/*
%{_libexecdir}/lxc/rootfs/README
%{_libexecdir}/lxc/lxc-*
%{_libexecdir}/lxc/hooks
%{_localstatedir}/lib/%{name}
%{_mandir}/man*/%{name}*
%{_sbindir}/init.lxc
%{_unitdir}/*
%dir %{_libexecdir}/lxc
%{_libexecdir}/lxc/lxc-*
%dir %{_libexecdir}/lxc/hooks
%{_libexecdir}/lxc/hooks/unmount-namespace
%dir %{_datadir}/lxc
%dir %{_datadir}/lxc/config
%dir %{_datadir}/lxc/hooks
%dir %{_datadir}/lxc/templates
%dir %{_datadir}/lxc/selinux
%dir %{_datadir}/lxc/config/common.conf.d
%{_datadir}/lxc/templates/*
%{_datadir}/lxc/hooks/*
%{_datadir}/lxc/selinux/lxc.*
%{_datadir}/lxc/__pycache__
%{_libdir}/lxc/rootfs/README
%{_mandir}/man*/%{name}*
%{_mandir}/ja/man*/*
%{_datadir}/%{name}/config/*.seccomp
%{_datadir}/%{name}/config/*.conf
%{_datadir}/lxc/lxc-patch.py
/var/lib/%{name}
%{_datadir}/%{name}/%{name}.functions
%{_sysconfdir}/dnsmasq.d/lxc
%{_sysconfdir}/sysconfig/network-scripts/ifcfg-lxcbr0
%{_unitdir}/lxc.service
%{_unitdir}/lxc-net.service
%{_sysconfdir}/sysctl.d/99-lxc-oom.conf
%{_sysconfdir}/lxc
%{_unitdir}/lxc@.service
%{_datadir}/bash-completion/completions/lxc
%lang(ko) %{_mandir}/ko/*/*
#----------------------------------------------------------------------------
#-----------------------------------------------------------------------
%package -n %{libname}
Summary: Library for LXC
@ -105,23 +134,22 @@ Library for the Linux Kernel Containers.
%{_libdir}/lib%{name}.so.%{major}
%{_libdir}/lib%{name}.so.%{major}.*
#----------------------------------------------------------------------------
#-----------------------------------------------------------------------
%package -n %{devname}
%package -n %{develname}
Summary: Development files for LXC
Group: Development/C
Requires: %{libname}%{?_isa} = %{EVRD}
Requires: %{libname} = %{EVRD}
%description -n %{devname}
%description -n %{develname}
Developement files for the Linux Kernel Containers.
%files -n %{devname}
%doc COPYING
%{_includedir}/%{name}/*.h
%files -n %{develname}
%{_includedir}/%{name}
%{_libdir}/lib%{name}.so
%{_libdir}/pkgconfig/%{name}.pc
#----------------------------------------------------------------------------
#-----------------------------------------------------------------------
%if %{with lua}
%package -n lua-%{name}
@ -140,10 +168,10 @@ The lua-%{name} package contains the Lua binding for %{name}.
%{luapkgdir}/%{name}.lua
%endif
#----------------------------------------------------------------------------
#-----------------------------------------------------------------------
%if %{with python3}
%package -n python3-%{name}
%if %{with python}
%package -n python3-%{name}
Summary: Python binding for %{name}
Group: System/Libraries
@ -154,58 +182,99 @@ overhead of full virtualization.
The python3-%{name} package contains the Python3 binding for %{name}.
%files -n python3-%{name}
%{py3_platsitedir}/*
%{python3_sitearch}/*
%endif
#----------------------------------------------------------------------------
#-----------------------------------------------------------------------
%prep
%setup -q
%apply_patches
%setup -q -a 1 %{?_with_lua:-a 2} -a 3
%autopatch -p1
# Some adaptation of OMV script
# TODO: name it as ROSA and test it properly
sed -i lxc-templates-*/templates/lxc-openmandriva.in \
-e 's,openmandriva.org,rosalinux.ru,g' \
-e 's,distro-release-repos,rosa-repos,g'
# Clang spews a few more warnings than gcc...
sed -i -e 's,-Werror,,g' configure*
%build
autoreconf -fi
export LC_ALL=en_US.utf8
export LDFLAGS="$LDFLAGS -llua"
%configure F77=no \
--disable-apparmor \
--with-distro=mandriva \
--with-init-script=systemd \
--enable-doc \
--enable-api-docs \
--enable-selinux \
--enable-seccomp \
--enable-capabilities \
--enable-cgmanager \
--enable-examples \
--enable-bash \
--disable-werror \
--with-systemdsystemunitdir=%{_unitdir} \
dir0="$PWD"
[ -e autogen.sh ] && ./autogen.sh || autoreconf -fi
cd "${dir0}"/lxc-templates-*
[ -e autogen.sh ] && ./autogen.sh || autoreconf -fi
%if %{with lua}
--enable-lua \
%else
--disable-lua \
%endif
%if %{with python3}
--enable-python \
%else
--disable-python \
cd "${dir0}"/lua-lxc-*
[ -e autogen.sh ] && ./autogen.sh || autoreconf -fi
%endif
# remove rpath ( rpmlint error )
#sed -i '/AM_LDFLAGS = -Wl,-E -Wl,-rpath -Wl,$(libdir)/d' src/lxc/Makefile.in
%make
cd "$dir0"
%configure \
--disable-apparmor \
--with-init-script=systemd \
--with-distro=openmandriva \
%if %{with lua}
--enable-lua \
%else
--disable-lua \
%endif
%if %{with python}
--enable-python \
%endif
%make_build
cd "${dir0}"/lxc-templates-*
%configure
%make_build
%if %{with lua}
cd "${dir0}"/lua-lxc-*
%configure
%make_build
cd ..
%endif
%if %{with python}
export PKG_CONFIG_PATH=`pwd`
cd "${dir0}"/python3-lxc-*
%__python3 setup.py build
cd ..
%endif
%install
%makeinstall_std templatesdir=%{_datadir}/lxc/templates READMEdir=%{_libexecdir}/lxc/rootfs
dir0="$PWD"
%make_install templatesdir=%{_datadir}/lxc/templates READMEdir=%{_libdir}/lxc/rootfs
cd "${dir0}"/lxc-templates-*
%make_install templatesdir=%{_datadir}/lxc/templates READMEdir=%{_libdir}/lxc/rootfs
cd ..
%if %{with lua}
cd "${dir0}"/lua-lxc-*
%make_install templatesdir=%{_datadir}/lxc/templates READMEdir=%{_libdir}/lxc/rootfs
cd ..
%endif
%if %{with python}
cd "${dir0}"/python3-lxc-*
%__python3 setup.py install --skip-build --root=%{buildroot} --single-version-externally-managed --record=INSTALLED_FILES --optimize=1
cd ..
%endif
mkdir -p %{buildroot}/var/lib/%{name}
mkdir -p %{buildroot}%{_sysconfdir}/dnsmasq.d/
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/
mkdir -p %{buildroot}%{_sysconfdir}/sysctl.d/
install %{SOURCE4} %{buildroot}%{_sysconfdir}/dnsmasq.d/lxc
install %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifcfg-lxcbr0
install %{SOURCE6} %{buildroot}%{_sysconfdir}/sysctl.d/99-lxc-oom.conf
rm -f %{buildroot}%{_datadir}/%{name}/%{name}-patch.py*
# These doc files are empty:
rm -f %{buildroot}%{_docdir}/%{name}/{NEWS,ChangeLog}
%find_lang %{name} --with-man --all-name
sed -i s'#//#/#' %{buildroot}%{_libdir}/pkgconfig/%{name}.pc
# Fix up bogus pkgconfig files
sed -i -e 's,\${prefix}//,/,g' %{buildroot}%{_libdir}/pkgconfig/*

61
rosa-template-make.patch
View file

@ -1,61 +0,0 @@
diff -Naur lxc-2.0.8.orig/configure.ac lxc-2.0.8/configure.ac
--- lxc-2.0.8.orig/configure.ac 2018-06-14 00:15:06.732247216 +0300
+++ lxc-2.0.8/configure.ac 2018-06-14 00:15:06.751247645 +0300
@@ -880,6 +880,7 @@
templates/lxc-fedora
templates/lxc-gentoo
templates/lxc-openmandriva
+ templates/lxc-rosa
templates/lxc-opensuse
templates/lxc-oracle
templates/lxc-plamo
diff -Naur lxc-2.0.8.orig/templates/Makefile.am lxc-2.0.8/templates/Makefile.am
--- lxc-2.0.8.orig/templates/Makefile.am 2018-06-14 00:15:06.738247352 +0300
+++ lxc-2.0.8/templates/Makefile.am 2018-06-14 00:15:06.751247645 +0300
@@ -12,6 +12,7 @@
lxc-fedora \
lxc-gentoo \
lxc-openmandriva \
+ lxc-rosa \
lxc-opensuse \
lxc-oracle \
lxc-plamo \
diff -Naur lxc-2.0.8.orig/templates/Makefile.in lxc-2.0.8/templates/Makefile.in
--- lxc-2.0.8.orig/templates/Makefile.in 2018-06-14 00:15:06.738247352 +0300
+++ lxc-2.0.8/templates/Makefile.in 2018-06-14 00:15:55.017336528 +0300
@@ -106,7 +106,7 @@
lxc-centos lxc-cirros lxc-debian lxc-download lxc-fedora \
lxc-gentoo lxc-openmandriva lxc-opensuse lxc-oracle lxc-plamo \
lxc-slackware lxc-sshd lxc-ubuntu lxc-ubuntu-cloud \
- lxc-sparclinux
+ lxc-sparclinux lxc-rosa
CONFIG_CLEAN_VPATH_FILES =
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
@@ -166,7 +166,8 @@
$(srcdir)/lxc-opensuse.in $(srcdir)/lxc-oracle.in \
$(srcdir)/lxc-plamo.in $(srcdir)/lxc-slackware.in \
$(srcdir)/lxc-sparclinux.in $(srcdir)/lxc-sshd.in \
- $(srcdir)/lxc-ubuntu-cloud.in $(srcdir)/lxc-ubuntu.in
+ $(srcdir)/lxc-ubuntu-cloud.in $(srcdir)/lxc-ubuntu.in \
+ $(srcdir)/lxc-rosa.in $(srcdir)/lxc-rosa.in
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -373,6 +374,7 @@
lxc-fedora \
lxc-gentoo \
lxc-openmandriva \
+ lxc-rosa \
lxc-opensuse \
lxc-oracle \
lxc-plamo \
@@ -436,6 +438,8 @@
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
lxc-openmandriva: $(top_builddir)/config.status $(srcdir)/lxc-openmandriva.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+lxc-rosa: $(top_builddir)/config.status $(srcdir)/lxc-rosa.in
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
lxc-opensuse: $(top_builddir)/config.status $(srcdir)/lxc-opensuse.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
lxc-oracle: $(top_builddir)/config.status $(srcdir)/lxc-oracle.in

501
rosa-template.patch
View file

@ -1,501 +0,0 @@
diff --git a/templates/lxc-rosa.in b/templates/lxc-rosa.in
new file mode 100644
index 0000000..e0a6459
--- /dev/null
+++ b/templates/lxc-rosa.in
@@ -0,0 +1,495 @@
+#!/bin/bash
+
+#
+# template script for generating Rosa container for LXC
+#
+
+#
+# lxc: linux Container library
+
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+#
+
+# Detect use under userns (unsupported)
+for arg in "$@"; do
+ [ "$arg" = "--" ] && break
+ if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
+ echo "This template can't be used for unprivileged containers." 1>&2
+ echo "You may want to try the \"download\" template instead." 1>&2
+ exit 1
+ fi
+done
+
+# Make sure the usual locations are in PATH
+export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
+
+hostarch=$(uname -m)
+cache_base=@LOCALSTATEDIR@/cache/lxc/rosa/$arch
+default_path=@LXCPATH@
+default_profile=default
+root_password=root
+lxc_network_type=none
+# lxc_network_link=br0
+
+# is this Rosa?
+[ -f /etc/rosa-release ] && is_rosa=true
+
+configure_rosa()
+{
+mkdir -p ${rootfs_path}/etc/sysconfig/network-scripts/
+
+ # configure the network using the dhcp
+ cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
+DEVICE=eth0
+ONBOOT=no
+BOOTPROTO=dhcp
+NM_CONTROLLED=no
+HOSTNAME=${utsname}
+EOF
+
+ # set the hostname
+ cat <<EOF > ${rootfs_path}/etc/sysconfig/network
+NETWORKING=yes
+HOSTNAME=${utsname}
+EOF
+
+echo "${utsname}" > ${rootfs_path}/etc/hostname
+
+ # set minimal hosts
+ cat <<EOF > $rootfs_path/etc/hosts
+127.0.0.1 localhost.localdomain localhost $utsname
+::1 localhost6.localdomain6 localhost6
+EOF
+
+ # populate resolv.conf for non-dhcp-enabled guests
+ cp -f /etc/resolv.conf ${rootfs_path}/etc/
+}
+
+populate_dev()
+{
+ echo -n "Create devices in /dev/"
+ dev_path="${rootfs_path}/dev"
+ rm -rf $dev_path
+ mkdir -p $dev_path
+ mknod -m 666 ${dev_path}/null c 1 3
+ mknod -m 666 ${dev_path}/zero c 1 5
+ mknod -m 666 ${dev_path}/random c 1 8
+ mknod -m 666 ${dev_path}/urandom c 1 9
+ mkdir -m 755 ${dev_path}/pts
+ mkdir -m 1777 ${dev_path}/shm
+ mknod -m 666 ${dev_path}/tty c 5 0
+ mknod -m 666 ${dev_path}/tty0 c 4 0
+ mknod -m 666 ${dev_path}/tty1 c 4 1
+ mknod -m 666 ${dev_path}/tty2 c 4 2
+ mknod -m 666 ${dev_path}/tty3 c 4 3
+ mknod -m 666 ${dev_path}/tty4 c 4 4
+ mknod -m 600 ${dev_path}/console c 5 1
+ mknod -m 666 ${dev_path}/full c 1 7
+ mknod -m 600 ${dev_path}/initctl p
+ mknod -m 666 ${dev_path}/ptmx c 5 2
+ mkdir -m 755 ${dev_path}/net
+ mknod -m 666 ${dev_path}/net/tun c 10 200
+
+}
+
+set_guest_root_password()
+{
+ [ -z "$root_password" ] && return # pass is empty, abort
+
+ echo " - setting guest root password.."
+ echo "root passwd is: $root_password"
+ echo "root:$root_password" | chroot "$rootfs_path" chpasswd
+ echo "done."
+}
+
+create_chroot_rosa()
+{
+ # check the mini Rosa was not already downloaded
+ INSTALL_ROOT=$cache/cache
+ mkdir -p $INSTALL_ROOT
+ if [ $? -ne 0 ]; then
+ echo "Failed to create '$INSTALL_ROOT' directory"
+ return 1
+ fi
+ # package list to install
+ PKG_LIST="basesystem locales locales-en initscripts urpmi cronie dhcp-client kbd man"
+ # download a mini Rosa into a cache
+ echo "Downloading Rosa minimal ..."
+ URPMI="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main http://abf.rosalinux.ru/downloads/$release/repository/$arch/main/release"
+ URPMI2="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main_updates http://abf.rosalinux.ru/downloads/$release/repository/$arch/main/updates"
+ echo $URPMI
+ echo $URPMI2
+ URPMI_BASE="/usr/sbin/urpmi --no-suggests --no-verify-rpm --ignorearch --root $INSTALL_ROOT --urpmi-root $INSTALL_ROOT --auto $PKG_LIST"
+ $URPMI
+ $URPMI2
+ $URPMI_BASE
+ # We're splitting the old loop into two loops plus a directory retrival.
+ # First loop... Try and retrive a mirror list with retries and a slight
+ # delay between attempts...
+ if [ $? -ne 0 ]; then
+ echo "Failed to download the rootfs, aborting."
+ return 1
+ fi
+
+ mv "$INSTALL_ROOT" "$cache/rootfs"
+ echo "Download complete."
+
+ return 0
+
+}
+
+copy_rosa()
+{
+
+ echo -n "Copying rootfs to $rootfs_path ..."
+ mkdir -p $rootfs_path
+ rsync -Ha $cache/rootfs/ $rootfs_path/
+ return 0
+}
+
+update_rosa()
+{
+ echo "automated update in progress..."
+ urpmi --root $cache/rootfs --urpmi-root $cache/rootfs --auto --auto-update --ignorearch
+}
+
+configure_rosa_systemd()
+{
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd.service
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
+ # remove numlock service
+ # KDGKBLED: Inappropriate ioctl for device
+ rm -f ${rootfs_path}/etc/systemd/system/getty@.service.d/enable-numlock.conf
+
+ unlink ${rootfs_path}/etc/systemd/system/default.target
+ chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+ sed -i 's!ConditionPathExists=/dev/tty0!ConditionPathExists=|/dev/tty0\nConditionVirtualization=|lxc!' \
+ ${rootfs_path}/lib/systemd/system/getty\@.service
+}
+
+configure_rosa_network_service()
+{
+chroot ${rootfs_path} chkconfig network --level 01234567 on
+}
+
+
+install_rosa()
+{
+ mkdir -p @LOCALSTATEDIR@/lock/subsys/
+ (
+ flock -x 9
+ if [ $? -ne 0 ]; then
+ echo "Cache repository is busy."
+ return 1
+ fi
+
+ echo "Checking cache download in $cache/rootfs ... "
+ if [ ! -e "$cache/rootfs" ]; then
+ echo $cache/rootfs
+ create_chroot_rosa
+ if [ $? -ne 0 ]; then
+ echo "Failed to download 'Rosa basesystem-minimal'"
+ return 1
+ fi
+ else
+ echo "Cache found. Updating..."
+ update_rosa
+ if [ $? -ne 0 ]; then
+ echo "Failed to update 'Rosa base', continuing with last known good cache"
+ else
+ echo "Update finished"
+ fi
+ fi
+
+ echo "Copy $cache/rootfs to $rootfs_path ... "
+ copy_rosa
+ if [ $? -ne 0 ]; then
+ echo "Failed to copy rootfs"
+ return 1
+ fi
+ return 0
+ ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-rosa
+
+ return $?
+}
+
+copy_configuration()
+{
+
+ mkdir -p $config_path
+ grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config
+ sed -i '/lxc.network.type = empty/d' $config_path/config
+ cat <<EOF >> $config_path/config
+lxc.utsname = $name
+lxc.tty = 4
+lxc.pts = 1024
+lxc.cap.drop = sys_module mac_admin mac_override sys_time
+lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
+
+# When using LXC with apparmor, uncomment the next line to run unconfined:
+#lxc.aa_profile = unconfined
+
+#networking
+lxc.network.type = $lxc_network_type
+lxc.network.flags = up
+#lxc.network.link = $lxc_network_link
+#lxc.network.name = eth0
+#lxc.network.mtu = 1500
+EOF
+if [ ! -z ${ipv4} ]; then
+ cat <<EOF >> $config_path/config
+lxc.network.ipv4 = $ipv4
+EOF
+fi
+if [ ! -z ${gw} ]; then
+ cat <<EOF >> $config_path/config
+lxc.network.ipv4.gateway = $gw
+EOF
+fi
+if [ ! -z ${ipv6} ]; then
+ cat <<EOF >> $config_path/config
+lxc.network.ipv6 = $ipv6
+EOF
+fi
+if [ ! -z ${gw6} ]; then
+ cat <<EOF >> $config_path/config
+lxc.network.ipv6.gateway = $gw6
+EOF
+fi
+ cat <<EOF >> $config_path/config
+#cgroups
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 10:135 rwm
+EOF
+
+ if [ $? -ne 0 ]; then
+ echo "Failed to add configuration"
+ return 1
+ fi
+
+ return 0
+}
+
+clean()
+{
+
+ if [ ! -e $cache ]; then
+ exit 0
+ fi
+
+ # lock, so we won't purge while someone is creating a repository
+ (
+ flock -x 9
+ if [ $? != 0 ]; then
+ echo "Cache repository is busy."
+ exit 1
+ fi
+
+ echo -n "Purging the download cache for Rosa $release..."
+ rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+ exit 0
+ ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-rosa
+}
+
+usage()
+{
+ cat <<EOF
+usage:
+ $1 -n|--name=<container_name>
+ [-p|--path=<path>] [-c|--clean] [-R|--release=<rosa2014.1/rosa2016.1 release>]
+ [-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
+ [-g|--gw=<gw address>] [-d|--dns=<dns address>]
+ [-P|--profile=<name of the profile>] [--rootfs=<path>]
+ [-A|--arch=<arch of the container>]
+ [-h|--help]
+Mandatory args:
+ -n,--name container name, used to as an identifier for that container from now on
+Optional args:
+ -p,--path path to where the container rootfs will be created, defaults to @LXCPATH@. The container config will go under @LXCPATH@ in that case
+ -c,--clean clean the cache
+ -R,--release rosa2014.1/rosa2016.1 release for the new container, defaults to the same as of host machine
+ -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
+ -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
+ -g,--gw specify the default gw, eg. 192.168.1.1
+ -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
+ -d,--dns specify the DNS server, eg. 192.168.1.2
+ -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
+ -A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl]
+ ---rootfs rootfs path
+ -h,--help print this help
+EOF
+ return 0
+}
+
+options=$(getopt -o hp:n:P:cR:4:6:g:d:A -l help,rootfs:,path:,name:,profile:,clean:,release:,ipv4:,ipv6:,gw:,dns:,arch: -- "$@")
+if [ $? -ne 0 ]; then
+ usage $(basename $0)
+ exit 1
+fi
+eval set -- "$options"
+
+release=${release:-"cooker"}
+if [ -f /etc/lsb-release ]; then
+ . /etc/lsb-release
+ if [ "$DISTRIB_ID" = "RosaDesktopFresh" ]; then
+ echo "Choosing $DISTRIB_DESCRIPTION"
+ release=rosa2016.1
+ else
+ echo "Cannot reliably determine running distribution, will default to Rosa Fresh"
+ release=rosa2016.1
+ fi
+fi
+
+while true
+do
+ case "$1" in
+ -h|--help) usage $0 && exit 0;;
+ -p|--path) path=$2; shift 2;;
+ --rootfs) rootfs_path=$2; shift 2;;
+ -n|--name) name=$2; shift 2;;
+ -P|--profile) profile=$2; shift 2;;
+ -c|--clean) clean=1; shift 1;;
+ -R|--release) release=$2; shift 2;;
+ -A|--arch) arch=$2; shift 2;;
+ -4|--ipv4) ipv4=$2; shift 2;;
+ -6|--ipv6) ipv6=$2; shift 2;;
+ -g|--gw) gw=$2; shift 2;;
+ -d|--dns) dns=$2; shift 2;;
+ --) shift 1; break ;;
+ *) break ;;
+ esac
+done
+
+arch=${arch:-$hostarch}
+
+if [ ! -z "$clean" -a -z "$path" ]; then
+ clean || exit 1
+ exit 0
+fi
+
+if [ -z "${utsname}" ]; then
+ utsname=${name}
+fi
+
+type urpmi >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+ echo "'urpmi' command is missing"
+ exit 1
+fi
+
+if [ -z "$path" ]; then
+ path=$default_path
+fi
+
+if [ -z "$profile" ]; then
+ profile=$default_profile
+fi
+
+if [ $hostarch = "i586" -a $arch = "x86_64" ]; then
+ echo "can't create x86_64 container on i586"
+ exit 1
+fi
+
+if [ -z "$ipv4" -a -z "$ipv6" ]; then
+ BOOTPROTO="dhcp"
+else
+ BOOTPROTO="static"
+fi
+
+if [ "$(id -u)" != "0" ]; then
+ echo "This script should be run as 'root'"
+ exit 1
+fi
+
+# check for 'lxc.rootfs' passed in through default config by lxc-create
+if [ -z "$rootfs_path" ]; then
+ if grep -q '^lxc.rootfs' $path/config 2>/dev/null ; then
+ rootfs_path=$(awk -F= '/^lxc.rootfs =/{ print $2 }' $path/config)
+ else
+ rootfs_path=$path/$name/rootfs
+ fi
+fi
+
+config_path=$default_path/$name
+cache=$cache_base/$release/$arch/$profile
+
+if [ ! -f $config_path/config ]; then
+ echo "A container with that name exists, chose a different name"
+ exit 1
+fi
+
+install_rosa
+if [ $? -ne 0 ]; then
+ echo "failed to install Rosa"
+ exit 1
+fi
+
+configure_rosa
+if [ $? -ne 0 ]; then
+ echo "failed to configure Rosa for a container"
+ exit 1
+fi
+
+# If the systemd configuration directory exists - set it up for what we need.
+if [ -d ${rootfs_path}/etc/systemd/system ]
+then
+ configure_rosa_systemd
+fi
+
+#for ROSA currently it is required to setup network explicitly, chckconfig is used
+if [ "$release" = "rosa2012.1" ]
+then
+ configure_rosa_network_service
+fi
+
+populate_dev
+if [ $? -ne 0 ]; then
+ echo "failed to populated /dev/ devices"
+ exit 1
+fi
+
+set_guest_root_password
+if [ $? -ne 0 ]; then
+ echo "failed to configure password for chroot"
+ exit 1
+fi
+
+copy_configuration
+if [ $? -ne 0 ]; then
+ echo "failed write configuration file"
+ exit 1
+fi
+
+if [ ! -z "$clean" ]; then
+ clean || exit 1
+ exit 0
+fi
+echo "container rootfs and config created"

4
sysctl-rule Normal file
View file

@ -0,0 +1,4 @@
# LXC sysctl rule
# enable IP forwarding for LXC
net.ipv4.ip_forward = 1