aboutsummaryrefslogtreecommitdiffstats
path: root/main/lxc
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-07-25 09:47:06 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-07-25 09:47:06 +0000
commit88a12c1ff4fc7d5a3a79000ffd0abb0e5e1d85e2 (patch)
treec074a2dce36269f0d1f6aa40af026c0ef8ac6552 /main/lxc
parent58bcc48d91dc7396aaea2999fddb3ecdc70ec591 (diff)
downloadaports-88a12c1ff4fc7d5a3a79000ffd0abb0e5e1d85e2.tar.bz2
aports-88a12c1ff4fc7d5a3a79000ffd0abb0e5e1d85e2.tar.xz
main/lxc: backport alpine template from git
so we get --release support
Diffstat (limited to 'main/lxc')
-rw-r--r--main/lxc/APKBUILD6
-rw-r--r--main/lxc/alpine-template-backport.patch201
2 files changed, 206 insertions, 1 deletions
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD
index 054fbe2c82..4a65633b7a 100644
--- a/main/lxc/APKBUILD
+++ b/main/lxc/APKBUILD
@@ -3,7 +3,7 @@
pkgname=lxc
pkgver=0.9.0
_mypkgver=${pkgver/_rc/-rc}
-pkgrel=0
+pkgrel=1
pkgdesc="linux containers - tools"
url="http://lxc.sourceforge.net/"
arch="all"
@@ -16,6 +16,7 @@ subpackages="$pkgname-dev $pkgname-doc"
source="http://lxc.sourceforge.net/download/lxc/$pkgname-$_mypkgver.tar.gz
bb-rm.patch
bb-shutdown.patch
+ alpine-template-backport.patch
lxc.initd
"
@@ -50,12 +51,15 @@ package() {
md5sums="8552a4479090616f4bc04d8473765fc9 lxc-0.9.0.tar.gz
a0894c2ddf9133c3cc33c264e4596a3c bb-rm.patch
e96514860ee34b62d1b208ab03c569bc bb-shutdown.patch
+25dd200bd158d16a05bb3e7aaef84697 alpine-template-backport.patch
f3c6998798b13425b8d0647bad0834a8 lxc.initd"
sha256sums="1e1767eae6cc5fbf892c0e193d25da420ba19f2db203716c38f7cdea3b654120 lxc-0.9.0.tar.gz
c9caea06b87baf5e335821c7e9ce3caca849b33f8176fbd48126c605583e78fc bb-rm.patch
0e5706cb077f750afdd6a5a4fd2afdf0b9113126c85e130d92680bed4ce9c20e bb-shutdown.patch
+df193c4cf08e171c23b0b472750b7b1e0e7a66971c03201a0523e4039909f33b alpine-template-backport.patch
77c64e6137457be89c150b82d681a3eb5c7c1f06af142a321703fc9a43bff200 lxc.initd"
sha512sums="a96133660ca6ea45dc4b8d167267120328577339e933ff9510f03e9d368ca5db77031dc1e7e4529b3e506f63f79c2ce3f8f72571a7dfdbeb2a8799777782a606 lxc-0.9.0.tar.gz
b8fe47af6b1341ca472b6337c304f52402c53d400fc1d13895f2f568dd4d81b9ff281efc70bc1ddc221ac457db3bed4a199491059a15f66755deddc93ce91bf1 bb-rm.patch
86df52e380a01d6d3f588ca395925e8f774529c72e5b4c8dcb701d79fad7697ed8800f0ff51fded2896b2d2af49faa7f26960234fc8c1a6b4bc8f42d85078e6d bb-shutdown.patch
+d10e25aeee0aba61a4c3420fe1b2bfd9213e7ef10f399ed5f0ba5d978a97a49fd23044b098f73f6d9651c23b1bb025f30d81deb6aec9edf4d2267afc22a09d60 alpine-template-backport.patch
4e56f7b869345f936df54c4359abdd3b8d0244c0fd71a9a787bc2393c4caabca22ca8417f16da47f02c86294750986fd674d0d2e7c1b1d096076873b22c07a29 lxc.initd"
diff --git a/main/lxc/alpine-template-backport.patch b/main/lxc/alpine-template-backport.patch
new file mode 100644
index 0000000000..158efcf422
--- /dev/null
+++ b/main/lxc/alpine-template-backport.patch
@@ -0,0 +1,201 @@
+diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
+index 962d274..ce7226f 100644
+--- a/templates/lxc-alpine.in
++++ b/templates/lxc-alpine.in
+@@ -1,20 +1,99 @@
+ #!/bin/sh
+
++key_sha256sums="9c102bcc376af1498d549b77bdbfa815ae86faa1d2d82f040e616b18ef2df2d4 alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub
++2adcf7ce224f476330b5360ca5edb92fd0bf91c92d83292ed028d7c4e26333ab alpine-devel@lists.alpinelinux.org-4d07755e.rsa.pub"
++
++get_static_apk () {
++ wget="wget -q -O -"
++ pkglist=alpine-keys:apk-tools-static
++ auto_repo_dir=
++
++ if [ -z "$repository" ]; then
++ url=http://wiki.alpinelinux.org/cgi-bin/dl.cgi
++ if [ -z "$release" ]; then
++ echo -n "Determining the latest release... "
++ release=$($wget $url/.latest.$apk_arch.txt | \
++ cut -d " " -f 3 | cut -d / -f 1 | uniq)
++ if [ -z "$release" ]; then
++ echo failed
++ return 1
++ fi
++ echo $release
++ fi
++ auto_repo_dir=$release/main
++ repository=$url/$auto_repo_dir
++ pkglist=$pkglist:alpine-mirrors
++ fi
++
++ rootfs="$1"
++ echo "Using static apk from $repository/$apk_arch"
++ wget="$wget $repository/$apk_arch"
++
++ # parse APKINDEX to find the current versions
++ static_pkgs=$($wget/APKINDEX.tar.gz | \
++ tar -Oxz APKINDEX | \
++ awk -F: -v pkglist=$pkglist '
++ BEGIN { split(pkglist,pkg) }
++ $0 != "" { f[$1] = $2 }
++ $0 == "" { for (i in pkg)
++ if (pkg[i] == f["P"])
++ print(f["P"] "-" f["V"] ".apk") }')
++ [ "$static_pkgs" ] || return 1
++
++ mkdir -p "$rootfs" || return 1
++ for pkg in $static_pkgs; do
++ echo "Downloading $pkg"
++ $wget/$pkg | tar -xz -C "$rootfs"
++ done
++
++ # clean up .apk meta files
++ rm -f "$rootfs"/.[A-Z]*
++
++ # verify checksum of the key
++ keyname=$(echo $rootfs/sbin/apk.static.*.pub | sed 's/.*\.SIGN\.RSA\.//')
++ checksum=$(echo "$key_sha256sums" | grep -w "$keyname")
++ if [ -z "$checksum" ]; then
++ echo "ERROR: checksum is missing for $keyname"
++ return 1
++ fi
++ (cd $rootfs/etc/apk/keys && echo "$checksum" | sha256sum -c -) || return 1
++
++ # verify the static apk binary signature
++ APK=$rootfs/sbin/apk.static
++ openssl dgst -verify $rootfs/etc/apk/keys/$keyname \
++ -signature "$APK.SIGN.RSA.$keyname" "$APK" || return 1
++
++ if [ "$auto_repo_dir" ]; then
++ mirror_list=$rootfs/usr/share/alpine-mirrors/MIRRORS.txt
++ mirror_count=$(wc -l $mirror_list | cut -d " " -f 1)
++ repository=$(sed $(expr $RANDOM % $mirror_count + 1)\!d \
++ $mirror_list)$auto_repo_dir
++ echo "Selecting mirror $repository"
++ fi
++}
++
+ install_alpine() {
+ rootfs="$1"
+ shift
+ mkdir -p "$rootfs"/etc/apk || return 1
+- cp -r ${keys_dir:-/etc/apk/keys} "$rootfs"/etc/apk/
++ : ${keys_dir:=/etc/apk/keys}
++ if ! [ -d "$rootfs"/etc/apk/keys ] && [ -d "$keys_dir" ]; then
++ cp -r "$keys_dir" "$rootfs"/etc/apk/keys
++ fi
+ if [ -n "$repository" ]; then
+ echo "$repository" > "$rootfs"/etc/apk/repositories
+ else
+ cp /etc/apk/repositories "$rootfs"/etc/apk/repositories || return 1
++ if [ -n "$release" ]; then
++ sed -i -e "s:/[^/]\+/\([^/]\+\)$:/$release/\1:" \
++ "$rootfs"/etc/apk/repositories
++ fi
+ fi
+ opt_arch=
+ if [ -n "$apk_arch" ]; then
+ opt_arch="--arch $apk_arch"
+ fi
+- ${APK:-apk} add -U --initdb --root $rootfs $opt_arch "$@" alpine-base
++ $APK add -U --initdb --root $rootfs $opt_arch "$@" alpine-base
+ }
+
+ configure_alpine() {
+@@ -109,6 +188,7 @@ EOF
+ lxc.tty = 4
+ lxc.pts = 1024
+ lxc.utsname = $hostname
++lxc.cap.drop = sys_module mac_admin mac_override sys_time
+
+ # When using LXC with apparmor, uncomment the next line to run unconfined:
+ #lxc.aa_profile = unconfined
+@@ -129,7 +209,7 @@ lxc.cgroup.devices.allow = c 1:8 rwm
+ lxc.cgroup.devices.allow = c 136:* rwm
+ lxc.cgroup.devices.allow = c 5:2 rwm
+ # rtc
+-lxc.cgroup.devices.allow = c 254:0 rwm
++lxc.cgroup.devices.allow = c 254:0 rm
+
+ # mounts point
+ lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
+@@ -148,8 +228,10 @@ die() {
+
+ usage() {
+ cat >&2 <<EOF
+-Usage: $(basename $0) [-h|--help] [-r|--repository <url>] [-a|--arch <arch>]
+- -p|--path <path> -n|--name <name> [PKG...]
++Usage: $(basename $0) [-h|--help] [-r|--repository <url>]
++ [-R|--release <release>] [-a|--arch <arch>]
++ [--rootfs <rootfs>] -p|--path <path> -n|--name <name>
++ [PKG...]
+ EOF
+ }
+
+@@ -165,6 +247,14 @@ optarg_check() {
+ }
+
+ default_path=@LXCPATH@
++release=
++arch=$(uname -m)
++
++# template mknods, requires root
++if [ $(id -u) -ne 0 ]; then
++ echo "$(basename $0): must be run as root" >&2
++ exit 1
++fi
+
+ while [ $# -gt 0 ]; do
+ opt="$1"
+@@ -179,6 +269,11 @@ while [ $# -gt 0 ]; do
+ name=$1
+ shift
+ ;;
++ --rootfs)
++ optarg_check $opt "$1"
++ rootfs=$1
++ shift
++ ;;
+ -p|--path)
+ optarg_check $opt "$1"
+ path=$1
+@@ -189,6 +284,11 @@ while [ $# -gt 0 ]; do
+ repository=$1
+ shift
+ ;;
++ -R|--release)
++ optarg_check $opt "$1"
++ release=$1
++ shift
++ ;;
+ -a|--arch)
+ optarg_check $opt "$1"
+ arch=$1
+@@ -217,9 +317,11 @@ if [ -z "${path}" ]; then
+ path="${default_path}/${name}"
+ fi
+
+-rootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null`
+ if [ -z "$rootfs" ]; then
+- rootfs="${path}/rootfs"
++ rootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null`
++ if [ -z "$rootfs" ]; then
++ rootfs="${path}/rootfs"
++ fi
+ fi
+
+ lxc_arch=$arch
+@@ -234,6 +336,11 @@ case "$arch" in
+ *) die "unsupported architecture: $arch";;
+ esac
+
++: ${APK:=apk}
++if ! which $APK >/dev/null; then
++ get_static_apk "$rootfs" || die "Failed to download a valid static apk"
++fi
++
+ install_alpine "$rootfs" "$@" || die "Failed to install rootfs for $name"
+ configure_alpine "$rootfs" "$name" || die "Failed to configure $name"
+ copy_configuration "$path" "$rootfs" "$name"