diff options
Diffstat (limited to 'main/lxc')
| -rw-r--r-- | main/lxc/APKBUILD | 40 | ||||
| -rw-r--r-- | main/lxc/bb-find.patch | 11 | ||||
| -rw-r--r-- | main/lxc/bb-shutdown.patch | 26 | ||||
| -rwxr-xr-x | main/lxc/lxc-alpine | 239 | ||||
| -rw-r--r-- | main/lxc/lxc.initd | 5 |
5 files changed, 310 insertions, 11 deletions
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD index a0b8e36c14..65ca9da86e 100644 --- a/main/lxc/APKBUILD +++ b/main/lxc/APKBUILD @@ -3,12 +3,12 @@ pkgname=lxc pkgver=0.8.0 _mypkgver=${pkgver/_rc/-rc} -pkgrel=1 +pkgrel=7 pkgdesc="linux containers - tools" url="http://lxc.sourceforge.net/" arch="all" license="GPL" -depends= +depends="bash" depends_dev="libcap-dev" makedepends="$depends_dev" install="" @@ -16,9 +16,12 @@ subpackages="$pkgname-dev $pkgname-doc" source="http://lxc.sourceforge.net/download/lxc/$pkgname-$_mypkgver.tar.gz bb-rm.patch 0001-lxc-start-add-option-p-pidfile-FILE-for-use-with-dae.patch + bb-shutdown.patch + bb-find.patch lxc.initd setup-lxc-template setup-lxc-guest + lxc-alpine " _builddir="${srcdir}/${pkgname}-${_mypkgver}" @@ -38,21 +41,46 @@ build() { --sysconfdir=/etc \ --localstatedir=/var \ --disable-apparmor \ - || reeturn 1 + || return 1 make || return 1 } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 + install -d "$pkgdir"/var/lib/lxc + install -Dm755 "$srcdir"/lxc-alpine \ + "$pkgdir"/usr/share/lxc/templates/lxc-alpine || return 1 install -Dm755 "$srcdir"/lxc.initd "$pkgdir"/etc/init.d/lxc - install -Dm755 "$srcdir"/setup-lxc-template "$pkgdir"/usr/bin/setup-lxc-template + install -Dm755 "$srcdir"/setup-lxc-template \ + "$pkgdir"/usr/bin/setup-lxc-template install -Dm755 "$srcdir"/setup-lxc-guest "$pkgdir"/usr/bin/setup-lxc-guest } md5sums="7304fa57146ce687f749b5df876bb20d lxc-0.8.0.tar.gz f0f675456a1751aded10aa428bda9e16 bb-rm.patch 1bf081cd9d66c65f3611ed4af58ef48f 0001-lxc-start-add-option-p-pidfile-FILE-for-use-with-dae.patch -07c0a29753770f6b028891f6549aab71 lxc.initd +c3f11f58e97ead80c855c88d6999ad65 bb-shutdown.patch +6a1a27c473274d422ec27364bd3580c3 bb-find.patch +f3c6998798b13425b8d0647bad0834a8 lxc.initd 45d0f604310e58a1359f1745a4739843 setup-lxc-template -c3f7fd7e85d40c4a4b1b427048ff9652 setup-lxc-guest" +c3f7fd7e85d40c4a4b1b427048ff9652 setup-lxc-guest +0bafb693507f965c21f78f28da13f27b lxc-alpine" +sha256sums="eac833730b94e423d4bef6834bc4a716437d2abd6ab8b24334c506aaaa08692c lxc-0.8.0.tar.gz +e25b074eb09fdb471a2a816ab88df2f247f61ae8208a42044eaf91d1d5cc2fcc bb-rm.patch +0c3d8b40db692993b5d20dc9e6d6174579af8a2304e8f895bc5bce94eab4d6df 0001-lxc-start-add-option-p-pidfile-FILE-for-use-with-dae.patch +4847e4395a72737a6f94d2a1d835e246a7fb6925a961fa82022dd62358b34ecb bb-shutdown.patch +d4434b6c36578bffe24d477896a2d4b284c57b9b67214a3cd826d6af2f5d1e53 bb-find.patch +77c64e6137457be89c150b82d681a3eb5c7c1f06af142a321703fc9a43bff200 lxc.initd +e027a75881d720f705c5b844b80b815de0db78df9deafde36dedb1e079d6387a setup-lxc-template +7a2aa24263efd925f90f4e7c3277f9f195465f121ff9557ae0c3408a5f95b328 setup-lxc-guest +5993758b7723000368ee6987d3c6bfee28920667d860350d3db3ed90117370a4 lxc-alpine" +sha512sums="47333e2010d0f4488b8876ba933f2d26304874bec0371a7ab3b6e5bd1a50a7d2312ff8507e273f1ee2341a7f2e3b79cd71e5e19ac31006a4e429ee96b01733f6 lxc-0.8.0.tar.gz +fd6c34a8775832b42e4b0a9f1e294a1bb54ecc6117277f8f02c1a24e4fc956480fe652aa889d0edf7d50fc1f36db3b7bca21d87a0365ab7b8763a20b0879806c bb-rm.patch +f097d17eb306c25790fb4acfe48e3af86cca40c9250a94cbe5012321d0f07019fc5af0b31443352d0d458c9bfef7e05707263b381911a97285eeab49098176f0 0001-lxc-start-add-option-p-pidfile-FILE-for-use-with-dae.patch +bfd6aa6c02396115dd603f1ec93aae0cd8378e9d249adfa5ac543448f94f05452df00ef749ffc2264c2f6c16b4b32a9cfb3d5de67b70c364d641159261b7dd7f bb-shutdown.patch +b011d16a19cf3efd64aaf8f9ecba8f78320d8a57bb8fbb28d2a1787a2936b30b5d21d5c1581cd6a98422d2a0666788f7228d4fa285c3dcbfac0de739718f016f bb-find.patch +4e56f7b869345f936df54c4359abdd3b8d0244c0fd71a9a787bc2393c4caabca22ca8417f16da47f02c86294750986fd674d0d2e7c1b1d096076873b22c07a29 lxc.initd +d9c4d20cc4e07b7bf53361c7ea51043c578faef09a8ed588e77362ce2f7d531348300a190d22f3787f41ed8bea24d1734c00a5a7143791a49451dde88b06d51b setup-lxc-template +a3fa846878f9fb897a607a20ae6847c067dc651eaf8c3d8a75ecee1057638226591825723c7fe7ad38a6647c158b870101d72c660e8bebedbdc1fa95a1c5cf5c setup-lxc-guest +304721a7b720a41be1884c9f96f881ff9ccc07737c45a2e2b3a3ec5fcd5f991109911051ca021d60b697f31f0da8ef23a83d6c1233f3ad292a1b0b257c864197 lxc-alpine" diff --git a/main/lxc/bb-find.patch b/main/lxc/bb-find.patch new file mode 100644 index 0000000000..663a81e070 --- /dev/null +++ b/main/lxc/bb-find.patch @@ -0,0 +1,11 @@ +--- ./src/lxc/lxc-ls.in.orig 2013-02-09 17:22:38.811308444 +0000 ++++ ./src/lxc/lxc-ls.in 2013-02-09 17:25:00.665833613 +0000 +@@ -87,7 +87,7 @@ + + containers="" + if [ ! -z "$directory" ]; then +- containers=$(find $directory -mindepth 1 -maxdepth 1 -type d -printf "%f\n" 2>/dev/null) ++ containers=$(find $directory -mindepth 1 -maxdepth 1 -type d -print 2>/dev/null | sed 's:.*/::') + fi + + if [ -z "$containers" ]; then diff --git a/main/lxc/bb-shutdown.patch b/main/lxc/bb-shutdown.patch new file mode 100644 index 0000000000..bfda20e11b --- /dev/null +++ b/main/lxc/bb-shutdown.patch @@ -0,0 +1,26 @@ +--- ./src/lxc/lxc-shutdown.in.orig 2013-02-08 13:28:28.489406380 +0000 ++++ ./src/lxc/lxc-shutdown.in 2013-02-08 13:30:31.910466926 +0000 +@@ -113,11 +113,21 @@ + exit 1 + fi + ++signal_reboot=INT ++signal_poweroff=PWR ++init_exe=$(readlink -f /proc/$pid/exe) ++case ${init_exe} in ++ */busybox) ++ signal_reboot=TERM ++ signal_poweroff=USR2 ++ ;; ++esac ++ + if [ $reboot -eq 1 ]; then +- kill -INT $pid ++ kill -s $signal_reboot $pid + exit 0 + else +- kill -PWR $pid ++ kill -s $signal_poweroff $pid + fi + + if [ $dowait -eq 0 ]; then diff --git a/main/lxc/lxc-alpine b/main/lxc/lxc-alpine new file mode 100755 index 0000000000..3c2db7cd79 --- /dev/null +++ b/main/lxc/lxc-alpine @@ -0,0 +1,239 @@ +#!/bin/sh + +install_alpine() { + rootfs="$1" + shift + mkdir -p "$rootfs"/etc/apk || return 1 + cp -r ${keys_dir:-/etc/apk/keys} "$rootfs"/etc/apk/ + if [ -n "$repository" ]; then + echo "$repository" > "$rootfs"/etc/apk/repositories + else + cp /etc/apk/repositories "$rootfs"/etc/apk/repositories || return 1 + fi + opt_arch= + if [ -n "$apk_arch" ]; then + opt_arch="--arch $apk_arch" + fi + ${APK:-apk} add -U --initdb --root $rootfs $opt_arch "$@" alpine-base +} + +configure_alpine() { + rootfs="$1" + echo "Setting up /etc/inittab" + cat >"$rootfs"/etc/inittab<<EOF +::sysinit:/sbin/rc sysinit +::wait:/sbin/rc default +tty1:12345:respawn:/sbin/getty 38400 tty1 +::ctrlaltdel:/sbin/reboot +::shutdown:/sbin/rc shutdown +EOF + # set up nameserver + grep nameserver /etc/resolv.conf > "$rootfs/etc/resolv.conf" + + # configure the network using the dhcp + # note that lxc will set up lo interface + cat <<EOF > $rootfs/etc/network/interfaces +#auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet dhcp +EOF + + # set the hostname + echo $hostname > $rootfs/etc/hostname + + # missing device nodes + echo "Setting up device nodes" + mkdir -p -m 755 "$rootfs/dev/pts" + mkdir -p -m 1777 "$rootfs/dev/shm" + mknod -m 666 "$rootfs/dev/full" c 1 7 + mknod -m 666 "$rootfs/dev/random" c 1 8 + mknod -m 666 "$rootfs/dev/urandom" c 1 9 + mknod -m 666 "$rootfs/dev/tty0" c 4 0 + mknod -m 666 "$rootfs/dev/tty1" c 4 1 + mknod -m 666 "$rootfs/dev/tty2" c 4 2 + mknod -m 666 "$rootfs/dev/tty3" c 4 3 + mknod -m 666 "$rootfs/dev/tty4" c 4 4 +# mknod -m 600 "$rootfs/dev/initctl" p + mknod -m 666 "$rootfs/dev/tty" c 5 0 + mknod -m 666 "$rootfs/dev/console" c 5 1 + mknod -m 666 "$rootfs/dev/ptmx" c 5 2 + + # start services + ln -s /etc/init.d/syslog "$rootfs"/etc/runlevels/default/syslog + + return 0 +} + +copy_configuration() { + path=$1 + rootfs=$2 + hostname=$3 + + grep -q "^lxc.rootfs" $path/config 2>/dev/null \ + || echo "lxc.rootfs = $rootfs" >> $path/config + if [ -n "$lxc_arch" ]; then + echo "lxc.arch = $lxc_arch" >> $path/config + fi + + lxc_network_link_line="# lxc.network.link = br0" + for br in lxcbr0 virbr0 br0; do + if [ -d /sys/class/net/$br/bridge ]; then + lxc_network_link_line="lxc.network.link = $br" + break + fi + done + + if ! grep -q "^lxc.network.type" $path/config 2>/dev/null; then + cat <<EOF >> $path/config +lxc.network.type = veth +$lxc_network_link_line +lxc.network.flags = up +EOF + fi + + # if there is exactly one veth network entry, make sure it has an + # associated mac address. + nics=$(grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l) + if [ "$nics" -eq 1 ] && ! grep -q "^lxc.network.hwaddr" $path/config; then + # see http://sourceforge.net/tracker/?func=detail&aid=3411497&group_id=163076&atid=826303 + hwaddr="fe:$(dd if=/dev/urandom bs=8 count=1 2>/dev/null |od -t x8 | \ + head -1 |awk '{print $2}' | cut -c1-10 |\ + sed 's/\(..\)/\1:/g; s/.$//')" + echo "lxc.network.hwaddr = $hwaddr" >> $path/config + fi + + cat <<EOF >> $path/config + +lxc.tty = 4 +lxc.pts = 1024 +lxc.utsname = $hostname + +# When using LXC with apparmor, uncomment the next line to run unconfined: +#lxc.aa_profile = unconfined + +# devices +lxc.cgroup.devices.deny = a +# /dev/null and zero +lxc.cgroup.devices.allow = c 1:3 rwm +lxc.cgroup.devices.allow = c 1:5 rwm +# consoles +lxc.cgroup.devices.allow = c 5:1 rwm +lxc.cgroup.devices.allow = c 5:0 rwm +lxc.cgroup.devices.allow = c 4:0 rwm +lxc.cgroup.devices.allow = c 4:1 rwm +# /dev/{,u}random +lxc.cgroup.devices.allow = c 1:9 rwm +lxc.cgroup.devices.allow = c 1:8 rwm +lxc.cgroup.devices.allow = c 136:* rwm +lxc.cgroup.devices.allow = c 5:2 rwm +# rtc +lxc.cgroup.devices.allow = c 254:0 rwm + +# mounts point +lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry=run run tmpfs nodev,noexec,nosuid,relatime,size=1m,mode=0755 0 0 +lxc.mount.entry=none dev/pts devpts gid=5,mode=620 0 0 + +EOF + + return 0 +} + +die() { + echo "$@" >&2 + exit 1 +} + +usage() { + cat >&2 <<EOF +Usage: $(basename $0) [-h|--help] [-r|--repository <url>] [-a|--arch <arch>] + -p|--path <path> -n|--name <name> [PKG...] +EOF +} + +usage_err() { + usage + exit 1 +} + +optarg_check() { + if [ -z "$2" ]; then + usage_err "option '$1' requires an argument" + fi +} + +default_path=/var/lib/lxc + +while [ $# -gt 0 ]; do + opt="$1" + shift + case "$opt" in + -h|--help) + usage + exit 0 + ;; + -n|--name) + optarg_check $opt "$1" + name=$1 + shift + ;; + -p|--path) + optarg_check $opt "$1" + path=$1 + shift + ;; + -r|--repository) + optarg_check $opt "$1" + repository=$1 + shift + ;; + -a|--arch) + optarg_check $opt "$1" + arch=$1 + shift + ;; + --) + break;; + --*=*) + # split --myopt=foo=bar into --myopt foo=bar + set -- ${opt%=*} ${opt#*=} "$@" + ;; + -?) + usage_err "unknown option '$opt'" + ;; + -*) + # split opts -abc into -a -b -c + set -- $(echo "${opt#-}" | sed 's/\(.\)/ -\1/g') "$@" + ;; + esac +done + + +[ -z "$name" ] && usage_err + +if [ -z "${path}" ]; then + path="${default_path}/${name}" +fi + +rootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null` +if [ -z "$rootfs" ]; then + rootfs="${path}/rootfs" +fi + +lxc_arch=$arch +apk_arch=$arch + +case "$arch" in + i[3-6]86) + apk_arch=x86;; + x86) + lxc_arch=i686;; + x86_64|"") ;; + *) die "unsupported architecture: $arch";; +esac + +install_alpine "$rootfs" "$@" || die "Failed to install rootfs for $name" +configure_alpine "$rootfs" "$name" || die "Failed to configure $name" +copy_configuration "$path" "$rootfs" "$name" diff --git a/main/lxc/lxc.initd b/main/lxc/lxc.initd index cfa90c8690..4ece09f9a9 100644 --- a/main/lxc/lxc.initd +++ b/main/lxc/lxc.initd @@ -74,11 +74,6 @@ start() { stop() { checkconfig || return 1 - if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then - ewarn "${CONTAINER} doesn't seem to be started." - return 0 - fi - ebegin "Shutting down system in ${CONTAINER}" start-stop-daemon --stop --pidfile ${pidfile} \ --retry ${POWEROFF_SIGNAL:-SIGUSR2}/${TIMEOUT:-30} \ |