Merge lp:~serge-hallyn/ubuntu/precise/lxc/fix-resolvconf into lp:ubuntu/precise/lxc
- Precise (12.04)
- fix-resolvconf
- Merge into precise
Proposed by
Serge Hallyn
Status: | Merged |
---|---|
Merge reported by: | Stéphane Graber |
Merged at revision: | not available |
Proposed branch: | lp:~serge-hallyn/ubuntu/precise/lxc/fix-resolvconf |
Merge into: | lp:ubuntu/precise/lxc |
Diff against target: |
1246 lines (+1155/-3) 10 files modified
.pc/0030-ubuntu-template-fail.patch/templates/lxc-ubuntu.in (+541/-0) .pc/0031-ubuntu-template-resolvconf.patch/templates/lxc-ubuntu.in (+543/-0) .pc/applied-patches (+2/-0) debian/changelog (+12/-0) debian/control (+1/-1) debian/lxcguest.lxcmount.upstart (+2/-1) debian/patches/0030-ubuntu-template-fail.patch (+20/-0) debian/patches/0031-ubuntu-template-resolvconf.patch (+25/-0) debian/patches/series (+2/-0) templates/lxc-ubuntu.in (+7/-1) |
To merge this branch: | bzr merge lp:~serge-hallyn/ubuntu/precise/lxc/fix-resolvconf |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Stéphane Graber | Pending | ||
Review via email: mp+90486@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === added directory '.pc/0030-ubuntu-template-fail.patch' |
2 | === added file '.pc/0030-ubuntu-template-fail.patch/.timestamp' |
3 | === added directory '.pc/0030-ubuntu-template-fail.patch/templates' |
4 | === added file '.pc/0030-ubuntu-template-fail.patch/templates/lxc-ubuntu.in' |
5 | --- .pc/0030-ubuntu-template-fail.patch/templates/lxc-ubuntu.in 1970-01-01 00:00:00 +0000 |
6 | +++ .pc/0030-ubuntu-template-fail.patch/templates/lxc-ubuntu.in 2012-01-27 17:24:25 +0000 |
7 | @@ -0,0 +1,541 @@ |
8 | +#!/bin/bash |
9 | + |
10 | +# |
11 | +# template script for generating ubuntu container for LXC |
12 | +# |
13 | +# This script consolidates and extends the existing lxc ubuntu scripts |
14 | +# |
15 | + |
16 | +# Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com> |
17 | +# Copyright © 2010 Wilhelm Meier |
18 | +# Author: Wilhelm Meier <wilhelm.meier@fh-kl.de> |
19 | +# |
20 | +# This program is free software; you can redistribute it and/or modify |
21 | +# it under the terms of the GNU General Public License version 2, as |
22 | +# published by the Free Software Foundation. |
23 | + |
24 | +# This program is distributed in the hope that it will be useful, |
25 | +# but WITHOUT ANY WARRANTY; without even the implied warranty of |
26 | +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
27 | +# GNU General Public License for more details. |
28 | + |
29 | +# You should have received a copy of the GNU General Public License along |
30 | +# with this program; if not, write to the Free Software Foundation, Inc., |
31 | +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
32 | +# |
33 | + |
34 | +if [ -r /etc/default/lxc ]; then |
35 | + . /etc/default/lxc |
36 | +fi |
37 | + |
38 | +configure_ubuntu() |
39 | +{ |
40 | + rootfs=$1 |
41 | + hostname=$2 |
42 | + |
43 | + # configure the network using the dhcp |
44 | + cat <<EOF > $rootfs/etc/network/interfaces |
45 | +auto lo |
46 | +iface lo inet loopback |
47 | + |
48 | +auto eth0 |
49 | +iface eth0 inet dhcp |
50 | +EOF |
51 | + |
52 | + # so you can 'ssh $hostname.' or 'ssh $hostname.local' |
53 | + if [ -f $rootfs/etc/dhcp/dhclient.conf ]; then |
54 | + sed -i "s/<hostname>/$hostname/" $rootfs/etc/dhcp/dhclient.conf |
55 | + elif [ -f $rootfs/etc/dhcp3/dhclient.conf ]; then |
56 | + sed -i "s/<hostname>/$hostname/" $rootfs/etc/dhcp3/dhclient.conf |
57 | + fi |
58 | + |
59 | + # set the hostname |
60 | + cat <<EOF > $rootfs/etc/hostname |
61 | +$hostname |
62 | +EOF |
63 | + # set minimal hosts |
64 | + cat <<EOF > $rootfs/etc/hosts |
65 | +127.0.0.1 localhost $hostname |
66 | +EOF |
67 | + |
68 | + # suppress log level output for udev |
69 | + sed -i "s/=\"err\"/=0/" $rootfs/etc/udev/udev.conf |
70 | + |
71 | + # remove jobs for consoles 5 and 6 since we only create 4 consoles in |
72 | + # this template |
73 | + rm -f $rootfs/etc/init/tty{5,6}.conf |
74 | + |
75 | + echo "Please change root-password !" |
76 | + echo "root:root" | chroot $rootfs chpasswd |
77 | + |
78 | + return 0 |
79 | +} |
80 | + |
81 | +download_ubuntu() |
82 | +{ |
83 | + cache=$1 |
84 | + arch=$2 |
85 | + release=$3 |
86 | + |
87 | + if [ $release = "lucid" ]; then |
88 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg |
89 | + elif [ $release = "maverick" ]; then |
90 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg,netbase |
91 | + elif [ $release = "natty" ]; then |
92 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase |
93 | + else |
94 | + packages=dialog,apt,apt-utils,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase,ubuntu-keyring |
95 | + fi |
96 | + echo "installing packages: $packages" |
97 | + |
98 | + # check the mini ubuntu was not already downloaded |
99 | + mkdir -p "$cache/partial-$arch" |
100 | + if [ $? -ne 0 ]; then |
101 | + echo "Failed to create '$cache/partial-$arch' directory" |
102 | + return 1 |
103 | + fi |
104 | + |
105 | + # download a mini ubuntu into a cache |
106 | + echo "Downloading ubuntu $release minimal ..." |
107 | + debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR |
108 | + if [ $? -ne 0 ]; then |
109 | + echo "Failed to download the rootfs, aborting." |
110 | + return 1 |
111 | + fi |
112 | + |
113 | + # Serge isn't sure whether we should avoid doing this when |
114 | + # $release == `distro-info -d` |
115 | + echo "Installing updates" |
116 | + case $arch in |
117 | + amd64|i386) |
118 | + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} |
119 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu} |
120 | + ;; |
121 | + sparc) |
122 | + case $SUITE in |
123 | + gutsy) |
124 | + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} |
125 | + SECURITY_MIRROR=${SECURITY_MIRRORMIRROR:-http://security.ubuntu.com/ubuntu} |
126 | + ;; |
127 | + *) |
128 | + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
129 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
130 | + ;; |
131 | + esac |
132 | + ;; |
133 | + *) |
134 | + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
135 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
136 | + ;; |
137 | + esac |
138 | + cat >> "$1/partial-${arch}/etc/apt/sources.list" << EOF |
139 | +deb $MIRROR ${release}-updates main universe |
140 | +deb $SECURITY_MIRROR ${release}-security main universe |
141 | +EOF |
142 | + chroot "$1/partial-${arch}" apt-get update |
143 | + if [ $? -ne 0 ]; then |
144 | + echo "Failed to update the apt cache" |
145 | + return 1 |
146 | + fi |
147 | + cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF |
148 | +#!/bin/sh |
149 | +exit 101 |
150 | +EOF |
151 | + chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d |
152 | + |
153 | + lxc-unshare -s MOUNT -- chroot "$1/partial-${arch}" apt-get dist-upgrade -y |
154 | + ret=$? |
155 | + rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d |
156 | + |
157 | + if [ $ret -ne 0 ]; then |
158 | + echo "Failed to upgrade the cache" |
159 | + return 1 |
160 | + fi |
161 | + |
162 | + mv "$1/partial-$arch" "$1/rootfs-$arch" |
163 | + echo "Download complete" |
164 | + return 0 |
165 | +} |
166 | + |
167 | +copy_ubuntu() |
168 | +{ |
169 | + cache=$1 |
170 | + arch=$2 |
171 | + rootfs=$3 |
172 | + |
173 | + # make a local copy of the miniubuntu |
174 | + echo -n "Copying rootfs to $rootfs ..." |
175 | + mkdir -p $rootfs |
176 | + rsync -a $cache/rootfs-$arch/ $rootfs/ || return 1 |
177 | + return 0 |
178 | +} |
179 | + |
180 | +install_ubuntu() |
181 | +{ |
182 | + rootfs=$1 |
183 | + release=$2 |
184 | + flushcache=$3 |
185 | + cache="/var/cache/lxc/$release" |
186 | + mkdir -p /var/lock/subsys/ |
187 | + ( |
188 | + flock -n -x 200 |
189 | + if [ $? -ne 0 ]; then |
190 | + echo "Cache repository is busy." |
191 | + return 1 |
192 | + fi |
193 | + |
194 | + |
195 | + if [ $flushcache -eq 1 ]; then |
196 | + echo "Flushing cache..." |
197 | + rm -rf "$cache/partial-$arch" |
198 | + rm -rf "$cache/rootfs-$arch" |
199 | + fi |
200 | + |
201 | + echo "Checking cache download in $cache/rootfs-$arch ... " |
202 | + if [ ! -e "$cache/rootfs-$arch" ]; then |
203 | + download_ubuntu $cache $arch $release |
204 | + if [ $? -ne 0 ]; then |
205 | + echo "Failed to download 'ubuntu $release base'" |
206 | + return 1 |
207 | + fi |
208 | + fi |
209 | + |
210 | + echo "Copy $cache/rootfs-$arch to $rootfs ... " |
211 | + copy_ubuntu $cache $arch $rootfs |
212 | + if [ $? -ne 0 ]; then |
213 | + echo "Failed to copy rootfs" |
214 | + return 1 |
215 | + fi |
216 | + |
217 | + return 0 |
218 | + |
219 | + ) 200>/var/lock/subsys/lxc |
220 | + |
221 | + return $? |
222 | +} |
223 | + |
224 | +copy_configuration() |
225 | +{ |
226 | + path=$1 |
227 | + rootfs=$2 |
228 | + name=$3 |
229 | + arch=$4 |
230 | + |
231 | + if [ $arch = "i386" ]; then |
232 | + arch="i686" |
233 | + fi |
234 | + |
235 | + cat <<EOF >> $path/config |
236 | +lxc.utsname = $name |
237 | + |
238 | +lxc.tty = 4 |
239 | +lxc.pts = 1024 |
240 | +lxc.rootfs = $rootfs |
241 | +lxc.mount = $path/fstab |
242 | +lxc.arch = $arch |
243 | +lxc.cap.drop = sys_module mac_admin |
244 | + |
245 | +lxc.cgroup.devices.deny = a |
246 | +# Allow any mknod (but not using the node) |
247 | +lxc.cgroup.devices.allow = c *:* m |
248 | +lxc.cgroup.devices.allow = b *:* m |
249 | +# /dev/null and zero |
250 | +lxc.cgroup.devices.allow = c 1:3 rwm |
251 | +lxc.cgroup.devices.allow = c 1:5 rwm |
252 | +# consoles |
253 | +lxc.cgroup.devices.allow = c 5:1 rwm |
254 | +lxc.cgroup.devices.allow = c 5:0 rwm |
255 | +#lxc.cgroup.devices.allow = c 4:0 rwm |
256 | +#lxc.cgroup.devices.allow = c 4:1 rwm |
257 | +# /dev/{,u}random |
258 | +lxc.cgroup.devices.allow = c 1:9 rwm |
259 | +lxc.cgroup.devices.allow = c 1:8 rwm |
260 | +lxc.cgroup.devices.allow = c 136:* rwm |
261 | +lxc.cgroup.devices.allow = c 5:2 rwm |
262 | +# rtc |
263 | +lxc.cgroup.devices.allow = c 254:0 rwm |
264 | +#fuse |
265 | +lxc.cgroup.devices.allow = c 10:229 rwm |
266 | +#tun |
267 | +lxc.cgroup.devices.allow = c 10:200 rwm |
268 | +#full |
269 | +lxc.cgroup.devices.allow = c 1:7 rwm |
270 | +#hpet |
271 | +lxc.cgroup.devices.allow = c 10:228 rwm |
272 | +#kvm |
273 | +lxc.cgroup.devices.allow = c 10:232 rwm |
274 | +EOF |
275 | + |
276 | + cat <<EOF > $path/fstab |
277 | +proc $rootfs/proc proc nodev,noexec,nosuid 0 0 |
278 | +sysfs $rootfs/sys sysfs defaults 0 0 |
279 | +EOF |
280 | + |
281 | + if [ $? -ne 0 ]; then |
282 | + echo "Failed to add configuration" |
283 | + return 1 |
284 | + fi |
285 | + |
286 | + return 0 |
287 | +} |
288 | + |
289 | +trim() |
290 | +{ |
291 | + rootfs=$1 |
292 | + release=$2 |
293 | + |
294 | + # provide the lxc service |
295 | + cat <<EOF > $rootfs/etc/init/lxc.conf |
296 | +# fake some events needed for correct startup other services |
297 | + |
298 | +description "Container Upstart" |
299 | + |
300 | +start on startup |
301 | + |
302 | +script |
303 | + rm -rf /var/run/*.pid |
304 | + rm -rf /var/run/network/* |
305 | + /sbin/initctl emit stopped JOB=udevtrigger --no-wait |
306 | + /sbin/initctl emit started JOB=udev --no-wait |
307 | +end script |
308 | +EOF |
309 | + |
310 | + # fix buggus runlevel with sshd |
311 | + cat <<EOF > $rootfs/etc/init/ssh.conf |
312 | +# ssh - OpenBSD Secure Shell server |
313 | +# |
314 | +# The OpenSSH server provides secure shell access to the system. |
315 | + |
316 | +description "OpenSSH server" |
317 | + |
318 | +start on filesystem |
319 | +stop on runlevel [!2345] |
320 | + |
321 | +expect fork |
322 | +respawn |
323 | +respawn limit 10 5 |
324 | +umask 022 |
325 | +# replaces SSHD_OOM_ADJUST in /etc/default/ssh |
326 | +oom never |
327 | + |
328 | +pre-start script |
329 | + test -x /usr/sbin/sshd || { stop; exit 0; } |
330 | + test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; } |
331 | + test -c /dev/null || { stop; exit 0; } |
332 | + |
333 | + mkdir -p -m0755 /var/run/sshd |
334 | +end script |
335 | + |
336 | +# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the |
337 | +# 'exec' line here instead |
338 | +exec /usr/sbin/sshd |
339 | +EOF |
340 | + |
341 | + cat <<EOF > $rootfs/etc/init/console.conf |
342 | +# console - getty |
343 | +# |
344 | +# This service maintains a console on tty1 from the point the system is |
345 | +# started until it is shut down again. |
346 | + |
347 | +start on stopped rc RUNLEVEL=[2345] |
348 | +stop on runlevel [!2345] |
349 | + |
350 | +respawn |
351 | +exec /sbin/getty -8 38400 /dev/console |
352 | +EOF |
353 | + |
354 | + cat <<EOF > $rootfs/lib/init/fstab |
355 | +# /lib/init/fstab: cleared out for bare-bones lxc |
356 | +EOF |
357 | + |
358 | + # reconfigure some services |
359 | + if [ -z "$LANG" ]; then |
360 | + chroot $rootfs locale-gen en_US.UTF-8 |
361 | + chroot $rootfs update-locale LANG=en_US.UTF-8 |
362 | + else |
363 | + chroot $rootfs locale-gen $LANG |
364 | + chroot $rootfs update-locale LANG=$LANG |
365 | + fi |
366 | + |
367 | + # remove pointless services in a container |
368 | + chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove |
369 | + |
370 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done' |
371 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done' |
372 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done' |
373 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done' |
374 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done' |
375 | + |
376 | + # if this isn't lucid, then we need to twiddle the network upstart bits :( |
377 | + if [ $release != "lucid" ]; then |
378 | + sed -i 's/^.*emission handled.*$/echo Emitting lo/' $rootfs/etc/network/if-up.d/upstart |
379 | + fi |
380 | +} |
381 | + |
382 | +post_process() |
383 | +{ |
384 | + rootfs=$1 |
385 | + release=$2 |
386 | + trim_container=$3 |
387 | + |
388 | + if [ $trim_container -eq 1 ]; then |
389 | + trim $rootfs $release |
390 | + else |
391 | + # for lucid and maverick, if not trimming, then add the ubuntu-virt |
392 | + # ppa and install lxcguest |
393 | + if [ $release = "lucid" -o $release = "maverick" ]; then |
394 | + chroot $rootfs apt-get install --force-yes -y python-software-properties |
395 | + chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa |
396 | + fi |
397 | + cp /etc/resolv.conf "${rootfs}/etc" |
398 | + chroot $rootfs apt-get update |
399 | + chroot $rootfs apt-get install --force-yes -y lxcguest |
400 | + fi |
401 | +} |
402 | + |
403 | +do_bindhome() |
404 | +{ |
405 | + rootfs=$1 |
406 | + user=$2 |
407 | + |
408 | + # copy /etc/passwd, /etc/shadow, and /etc/group entries into container |
409 | + pwd=`getent passwd $user` |
410 | + if [ $? -ne 0 ]; then |
411 | + echo 'Warning: failed to copy password entry for $user' |
412 | + return |
413 | + else |
414 | + echo $pwd >> $rootfs/etc/passwd |
415 | + fi |
416 | + shad=`getent shadow $user` |
417 | + echo $shad >> $rootfs/etc/shadow |
418 | + |
419 | + # bind-mount the user's path into the container's /home |
420 | + h=`getent passwd $user | cut -d: -f 6` |
421 | + mkdir -p $rootfs/$h |
422 | + echo "$h $rootfs/$h none bind 0 0" >> $path/fstab |
423 | +} |
424 | + |
425 | +usage() |
426 | +{ |
427 | + cat <<EOF |
428 | +$1 -h|--help [-a|--arch] [-b|--bindhome <user>] [--trim] |
429 | + [-F | --flush-cache] [-r|--release <release>] |
430 | +release: lucid | maverick | natty | oneiric | precise |
431 | +trim: make a minimal (faster, but not upgrade-safe) container |
432 | +bindhome: bind <user>'s home into the container |
433 | +arch: amd64 or i386: defaults to host arch |
434 | +EOF |
435 | + return 0 |
436 | +} |
437 | + |
438 | +options=$(getopt -o a:b:hp:r:xn:F -l arch:,bindhome:,help,path:,release:,trim,name:,flush-cache -- "$@") |
439 | +if [ $? -ne 0 ]; then |
440 | + usage $(basename $0) |
441 | + exit 1 |
442 | +fi |
443 | +eval set -- "$options" |
444 | + |
445 | +release=lucid |
446 | +if [ -f /etc/lsb-release ]; then |
447 | + . /etc/lsb-release |
448 | + case "$DISTRIB_CODENAME" in |
449 | + lucid|maverick|natty|oneiric|precise) |
450 | + release=$DISTRIB_CODENAME |
451 | + ;; |
452 | + esac |
453 | +fi |
454 | + |
455 | +bindhome= |
456 | +arch=$(arch) |
457 | + |
458 | +# Code taken from debootstrap |
459 | +if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then |
460 | + arch=`/usr/bin/dpkg --print-architecture` |
461 | +elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then |
462 | + arch=`/usr/bin/udpkg --print-architecture` |
463 | +else |
464 | + arch=$(arch) |
465 | + if [ "$arch" = "i686" ]; then |
466 | + arch="i386" |
467 | + elif [ "$arch" = "x86_64" ]; then |
468 | + arch="amd64" |
469 | + elif [ "$arch" = "armv7l" ]; then |
470 | + arch="armel" |
471 | + fi |
472 | +fi |
473 | + |
474 | +trim_container=0 |
475 | +hostarch=$arch |
476 | +flushcache=0 |
477 | +while true |
478 | +do |
479 | + case "$1" in |
480 | + -h|--help) usage $0 && exit 0;; |
481 | + -p|--path) path=$2; shift 2;; |
482 | + -n|--name) name=$2; shift 2;; |
483 | + -F|--flush-cache) flushcache=1; shift 1;; |
484 | + -r|--release) release=$2; shift 2;; |
485 | + -b|--bindhome) bindhome=$2; shift 2;; |
486 | + -a|--arch) arch=$2; shift 2;; |
487 | + -x|--trim) trim_container=1; shift 1;; |
488 | + --) shift 1; break ;; |
489 | + *) break ;; |
490 | + esac |
491 | +done |
492 | + |
493 | +pwd=`getent passwd $bindhome` |
494 | +if [ $? -ne 0 ]; then |
495 | + echo "Error: no password entry found for $bindhome" |
496 | + exit 1 |
497 | +fi |
498 | + |
499 | + |
500 | +if [ "$arch" == "i686" ]; then |
501 | + arch=i386 |
502 | +fi |
503 | + |
504 | +if [ $hostarch = "i386" -a $arch = "amd64" ]; then |
505 | + echo "can't create amd64 container on i386" |
506 | + exit 1 |
507 | +fi |
508 | + |
509 | +type debootstrap |
510 | +if [ $? -ne 0 ]; then |
511 | + echo "'debootstrap' command is missing" |
512 | + exit 1 |
513 | +fi |
514 | + |
515 | +if [ -z "$path" ]; then |
516 | + echo "'path' parameter is required" |
517 | + exit 1 |
518 | +fi |
519 | + |
520 | +if [ "$(id -u)" != "0" ]; then |
521 | + echo "This script should be run as 'root'" |
522 | + exit 1 |
523 | +fi |
524 | + |
525 | +rootfs=$path/rootfs |
526 | + |
527 | +install_ubuntu $rootfs $release $flushcache |
528 | +if [ $? -ne 0 ]; then |
529 | + echo "failed to install ubuntu $release" |
530 | + exit 1 |
531 | +fi |
532 | + |
533 | +configure_ubuntu $rootfs $name |
534 | +if [ $? -ne 0 ]; then |
535 | + echo "failed to configure ubuntu $release for a container" |
536 | + exit 1 |
537 | +fi |
538 | + |
539 | +copy_configuration $path $rootfs $name $arch |
540 | +if [ $? -ne 0 ]; then |
541 | + echo "failed write configuration file" |
542 | + exit 1 |
543 | +fi |
544 | + |
545 | +post_process $rootfs $release $trim_container |
546 | +if [ ! -z $bindhome ]; then |
547 | + do_bindhome $rootfs $bindhome |
548 | +fi |
549 | |
550 | === added directory '.pc/0031-ubuntu-template-resolvconf.patch' |
551 | === added file '.pc/0031-ubuntu-template-resolvconf.patch/.timestamp' |
552 | === added directory '.pc/0031-ubuntu-template-resolvconf.patch/templates' |
553 | === added file '.pc/0031-ubuntu-template-resolvconf.patch/templates/lxc-ubuntu.in' |
554 | --- .pc/0031-ubuntu-template-resolvconf.patch/templates/lxc-ubuntu.in 1970-01-01 00:00:00 +0000 |
555 | +++ .pc/0031-ubuntu-template-resolvconf.patch/templates/lxc-ubuntu.in 2012-01-27 17:24:25 +0000 |
556 | @@ -0,0 +1,543 @@ |
557 | +#!/bin/bash |
558 | + |
559 | +# |
560 | +# template script for generating ubuntu container for LXC |
561 | +# |
562 | +# This script consolidates and extends the existing lxc ubuntu scripts |
563 | +# |
564 | + |
565 | +# Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com> |
566 | +# Copyright © 2010 Wilhelm Meier |
567 | +# Author: Wilhelm Meier <wilhelm.meier@fh-kl.de> |
568 | +# |
569 | +# This program is free software; you can redistribute it and/or modify |
570 | +# it under the terms of the GNU General Public License version 2, as |
571 | +# published by the Free Software Foundation. |
572 | + |
573 | +# This program is distributed in the hope that it will be useful, |
574 | +# but WITHOUT ANY WARRANTY; without even the implied warranty of |
575 | +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
576 | +# GNU General Public License for more details. |
577 | + |
578 | +# You should have received a copy of the GNU General Public License along |
579 | +# with this program; if not, write to the Free Software Foundation, Inc., |
580 | +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
581 | +# |
582 | + |
583 | +set -e |
584 | + |
585 | +if [ -r /etc/default/lxc ]; then |
586 | + . /etc/default/lxc |
587 | +fi |
588 | + |
589 | +configure_ubuntu() |
590 | +{ |
591 | + rootfs=$1 |
592 | + hostname=$2 |
593 | + |
594 | + # configure the network using the dhcp |
595 | + cat <<EOF > $rootfs/etc/network/interfaces |
596 | +auto lo |
597 | +iface lo inet loopback |
598 | + |
599 | +auto eth0 |
600 | +iface eth0 inet dhcp |
601 | +EOF |
602 | + |
603 | + # so you can 'ssh $hostname.' or 'ssh $hostname.local' |
604 | + if [ -f $rootfs/etc/dhcp/dhclient.conf ]; then |
605 | + sed -i "s/<hostname>/$hostname/" $rootfs/etc/dhcp/dhclient.conf |
606 | + elif [ -f $rootfs/etc/dhcp3/dhclient.conf ]; then |
607 | + sed -i "s/<hostname>/$hostname/" $rootfs/etc/dhcp3/dhclient.conf |
608 | + fi |
609 | + |
610 | + # set the hostname |
611 | + cat <<EOF > $rootfs/etc/hostname |
612 | +$hostname |
613 | +EOF |
614 | + # set minimal hosts |
615 | + cat <<EOF > $rootfs/etc/hosts |
616 | +127.0.0.1 localhost $hostname |
617 | +EOF |
618 | + |
619 | + # suppress log level output for udev |
620 | + sed -i "s/=\"err\"/=0/" $rootfs/etc/udev/udev.conf |
621 | + |
622 | + # remove jobs for consoles 5 and 6 since we only create 4 consoles in |
623 | + # this template |
624 | + rm -f $rootfs/etc/init/tty{5,6}.conf |
625 | + |
626 | + echo "Please change root-password !" |
627 | + echo "root:root" | chroot $rootfs chpasswd |
628 | + |
629 | + return 0 |
630 | +} |
631 | + |
632 | +download_ubuntu() |
633 | +{ |
634 | + cache=$1 |
635 | + arch=$2 |
636 | + release=$3 |
637 | + |
638 | + if [ $release = "lucid" ]; then |
639 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg |
640 | + elif [ $release = "maverick" ]; then |
641 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg,netbase |
642 | + elif [ $release = "natty" ]; then |
643 | + packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase |
644 | + else |
645 | + packages=dialog,apt,apt-utils,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase,ubuntu-keyring |
646 | + fi |
647 | + echo "installing packages: $packages" |
648 | + |
649 | + # check the mini ubuntu was not already downloaded |
650 | + mkdir -p "$cache/partial-$arch" |
651 | + if [ $? -ne 0 ]; then |
652 | + echo "Failed to create '$cache/partial-$arch' directory" |
653 | + return 1 |
654 | + fi |
655 | + |
656 | + # download a mini ubuntu into a cache |
657 | + echo "Downloading ubuntu $release minimal ..." |
658 | + debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR |
659 | + if [ $? -ne 0 ]; then |
660 | + echo "Failed to download the rootfs, aborting." |
661 | + return 1 |
662 | + fi |
663 | + |
664 | + # Serge isn't sure whether we should avoid doing this when |
665 | + # $release == `distro-info -d` |
666 | + echo "Installing updates" |
667 | + case $arch in |
668 | + amd64|i386) |
669 | + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} |
670 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu} |
671 | + ;; |
672 | + sparc) |
673 | + case $SUITE in |
674 | + gutsy) |
675 | + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} |
676 | + SECURITY_MIRROR=${SECURITY_MIRRORMIRROR:-http://security.ubuntu.com/ubuntu} |
677 | + ;; |
678 | + *) |
679 | + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
680 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
681 | + ;; |
682 | + esac |
683 | + ;; |
684 | + *) |
685 | + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
686 | + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} |
687 | + ;; |
688 | + esac |
689 | + cat >> "$1/partial-${arch}/etc/apt/sources.list" << EOF |
690 | +deb $MIRROR ${release}-updates main universe |
691 | +deb $SECURITY_MIRROR ${release}-security main universe |
692 | +EOF |
693 | + chroot "$1/partial-${arch}" apt-get update |
694 | + if [ $? -ne 0 ]; then |
695 | + echo "Failed to update the apt cache" |
696 | + return 1 |
697 | + fi |
698 | + cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF |
699 | +#!/bin/sh |
700 | +exit 101 |
701 | +EOF |
702 | + chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d |
703 | + |
704 | + lxc-unshare -s MOUNT -- chroot "$1/partial-${arch}" apt-get dist-upgrade -y |
705 | + ret=$? |
706 | + rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d |
707 | + |
708 | + if [ $ret -ne 0 ]; then |
709 | + echo "Failed to upgrade the cache" |
710 | + return 1 |
711 | + fi |
712 | + |
713 | + mv "$1/partial-$arch" "$1/rootfs-$arch" |
714 | + echo "Download complete" |
715 | + return 0 |
716 | +} |
717 | + |
718 | +copy_ubuntu() |
719 | +{ |
720 | + cache=$1 |
721 | + arch=$2 |
722 | + rootfs=$3 |
723 | + |
724 | + # make a local copy of the miniubuntu |
725 | + echo -n "Copying rootfs to $rootfs ..." |
726 | + mkdir -p $rootfs |
727 | + rsync -a $cache/rootfs-$arch/ $rootfs/ || return 1 |
728 | + return 0 |
729 | +} |
730 | + |
731 | +install_ubuntu() |
732 | +{ |
733 | + rootfs=$1 |
734 | + release=$2 |
735 | + flushcache=$3 |
736 | + cache="/var/cache/lxc/$release" |
737 | + mkdir -p /var/lock/subsys/ |
738 | + ( |
739 | + flock -n -x 200 |
740 | + if [ $? -ne 0 ]; then |
741 | + echo "Cache repository is busy." |
742 | + return 1 |
743 | + fi |
744 | + |
745 | + |
746 | + if [ $flushcache -eq 1 ]; then |
747 | + echo "Flushing cache..." |
748 | + rm -rf "$cache/partial-$arch" |
749 | + rm -rf "$cache/rootfs-$arch" |
750 | + fi |
751 | + |
752 | + echo "Checking cache download in $cache/rootfs-$arch ... " |
753 | + if [ ! -e "$cache/rootfs-$arch" ]; then |
754 | + download_ubuntu $cache $arch $release |
755 | + if [ $? -ne 0 ]; then |
756 | + echo "Failed to download 'ubuntu $release base'" |
757 | + return 1 |
758 | + fi |
759 | + fi |
760 | + |
761 | + echo "Copy $cache/rootfs-$arch to $rootfs ... " |
762 | + copy_ubuntu $cache $arch $rootfs |
763 | + if [ $? -ne 0 ]; then |
764 | + echo "Failed to copy rootfs" |
765 | + return 1 |
766 | + fi |
767 | + |
768 | + return 0 |
769 | + |
770 | + ) 200>/var/lock/subsys/lxc |
771 | + |
772 | + return $? |
773 | +} |
774 | + |
775 | +copy_configuration() |
776 | +{ |
777 | + path=$1 |
778 | + rootfs=$2 |
779 | + name=$3 |
780 | + arch=$4 |
781 | + |
782 | + if [ $arch = "i386" ]; then |
783 | + arch="i686" |
784 | + fi |
785 | + |
786 | + cat <<EOF >> $path/config |
787 | +lxc.utsname = $name |
788 | + |
789 | +lxc.tty = 4 |
790 | +lxc.pts = 1024 |
791 | +lxc.rootfs = $rootfs |
792 | +lxc.mount = $path/fstab |
793 | +lxc.arch = $arch |
794 | +lxc.cap.drop = sys_module mac_admin |
795 | + |
796 | +lxc.cgroup.devices.deny = a |
797 | +# Allow any mknod (but not using the node) |
798 | +lxc.cgroup.devices.allow = c *:* m |
799 | +lxc.cgroup.devices.allow = b *:* m |
800 | +# /dev/null and zero |
801 | +lxc.cgroup.devices.allow = c 1:3 rwm |
802 | +lxc.cgroup.devices.allow = c 1:5 rwm |
803 | +# consoles |
804 | +lxc.cgroup.devices.allow = c 5:1 rwm |
805 | +lxc.cgroup.devices.allow = c 5:0 rwm |
806 | +#lxc.cgroup.devices.allow = c 4:0 rwm |
807 | +#lxc.cgroup.devices.allow = c 4:1 rwm |
808 | +# /dev/{,u}random |
809 | +lxc.cgroup.devices.allow = c 1:9 rwm |
810 | +lxc.cgroup.devices.allow = c 1:8 rwm |
811 | +lxc.cgroup.devices.allow = c 136:* rwm |
812 | +lxc.cgroup.devices.allow = c 5:2 rwm |
813 | +# rtc |
814 | +lxc.cgroup.devices.allow = c 254:0 rwm |
815 | +#fuse |
816 | +lxc.cgroup.devices.allow = c 10:229 rwm |
817 | +#tun |
818 | +lxc.cgroup.devices.allow = c 10:200 rwm |
819 | +#full |
820 | +lxc.cgroup.devices.allow = c 1:7 rwm |
821 | +#hpet |
822 | +lxc.cgroup.devices.allow = c 10:228 rwm |
823 | +#kvm |
824 | +lxc.cgroup.devices.allow = c 10:232 rwm |
825 | +EOF |
826 | + |
827 | + cat <<EOF > $path/fstab |
828 | +proc $rootfs/proc proc nodev,noexec,nosuid 0 0 |
829 | +sysfs $rootfs/sys sysfs defaults 0 0 |
830 | +EOF |
831 | + |
832 | + if [ $? -ne 0 ]; then |
833 | + echo "Failed to add configuration" |
834 | + return 1 |
835 | + fi |
836 | + |
837 | + return 0 |
838 | +} |
839 | + |
840 | +trim() |
841 | +{ |
842 | + rootfs=$1 |
843 | + release=$2 |
844 | + |
845 | + # provide the lxc service |
846 | + cat <<EOF > $rootfs/etc/init/lxc.conf |
847 | +# fake some events needed for correct startup other services |
848 | + |
849 | +description "Container Upstart" |
850 | + |
851 | +start on startup |
852 | + |
853 | +script |
854 | + rm -rf /var/run/*.pid |
855 | + rm -rf /var/run/network/* |
856 | + /sbin/initctl emit stopped JOB=udevtrigger --no-wait |
857 | + /sbin/initctl emit started JOB=udev --no-wait |
858 | +end script |
859 | +EOF |
860 | + |
861 | + # fix buggus runlevel with sshd |
862 | + cat <<EOF > $rootfs/etc/init/ssh.conf |
863 | +# ssh - OpenBSD Secure Shell server |
864 | +# |
865 | +# The OpenSSH server provides secure shell access to the system. |
866 | + |
867 | +description "OpenSSH server" |
868 | + |
869 | +start on filesystem |
870 | +stop on runlevel [!2345] |
871 | + |
872 | +expect fork |
873 | +respawn |
874 | +respawn limit 10 5 |
875 | +umask 022 |
876 | +# replaces SSHD_OOM_ADJUST in /etc/default/ssh |
877 | +oom never |
878 | + |
879 | +pre-start script |
880 | + test -x /usr/sbin/sshd || { stop; exit 0; } |
881 | + test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; } |
882 | + test -c /dev/null || { stop; exit 0; } |
883 | + |
884 | + mkdir -p -m0755 /var/run/sshd |
885 | +end script |
886 | + |
887 | +# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the |
888 | +# 'exec' line here instead |
889 | +exec /usr/sbin/sshd |
890 | +EOF |
891 | + |
892 | + cat <<EOF > $rootfs/etc/init/console.conf |
893 | +# console - getty |
894 | +# |
895 | +# This service maintains a console on tty1 from the point the system is |
896 | +# started until it is shut down again. |
897 | + |
898 | +start on stopped rc RUNLEVEL=[2345] |
899 | +stop on runlevel [!2345] |
900 | + |
901 | +respawn |
902 | +exec /sbin/getty -8 38400 /dev/console |
903 | +EOF |
904 | + |
905 | + cat <<EOF > $rootfs/lib/init/fstab |
906 | +# /lib/init/fstab: cleared out for bare-bones lxc |
907 | +EOF |
908 | + |
909 | + # reconfigure some services |
910 | + if [ -z "$LANG" ]; then |
911 | + chroot $rootfs locale-gen en_US.UTF-8 |
912 | + chroot $rootfs update-locale LANG=en_US.UTF-8 |
913 | + else |
914 | + chroot $rootfs locale-gen $LANG |
915 | + chroot $rootfs update-locale LANG=$LANG |
916 | + fi |
917 | + |
918 | + # remove pointless services in a container |
919 | + chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove |
920 | + |
921 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done' |
922 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done' |
923 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done' |
924 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done' |
925 | + chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done' |
926 | + |
927 | + # if this isn't lucid, then we need to twiddle the network upstart bits :( |
928 | + if [ $release != "lucid" ]; then |
929 | + sed -i 's/^.*emission handled.*$/echo Emitting lo/' $rootfs/etc/network/if-up.d/upstart |
930 | + fi |
931 | +} |
932 | + |
933 | +post_process() |
934 | +{ |
935 | + rootfs=$1 |
936 | + release=$2 |
937 | + trim_container=$3 |
938 | + |
939 | + if [ $trim_container -eq 1 ]; then |
940 | + trim $rootfs $release |
941 | + else |
942 | + # for lucid and maverick, if not trimming, then add the ubuntu-virt |
943 | + # ppa and install lxcguest |
944 | + if [ $release = "lucid" -o $release = "maverick" ]; then |
945 | + chroot $rootfs apt-get install --force-yes -y python-software-properties |
946 | + chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa |
947 | + fi |
948 | + cp /etc/resolv.conf "${rootfs}/etc" |
949 | + chroot $rootfs apt-get update |
950 | + chroot $rootfs apt-get install --force-yes -y lxcguest |
951 | + fi |
952 | +} |
953 | + |
954 | +do_bindhome() |
955 | +{ |
956 | + rootfs=$1 |
957 | + user=$2 |
958 | + |
959 | + # copy /etc/passwd, /etc/shadow, and /etc/group entries into container |
960 | + pwd=`getent passwd $user` |
961 | + if [ $? -ne 0 ]; then |
962 | + echo 'Warning: failed to copy password entry for $user' |
963 | + return |
964 | + else |
965 | + echo $pwd >> $rootfs/etc/passwd |
966 | + fi |
967 | + shad=`getent shadow $user` |
968 | + echo $shad >> $rootfs/etc/shadow |
969 | + |
970 | + # bind-mount the user's path into the container's /home |
971 | + h=`getent passwd $user | cut -d: -f 6` |
972 | + mkdir -p $rootfs/$h |
973 | + echo "$h $rootfs/$h none bind 0 0" >> $path/fstab |
974 | +} |
975 | + |
976 | +usage() |
977 | +{ |
978 | + cat <<EOF |
979 | +$1 -h|--help [-a|--arch] [-b|--bindhome <user>] [--trim] |
980 | + [-F | --flush-cache] [-r|--release <release>] |
981 | +release: lucid | maverick | natty | oneiric | precise |
982 | +trim: make a minimal (faster, but not upgrade-safe) container |
983 | +bindhome: bind <user>'s home into the container |
984 | +arch: amd64 or i386: defaults to host arch |
985 | +EOF |
986 | + return 0 |
987 | +} |
988 | + |
989 | +options=$(getopt -o a:b:hp:r:xn:F -l arch:,bindhome:,help,path:,release:,trim,name:,flush-cache -- "$@") |
990 | +if [ $? -ne 0 ]; then |
991 | + usage $(basename $0) |
992 | + exit 1 |
993 | +fi |
994 | +eval set -- "$options" |
995 | + |
996 | +release=lucid |
997 | +if [ -f /etc/lsb-release ]; then |
998 | + . /etc/lsb-release |
999 | + case "$DISTRIB_CODENAME" in |
1000 | + lucid|maverick|natty|oneiric|precise) |
1001 | + release=$DISTRIB_CODENAME |
1002 | + ;; |
1003 | + esac |
1004 | +fi |
1005 | + |
1006 | +bindhome= |
1007 | +arch=$(arch) |
1008 | + |
1009 | +# Code taken from debootstrap |
1010 | +if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then |
1011 | + arch=`/usr/bin/dpkg --print-architecture` |
1012 | +elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then |
1013 | + arch=`/usr/bin/udpkg --print-architecture` |
1014 | +else |
1015 | + arch=$(arch) |
1016 | + if [ "$arch" = "i686" ]; then |
1017 | + arch="i386" |
1018 | + elif [ "$arch" = "x86_64" ]; then |
1019 | + arch="amd64" |
1020 | + elif [ "$arch" = "armv7l" ]; then |
1021 | + arch="armel" |
1022 | + fi |
1023 | +fi |
1024 | + |
1025 | +trim_container=0 |
1026 | +hostarch=$arch |
1027 | +flushcache=0 |
1028 | +while true |
1029 | +do |
1030 | + case "$1" in |
1031 | + -h|--help) usage $0 && exit 0;; |
1032 | + -p|--path) path=$2; shift 2;; |
1033 | + -n|--name) name=$2; shift 2;; |
1034 | + -F|--flush-cache) flushcache=1; shift 1;; |
1035 | + -r|--release) release=$2; shift 2;; |
1036 | + -b|--bindhome) bindhome=$2; shift 2;; |
1037 | + -a|--arch) arch=$2; shift 2;; |
1038 | + -x|--trim) trim_container=1; shift 1;; |
1039 | + --) shift 1; break ;; |
1040 | + *) break ;; |
1041 | + esac |
1042 | +done |
1043 | + |
1044 | +pwd=`getent passwd $bindhome` |
1045 | +if [ $? -ne 0 ]; then |
1046 | + echo "Error: no password entry found for $bindhome" |
1047 | + exit 1 |
1048 | +fi |
1049 | + |
1050 | + |
1051 | +if [ "$arch" == "i686" ]; then |
1052 | + arch=i386 |
1053 | +fi |
1054 | + |
1055 | +if [ $hostarch = "i386" -a $arch = "amd64" ]; then |
1056 | + echo "can't create amd64 container on i386" |
1057 | + exit 1 |
1058 | +fi |
1059 | + |
1060 | +type debootstrap |
1061 | +if [ $? -ne 0 ]; then |
1062 | + echo "'debootstrap' command is missing" |
1063 | + exit 1 |
1064 | +fi |
1065 | + |
1066 | +if [ -z "$path" ]; then |
1067 | + echo "'path' parameter is required" |
1068 | + exit 1 |
1069 | +fi |
1070 | + |
1071 | +if [ "$(id -u)" != "0" ]; then |
1072 | + echo "This script should be run as 'root'" |
1073 | + exit 1 |
1074 | +fi |
1075 | + |
1076 | +rootfs=$path/rootfs |
1077 | + |
1078 | +install_ubuntu $rootfs $release $flushcache |
1079 | +if [ $? -ne 0 ]; then |
1080 | + echo "failed to install ubuntu $release" |
1081 | + exit 1 |
1082 | +fi |
1083 | + |
1084 | +configure_ubuntu $rootfs $name |
1085 | +if [ $? -ne 0 ]; then |
1086 | + echo "failed to configure ubuntu $release for a container" |
1087 | + exit 1 |
1088 | +fi |
1089 | + |
1090 | +copy_configuration $path $rootfs $name $arch |
1091 | +if [ $? -ne 0 ]; then |
1092 | + echo "failed write configuration file" |
1093 | + exit 1 |
1094 | +fi |
1095 | + |
1096 | +post_process $rootfs $release $trim_container |
1097 | +if [ ! -z $bindhome ]; then |
1098 | + do_bindhome $rootfs $bindhome |
1099 | +fi |
1100 | |
1101 | === modified file '.pc/applied-patches' |
1102 | --- .pc/applied-patches 2012-01-26 14:15:07 +0000 |
1103 | +++ .pc/applied-patches 2012-01-27 17:24:25 +0000 |
1104 | @@ -40,3 +40,5 @@ |
1105 | 0027-fix-lxc-netstat.patch |
1106 | 0028-recursively-rmdir-cgroups.patch |
1107 | 0029-btrfs-clone-support.patch |
1108 | +0030-ubuntu-template-fail.patch |
1109 | +0031-ubuntu-template-resolvconf.patch |
1110 | |
1111 | === modified file 'debian/changelog' |
1112 | --- debian/changelog 2012-01-26 16:38:10 +0000 |
1113 | +++ debian/changelog 2012-01-27 17:24:25 +0000 |
1114 | @@ -1,3 +1,15 @@ |
1115 | +lxc (0.7.5-3ubuntu14) precise; urgency=low |
1116 | + |
1117 | + * debian/control: add btrfs-tools to lxc Suggests (LP: #942241) |
1118 | + * 0030-ubuntu-template-fail.patch: make lxc-ubuntu template fail on |
1119 | + error (LP: #922645) |
1120 | + * 0031-ubuntu-template-resolvconf.patch: handle /etc/resolv.conf being |
1121 | + a symlink as is now done by resolvconf by default. (LP: #922706) |
1122 | + * debian/lxcguest.lxcmount.upstart: emit mounted MOUNTPOINT=/run |
1123 | + to make resolvconf start. (LP: #922706) |
1124 | + |
1125 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 27 Jan 2012 11:13:26 -0600 |
1126 | + |
1127 | lxc (0.7.5-3ubuntu13) precise; urgency=low |
1128 | |
1129 | * 0029-btrfs-clone-support.patch: add support for cloning via |
1130 | |
1131 | === modified file 'debian/control' |
1132 | --- debian/control 2012-01-20 14:34:54 +0000 |
1133 | +++ debian/control 2012-01-27 17:24:25 +0000 |
1134 | @@ -13,7 +13,7 @@ |
1135 | Architecture: linux-any |
1136 | Depends: ${misc:Depends}, ${shlibs:Depends}, bridge-utils, dnsmasq-base, iptables, rsync |
1137 | Recommends: debootstrap, libcap2-bin, cgroup-lite | cgroup-bin |
1138 | -Suggests: lvm2 |
1139 | +Suggests: btrfs-tools, lvm2 |
1140 | Description: Linux containers userspace tools |
1141 | Containers are insulated areas inside a system, which have their own namespace |
1142 | for filesystem, network, pids, ipc, cpu and memory allocation and which can be |
1143 | |
1144 | === modified file 'debian/lxcguest.lxcmount.upstart' |
1145 | --- debian/lxcguest.lxcmount.upstart 2011-05-16 14:03:52 +0000 |
1146 | +++ debian/lxcguest.lxcmount.upstart 2012-01-27 17:24:25 +0000 |
1147 | @@ -32,5 +32,6 @@ |
1148 | # Pre-start stops us from getting here if it's neither lxc nor libvirt |
1149 | # So empty $container means it's libvirt from (>= oneiric) |
1150 | [ -z $container ] && container="libvirt" |
1151 | - exec mount --bind /lib/init/fstab.$container /lib/init/fstab |
1152 | + mount --bind /lib/init/fstab.$container /lib/init/fstab |
1153 | + exec initctl emit mounted MOUNTPOINT=/run |
1154 | end script |
1155 | |
1156 | === added file 'debian/patches/0030-ubuntu-template-fail.patch' |
1157 | --- debian/patches/0030-ubuntu-template-fail.patch 1970-01-01 00:00:00 +0000 |
1158 | +++ debian/patches/0030-ubuntu-template-fail.patch 2012-01-27 17:24:25 +0000 |
1159 | @@ -0,0 +1,20 @@ |
1160 | +Description: ubuntu template: set -e to return error on failures. |
1161 | + Otherwise callers can get bad containers without knowing it. |
1162 | + This will be forwarded upstream |
1163 | +Author: Serge Hallyn <serge.hallyn@ubuntu.com> |
1164 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/922645 |
1165 | +Forwarded: no |
1166 | + |
1167 | +Index: lxc/templates/lxc-ubuntu.in |
1168 | +=================================================================== |
1169 | +--- lxc.orig/templates/lxc-ubuntu.in 2012-01-27 09:33:18.236399000 -0600 |
1170 | ++++ lxc/templates/lxc-ubuntu.in 2012-01-27 09:50:11.961902165 -0600 |
1171 | +@@ -24,6 +24,8 @@ |
1172 | + # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
1173 | + # |
1174 | + |
1175 | ++set -e |
1176 | ++ |
1177 | + if [ -r /etc/default/lxc ]; then |
1178 | + . /etc/default/lxc |
1179 | + fi |
1180 | |
1181 | === added file 'debian/patches/0031-ubuntu-template-resolvconf.patch' |
1182 | --- debian/patches/0031-ubuntu-template-resolvconf.patch 1970-01-01 00:00:00 +0000 |
1183 | +++ debian/patches/0031-ubuntu-template-resolvconf.patch 2012-01-27 17:24:25 +0000 |
1184 | @@ -0,0 +1,25 @@ |
1185 | +Description: handle /etc/resolv.conf being a symlink |
1186 | + This will be forwarded upstream. |
1187 | +Author: Serge Hallyn <serge.hallyn@ubuntu.com> |
1188 | +Forwarded: no |
1189 | +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/922706 |
1190 | + |
1191 | +Index: lxc/templates/lxc-ubuntu.in |
1192 | +=================================================================== |
1193 | +--- lxc.orig/templates/lxc-ubuntu.in 2012-01-27 10:45:16.167886074 -0600 |
1194 | ++++ lxc/templates/lxc-ubuntu.in 2012-01-27 10:50:39.567880601 -0600 |
1195 | +@@ -389,9 +389,13 @@ |
1196 | + chroot $rootfs apt-get install --force-yes -y python-software-properties |
1197 | + chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa |
1198 | + fi |
1199 | +- cp /etc/resolv.conf "${rootfs}/etc" |
1200 | ++ cresolvonf="${rootfs}/etc/resolv.conf" |
1201 | ++ mv $cresolvonf ${cresolvonf}.lxcbak |
1202 | ++ cat /etc/resolv.conf > ${cresolvonf} |
1203 | + chroot $rootfs apt-get update |
1204 | + chroot $rootfs apt-get install --force-yes -y lxcguest |
1205 | ++ rm -f ${cresolvonf} |
1206 | ++ mv ${cresolvonf}.lxcbak ${cresolvonf} |
1207 | + fi |
1208 | + } |
1209 | + |
1210 | |
1211 | === modified file 'debian/patches/series' |
1212 | --- debian/patches/series 2012-01-26 14:15:07 +0000 |
1213 | +++ debian/patches/series 2012-01-27 17:24:25 +0000 |
1214 | @@ -40,3 +40,5 @@ |
1215 | 0027-fix-lxc-netstat.patch |
1216 | 0028-recursively-rmdir-cgroups.patch |
1217 | 0029-btrfs-clone-support.patch |
1218 | +0030-ubuntu-template-fail.patch |
1219 | +0031-ubuntu-template-resolvconf.patch |
1220 | |
1221 | === modified file 'templates/lxc-ubuntu.in' |
1222 | --- templates/lxc-ubuntu.in 2012-01-24 13:10:42 +0000 |
1223 | +++ templates/lxc-ubuntu.in 2012-01-27 17:24:25 +0000 |
1224 | @@ -24,6 +24,8 @@ |
1225 | # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
1226 | # |
1227 | |
1228 | +set -e |
1229 | + |
1230 | if [ -r /etc/default/lxc ]; then |
1231 | . /etc/default/lxc |
1232 | fi |
1233 | @@ -387,9 +389,13 @@ |
1234 | chroot $rootfs apt-get install --force-yes -y python-software-properties |
1235 | chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa |
1236 | fi |
1237 | - cp /etc/resolv.conf "${rootfs}/etc" |
1238 | + cresolvonf="${rootfs}/etc/resolv.conf" |
1239 | + mv $cresolvonf ${cresolvonf}.lxcbak |
1240 | + cat /etc/resolv.conf > ${cresolvonf} |
1241 | chroot $rootfs apt-get update |
1242 | chroot $rootfs apt-get install --force-yes -y lxcguest |
1243 | + rm -f ${cresolvonf} |
1244 | + mv ${cresolvonf}.lxcbak ${cresolvonf} |
1245 | fi |
1246 | } |
1247 |