/templates/lxc-openmandriva.in
Autoconf | 490 lines | 375 code | 67 blank | 48 comment | 57 complexity | e78f136ce7c512d69534e303b21db839 MD5 | raw file
- #!/bin/bash
- #
- # template script for generating openmandriva container for LXC
- #
- #
- # lxc: linux Container library
- # Authors:
- # Alexander Khryukin <alexander@mezon.ru>
- # Vokhmin Alexey V <avokhmin@gmail.com>
- # This library is free software; you can redistribute it and/or
- # modify it under the terms of the GNU Lesser General Public
- # License as published by the Free Software Foundation; either
- # version 2.1 of the License, or (at your option) any later version.
- # This library is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- # Lesser General Public License for more details.
- # You should have received a copy of the GNU Lesser General Public
- # License along with this library; if not, write to the Free Software
- # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- #
- # Detect use under userns (unsupported)
- for arg in "$@"; do
- [ "$arg" = "--" ] && break
- if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
- echo "This template can't be used for unprivileged containers." 1>&2
- echo "You may want to try the \"download\" template instead." 1>&2
- exit 1
- fi
- done
- # Make sure the usual locations are in PATH
- export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
- #Configurations
- #distro=cooker
- hostarch=$(uname -m)
- cache_base=@LOCALSTATEDIR@/cache/lxc/openmandriva/$arch
- default_path=@LXCPATH@
- default_profile=default
- root_password=root
- lxc_network_type=veth
- lxc_network_link=br0
- # is this openmandriva?
- [ -f /etc/mandriva-release ] && is_openmandriva=true
- configure_openmandriva()
- {
- mkdir -p ${rootfs_path}/etc/sysconfig/network-scripts/
- # configure the network using the dhcp
- cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=dhcp
- NM_CONTROLLED=no
- HOSTNAME=${utsname}
- EOF
- # set the hostname
- cat <<EOF > ${rootfs_path}/etc/sysconfig/network
- NETWORKING=yes
- HOSTNAME=${utsname}
- EOF
- echo "${utsname}" > ${rootfs_path}/etc/hostname
- # set minimal hosts
- cat <<EOF > $rootfs_path/etc/hosts
- 127.0.0.1 localhost.localdomain localhost $utsname
- ::1 localhost6.localdomain6 localhost6
- EOF
- }
- populate_dev()
- {
- echo -n "Create devices in /dev/"
- dev_path="${rootfs_path}/dev"
- rm -rf $dev_path
- mkdir -p $dev_path
- mknod -m 666 ${dev_path}/null c 1 3
- mknod -m 666 ${dev_path}/zero c 1 5
- mknod -m 666 ${dev_path}/random c 1 8
- mknod -m 666 ${dev_path}/urandom c 1 9
- mkdir -m 755 ${dev_path}/pts
- mkdir -m 1777 ${dev_path}/shm
- mknod -m 666 ${dev_path}/tty c 5 0
- mknod -m 666 ${dev_path}/tty0 c 4 0
- mknod -m 666 ${dev_path}/tty1 c 4 1
- mknod -m 666 ${dev_path}/tty2 c 4 2
- mknod -m 666 ${dev_path}/tty3 c 4 3
- mknod -m 666 ${dev_path}/tty4 c 4 4
- mknod -m 600 ${dev_path}/console c 5 1
- mknod -m 666 ${dev_path}/full c 1 7
- mknod -m 600 ${dev_path}/initctl p
- mknod -m 666 ${dev_path}/ptmx c 5 2
- mkdir -m 755 ${dev_path}/net
- mknod -m 666 ${dev_path}/net/tun c 10 200
- }
- set_guest_root_password()
- {
- [ -z "$root_password" ] && return # pass is empty, abort
- echo " - setting guest root password.."
- echo "root passwd is: $root_password"
- echo "root:$root_password" | chroot "$rootfs_path" chpasswd
- echo "done."
- }
- create_chroot_openmandriva()
- {
- # check the mini openmandriva was not already downloaded
- INSTALL_ROOT=$cache/cache
- mkdir -p $INSTALL_ROOT
- if [ $? -ne 0 ]; then
- echo "Failed to create '$INSTALL_ROOT' directory"
- return 1
- fi
- # package list to install
- PKG_LIST="basesystem-minimal locales locales-en initscripts urpmi cronie dhcp-client kbd"
- # download a mini openmandriva into a cache
- echo "Downloading openmandriva minimal ..."
- URPMI="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main http://abf.rosalinux.ru/downloads/$release/repository/$arch/main/release"
- echo $URPMI
- URPMI_BASE="/usr/sbin/urpmi --no-suggests --no-verify-rpm --ignorearch --root $INSTALL_ROOT --urpmi-root $INSTALL_ROOT --auto $PKG_LIST"
- $URPMI
- $URPMI_BASE
- # We're splitting the old loop into two loops plus a directory retrival.
- # First loop... Try and retrive a mirror list with retries and a slight
- # delay between attempts...
- if [ $? -ne 0 ]; then
- echo "Failed to download the rootfs, aborting."
- return 1
- fi
- mv "$INSTALL_ROOT" "$cache/rootfs"
- echo "Download complete."
- return 0
- }
- copy_openmandriva()
- {
- echo -n "Copying rootfs to $rootfs_path ..."
- mkdir -p $rootfs_path
- rsync -Ha $cache/rootfs/ $rootfs_path/
- return 0
- }
- update_openmandriva()
- {
- echo "automated update in progress..."
- urpmi --root $cache/rootfs --urpmi-root $cache/rootfs --auto --auto-update --ignorearch
- }
- configure_openmandriva_systemd()
- {
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd.service
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
- chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
- # remove numlock service
- # KDGKBLED: Inappropriate ioctl for device
- rm -f ${rootfs_path}/etc/systemd/system/getty@.service.d/enable-numlock.conf
- unlink ${rootfs_path}/etc/systemd/system/default.target
- chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
- sed -i 's!ConditionPathExists=/dev/tty0!ConditionPathExists=|/dev/tty0\nConditionVirtualization=|lxc!' \
- ${rootfs_path}/lib/systemd/system/getty\@.service
- }
- install_openmandriva()
- {
- mkdir -p @LOCALSTATEDIR@/lock/subsys/
- (
- flock -x 9
- if [ $? -ne 0 ]; then
- echo "Cache repository is busy."
- return 1
- fi
- echo "Checking cache download in $cache/rootfs ... "
- if [ ! -e "$cache/rootfs" ]; then
- echo $cache/rootfs
- create_chroot_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to download 'openmandriva basesystem-minimal'"
- return 1
- fi
- else
- echo "Cache found. Updating..."
- update_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to update 'openmandriva base', continuing with last known good cache"
- else
- echo "Update finished"
- fi
- fi
- echo "Copy $cache/rootfs to $rootfs_path ... "
- copy_openmandriva
- if [ $? -ne 0 ]; then
- echo "Failed to copy rootfs"
- return 1
- fi
- return 0
- ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
- return $?
- }
- copy_configuration()
- {
- mkdir -p $config_path
- grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config
- cat <<EOF >> $config_path/config
- lxc.utsname = $name
- lxc.autodev = 1
- lxc.tty = 4
- lxc.pts = 1024
- lxc.mount = $config_path/fstab
- lxc.cap.drop = sys_module mac_admin mac_override sys_time
- # When using LXC with apparmor, uncomment the next line to run unconfined:
- #lxc.aa_profile = unconfined
- #networking
- lxc.network.type = $lxc_network_type
- lxc.network.flags = up
- lxc.network.link = $lxc_network_link
- lxc.network.name = eth0
- lxc.network.mtu = 1500
- EOF
- if [ ! -z ${ipv4} ]; then
- cat <<EOF >> $config_path/config
- lxc.network.ipv4 = $ipv4
- EOF
- fi
- if [ ! -z ${gw} ]; then
- cat <<EOF >> $config_path/config
- lxc.network.ipv4.gateway = $gw
- EOF
- fi
- if [ ! -z ${ipv6} ]; then
- cat <<EOF >> $config_path/config
- lxc.network.ipv6 = $ipv6
- EOF
- fi
- if [ ! -z ${gw6} ]; then
- cat <<EOF >> $config_path/config
- lxc.network.ipv6.gateway = $gw6
- EOF
- fi
- cat <<EOF >> $config_path/config
- #cgroups
- lxc.cgroup.devices.deny = a
- # /dev/null and zero
- lxc.cgroup.devices.allow = c 1:3 rwm
- lxc.cgroup.devices.allow = c 1:5 rwm
- # consoles
- lxc.cgroup.devices.allow = c 5:1 rwm
- lxc.cgroup.devices.allow = c 5:0 rwm
- lxc.cgroup.devices.allow = c 4:0 rwm
- lxc.cgroup.devices.allow = c 4:1 rwm
- # /dev/{,u}random
- lxc.cgroup.devices.allow = c 1:9 rwm
- lxc.cgroup.devices.allow = c 1:8 rwm
- lxc.cgroup.devices.allow = c 136:* rwm
- lxc.cgroup.devices.allow = c 5:2 rwm
- # rtc
- lxc.cgroup.devices.allow = c 10:135 rwm
- EOF
- cat <<EOF > $config_path/fstab
- proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0
- sysfs $rootfs_path/sys sysfs defaults 0 0
- EOF
- if [ $? -ne 0 ]; then
- echo "Failed to add configuration"
- return 1
- fi
- return 0
- }
- clean()
- {
- if [ ! -e $cache ]; then
- exit 0
- fi
- # lock, so we won't purge while someone is creating a repository
- (
- flock -x 9
- if [ $? != 0 ]; then
- echo "Cache repository is busy."
- exit 1
- fi
- echo -n "Purging the download cache for OpenMandriva-$release..."
- rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
- exit 0
- ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva
- }
- usage()
- {
- cat <<EOF
- usage:
- $1 -n|--name=<container_name>
- [-p|--path=<path>] [-c|--clean] [-R|--release=<openmandriva2013.0/rosa2012.1/cooker/ release>]
- [-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
- [-g|--gw=<gw address>] [-d|--dns=<dns address>]
- [-P|--profile=<name of the profile>] [--rootfs=<path>]
- [-A|--arch=<arch of the container>]
- [-h|--help]
- Mandatory args:
- -n,--name container name, used to as an identifier for that container from now on
- Optional args:
- -p,--path path to where the container rootfs will be created, defaults to @LXCPATH@. The container config will go under @LXCPATH@ in that case
- -c,--clean clean the cache
- -R,--release openmandriva2013.0/cooker/rosa2012.1 release for the new container. if the host is OpenMandriva, then it will default to the host's release.
- -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
- -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
- -g,--gw specify the default gw, eg. 192.168.1.1
- -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
- -d,--dns specify the DNS server, eg. 192.168.1.2
- -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
- -A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl]
- ---rootfs rootfs path
- -h,--help print this help
- EOF
- return 0
- }
- options=$(getopt -o hp:n:P:cR:4:6:g:d:A -l help,rootfs:,path:,name:,profile:,clean:,release:,ipv4:,ipv6:,gw:,dns:,arch: -- "$@")
- if [ $? -ne 0 ]; then
- usage $(basename $0)
- exit 1
- fi
- eval set -- "$options"
- release=${release:-"cooker"}
- if [ -f /etc/lsb-release ]; then
- . /etc/lsb-release
- if [ "$DISTRIB_ID" = "OpenMandrivaLinux" ]; then
- release=openmandriva2013.0
- elif [ "$DISTRIB_ID" = "RosaDesktop.Fresh" ]; then
- release=rosa2012.1
- else
- echo "This is not an OpenMandriva or ROSA release"
- exit 1
- fi
- fi
- while true
- do
- case "$1" in
- -h|--help) usage $0 && exit 0;;
- -p|--path) path=$2; shift 2;;
- --rootfs) rootfs_path=$2; shift 2;;
- -n|--name) name=$2; shift 2;;
- -P|--profile) profile=$2; shift 2;;
- -c|--clean) clean=$2; shift 2;;
- -R|--release) release=$2; shift 2;;
- -a|--arch) arch=$2; shift 2;;
- -4|--ipv4) ipv4=$2; shift 2;;
- -6|--ipv6) ipv6=$2; shift 2;;
- -g|--gw) gw=$2; shift 2;;
- -d|--dns) dns=$2; shift 2;;
- --) shift 1; break ;;
- *) break ;;
- esac
- done
- arch=${arch:-$hostarch}
- if [ ! -z "$clean" -a -z "$path" ]; then
- clean || exit 1
- exit 0
- fi
- if [ -z "${utsname}" ]; then
- utsname=${name}
- fi
- type urpmi >/dev/null 2>&1
- if [ $? -ne 0 ]; then
- echo "'urpmi' command is missing"
- exit 1
- fi
- if [ -z "$path" ]; then
- path=$default_path
- fi
- if [ -z "$profile" ]; then
- profile=$default_profile
- fi
- if [ $hostarch = "i586" -a $arch = "x86_64" ]; then
- echo "can't create x86_64 container on i586"
- exit 1
- fi
- if [ -z "$ipv4" -a -z "$ipv6" ]; then
- BOOTPROTO="dhcp"
- else
- BOOTPROTO="static"
- fi
- if [ "$(id -u)" != "0" ]; then
- echo "This script should be run as 'root'"
- exit 1
- fi
- # check for 'lxc.rootfs' passed in through default config by lxc-create
- if [ -z "$rootfs_path" ]; then
- if grep -q '^lxc.rootfs' $path/config 2>/dev/null ; then
- rootfs_path=$(awk -F= '/^lxc.rootfs =/{ print $2 }' $path/config)
- else
- rootfs_path=$path/$name/rootfs
- fi
- fi
- config_path=$default_path/$name
- cache=$cache_base/$release/$arch/$profile
- if [ ! -f $config_path/config ]; then
- echo "A container with that name exists, chose a different name"
- exit 1
- fi
- install_openmandriva
- if [ $? -ne 0 ]; then
- echo "failed to install openmandriva"
- exit 1
- fi
- configure_openmandriva
- if [ $? -ne 0 ]; then
- echo "failed to configure openmandriva for a container"
- exit 1
- fi
- # If the systemd configuration directory exists - set it up for what we need.
- if [ -d ${rootfs_path}/etc/systemd/system ]
- then
- configure_openmandriva_systemd
- fi
- populate_dev
- if [ $? -ne 0 ]; then
- echo "failed to populated /dev/ devices"
- exit 1
- fi
- set_guest_root_password
- if [ $? -ne 0 ]; then
- echo "failed to configure password for chroot"
- exit 1
- fi
- copy_configuration
- if [ $? -ne 0 ]; then
- echo "failed write configuration file"
- exit 1
- fi
- if [ ! -z $clean ]; then
- clean || exit 1
- exit 0
- fi
- echo "container rootfs and config created"