diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2009-10-29 10:12:00 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2009-10-29 10:12:00 +0000 |
| commit | 199dba2f5b6139dad76034a37628b31eb3029fcd (patch) | |
| tree | 83decf6c3d2ed206d0dc1682a10cb6a350f24b9b /testing | |
| parent | a3b840471513712072f957a5d44857034d6e844f (diff) | |
| download | aports-199dba2f5b6139dad76034a37628b31eb3029fcd.tar.bz2 aports-199dba2f5b6139dad76034a37628b31eb3029fcd.tar.xz | |
testing/util-vserver: mist fixes
* set default nproc limit in post install/upgrade script. This
prevents guests to forkbomb the host to death.
* support for creating multiple guests in one shot
Diffstat (limited to 'testing')
| -rw-r--r-- | testing/util-vserver/APKBUILD | 14 | ||||
| -rw-r--r-- | testing/util-vserver/setup-vs-guest | 216 | ||||
| -rw-r--r-- | testing/util-vserver/util-vserver.post-install | 15 | ||||
| l--------- | testing/util-vserver/util-vserver.post-upgrade | 1 |
4 files changed, 158 insertions, 88 deletions
diff --git a/testing/util-vserver/APKBUILD b/testing/util-vserver/APKBUILD index 92faf4579..f66a5355b 100644 --- a/testing/util-vserver/APKBUILD +++ b/testing/util-vserver/APKBUILD @@ -2,11 +2,11 @@ pkgname=util-vserver pkgver=0.30.216_pre2849 _realver=0.30.216-pre2849 -pkgrel=3 +pkgrel=4 pkgdesc="Linux-VServer admin utilities" url="http://www.nongnu.org/util-vserver/" license="GPL" -# needs coreutils for touch -t +install="$pkgname.post-install $pkgname.post-upgrade" makedepends="iptables-dev e2fsprogs-dev beecrypt-dev autoconf automake pkgconfig libtool" depends="bash make" @@ -22,9 +22,11 @@ source="http://people.linux-vserver.org/~dhozac/t/uv-testing/util-vserver-$_real " subpackages="$pkgname-doc $pkgname-dev" +_builddir="$srcdir"/$pkgname-$_realver + build() { local i - cd "$srcdir"/$pkgname-$_realver + cd "$_builddir" for i in ../*.patch; do [ -r "$i" ] || continue msg "Applying $i" @@ -46,6 +48,10 @@ build() { # use busybox ionice rather than util-linux-ng sed -i -e 's:/usr/bin/ionice:/bin/ionice:' Makefile make || return 1 +} + +package() { + cd "$_builddir" make DESTDIR="$pkgdir/" install install-distribution install -Dm755 ../setup-vs-template "$pkgdir"/usr/sbin/setup-vs-template install -Dm755 ../setup-vs-guest "$pkgdir"/usr/sbin/setup-vs-guest @@ -58,4 +64,4 @@ ff8f561f672524eb46fe633f584ef60e ensc_pathprog.patch da8b70c4fd40e68894b3903ffd121397 validate.patch 04000261fd990a3963b0e98260b481bd alpine.patch 49bca7969cc284adf68e0ef284c0660e setup-vs-template -b7a30afd4ba87968cb58137d59d8e8f8 setup-vs-guest" +838511f74983453ef9827ed875b70d59 setup-vs-guest" diff --git a/testing/util-vserver/setup-vs-guest b/testing/util-vserver/setup-vs-guest index a1e6959e2..dffd3c880 100644 --- a/testing/util-vserver/setup-vs-guest +++ b/testing/util-vserver/setup-vs-guest @@ -161,98 +161,146 @@ valid_ip() { ipcalc -s $1 } -if [ "$(whoami)" != "root" ]; then - echo "Need to be root. Sorry." - exit 1 -fi +# ask for hostname +# +# $1 = default +# +# retrusn hostname in global var $resp +# +ask_hostname() { + while true; do + ask "Hostname for new vserver:" $1 + if [ -d /etc/vservers/$resp ]; then + echo "/etc/vservers/$resp already exist" + continue + fi + if [ -d /vservers/$resp ]; then + echo "/vservers/$resp already exist" + continue + fi + valid_hostname $resp && break + done +} -ifaces=$(ip addr | awk -F: '$1 ~ /^[0-9]/ {printf "%s" $2} END {printf "\n"}') -last_iface=$(echo $ifaces | sed 's/.* //') +ask_ifaceopts() { + # get ip address(es) + resp= + local ifaceopts= _def= _iface= + local ifaces=$(ip addr | awk -F: '$1 ~ /^[0-9]/ {printf "%s" $2} END {printf "\n"}') + local last_iface=$(echo $ifaces | sed 's/.* //') + while [ "$resp" != "done" ]; do + if [ -z "$ifaces" ] || [ "$ifaces" = "lo " ] || [ -n "$ifaceopts" ]; then + _def="done" + else + _def=$(echo $ifaces | sed 's/.* //') + fi + ask_which "network interface" "to use for $_hostname" \ + "$ifaces" $_def + [ "$resp" = "done" ] && break -while true; do - ask "Hostname for new vserver:" - if [ -d /etc/vservers/$resp ]; then - echo "/etc/vservers/$resp already exist" - continue - fi - if [ -d /vservers/$resp ]; then - echo "/vservers/$resp already exist" - continue - fi - valid_hostname $resp && break -done -_hostname=$resp - -# get ip address(es) -resp= -ifaceopts= -while [ "$resp" != "done" ]; do - if [ -z "$ifaces" ] || [ "$ifaces" = "lo " ]; then - _def="done" - else - _def=$(echo $ifaces | sed 's/.* //') - fi - ask_which "network interface" "to use for $_hostname" "$ifaces" $_def - [ "$resp" = "done" ] && break - - _iface=$resp - ifaces=$(rmel $_iface $ifaces) - # suggested ip by last digit + 1 - _last_ip_mask=$(last_ipv4_addr_mask $_iface) - _last_ip=${_last_ip_mask%/*} - _last_ip_digit=${_last_ip##*.} - _ip=${_last_ip%.*}.$((($_last_ip_digit + 1) % 256)) - _mask=${_last_ip_mask#*/} + _iface=$resp + ifaces=$(rmel $_iface $ifaces) + # suggested ip by last digit + 1 + _last_ip_mask=$(last_ipv4_addr_mask $_iface) + _last_ip=${_last_ip_mask%/*} + _last_ip_digit=${_last_ip##*.} + _ip=${_last_ip%.*}.$((($_last_ip_digit + 1) % 256)) + _mask=${_last_ip_mask#*/} + while true; do + ask "Enter IP address/mask for $_iface:" $_ip/$_mask + valid_ip $resp && break + echo "$resp is not a valid IPv4 address/mask" + done + _ip_mask=$resp + ifaceopts="$ifaceopts --interface $_iface:$_ip_mask" + + # suggest context from last digit in first ip address + if [ -z "$_context" ]; then + _ip=${_ip_mask%/*} + _last_digit=${_ip##*.} + _context=$((10000 + $_last_digit)) + fi + done + resp="$ifacesopts" +} + +ask_context() { + # get context id while true; do - ask "Enter IP address/mask for $_iface:" $_ip/$_mask - valid_ip $resp && break - echo "$resp is not a valid IPv4 address/mask" + ask "Enter context id for $_hostname:" $_context + if echo "$resp" | egrep -q "[0-9]+"; then + [ $resp -ge 0 ] && [ $resp -lt 65535 ] && break + fi + echo "Context id must be a 0-65534 number" done - _ip_mask=$resp - ifaceopts="$ifaceopts --interface $_iface:$_ip_mask" - - # suggest context from last digit in first ip address - if [ -z "$_context" ]; then - _ip=${_ip_mask%/*} - _last_digit=${_ip##*.} - _context=$((10000 + $_last_digit)) - fi -done +} -# get context id -while true; do - ask "Enter context id for $_hostname:" $_context - if echo "$resp" | egrep -q "[0-9]+"; then - [ $resp -ge 0 ] && [ $resp -lt 65535 ] && break +ask_template() { + local temp + # get template + while true; do + ask "Enter template file (or empty for generate a new):" \ + $_template + if [ -z "$resp" ] || [ -r "$resp" ]; then + break + fi + echo "Can not read $resp" + done + temp=$resp + if [ -z "$temp" ]; then + temp=/vservers/template.tar.gz + echo -n "Generating template..." + if setup-vs-template -q -o $temp; then + echo "ok" + else + echo "Failed to create template" + exit 1 + fi fi - echo "Context id must be a 0-65534 number" -done -_context=$resp + resp=$temp +} -# get template -while true; do - ask "Enter template file (or empty for generate a new):" - if [ -z "$resp" ] || [ -r "$resp" ]; then - break - fi - echo "Can not read $resp" +usage() { + echo "Usage: ${0##*/} [-h] [HOSTNAME...]" + exit 1 +} + +while getopts "h" opt; do + case "$opt" in + h) usage;; + ?) usage;; + esac done -_template=$resp - -if [ -z "$_template" ]; then - _template=/vservers/template.tar.gz - echo -n "Generating template..." - if setup-vs-template -q -o $_template; then - echo "ok" - else - echo "Failed to create template" - exit 1 - fi + +shift $(($OPTIND - 1)) + +if [ "$(whoami)" != "root" ]; then + echo "Need to be root. Sorry." + exit 1 fi -vserver $_hostname build \ - --hostname $_hostname \ - $ifaceopts \ - --context $_context \ - -m template -- -t "$_template" -d alpine +while true; do + ask_hostname $1 + _hostname=$resp + ask_ifaceopts + _ifaceopts=$resp + + ask_context + _context=$resp + + ask_template + _template=$resp + + vserver $_hostname build \ + --hostname $_hostname \ + $_ifaceopts \ + --context $_context \ + -m template -- -t "$_template" -d alpine \ + && cp /etc/resolv.conf /vservers/$_hostname/etc/ \ + && cp /etc/apk/repositories /vservers/$_hostname/etc/apk/ \ + || exit 1 + + shift + [ $# -le 0 ] && exit 0 +done diff --git a/testing/util-vserver/util-vserver.post-install b/testing/util-vserver/util-vserver.post-install new file mode 100644 index 000000000..3d3326a7a --- /dev/null +++ b/testing/util-vserver/util-vserver.post-install @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ -f /etc/vservers/.defaults/rlimits/nproc ]; then + exit 0 +fi + +# calculate the nproc limit from amount of ram +memtotal=$(awk '$1 == "MemTotal:" {print $2}' /proc/meminfo 2>/dev/null +nproc=$(( ${memtotal:-524288} / 256 )) + +# set a "sane" default nproc limit +echo "Setting default nproc limit to $nproc" +mkdir -p /etc/vservers/.defaults/rlimits +echo $nproc > /etc/vservers/.defaults/rlimits/nproc + diff --git a/testing/util-vserver/util-vserver.post-upgrade b/testing/util-vserver/util-vserver.post-upgrade new file mode 120000 index 000000000..c5db4163f --- /dev/null +++ b/testing/util-vserver/util-vserver.post-upgrade @@ -0,0 +1 @@ +util-vserver.post-install
\ No newline at end of file |