Context Navigation

source: lab.git/lxc/0.7.5-3ubuntu63/templates/lxc-opensuse @ 995c968

vendor

Last change on this file since 995c968 was 995c968, checked in by mitty <mitty@…>, 12 years ago

/usr/lib/lxc/templates of lxc 0.7.5-3ubuntu63 on Ubuntu 12.04.1

git-svn-id: https://lab.mitty.jp/svn/lab/vendor@174 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

Property mode set to 100755

File size: 8.9 KB

Line
1	#!/bin/bash
2
3	#
4	# template script for generating suse container for LXC
5	#
6
7	#
8	# lxc: linux Container library
9
10	# Authors:
11	# Daniel Lezcano <daniel.lezcano@free.fr>
12	# Frederic Crozat <fcrozat@suse.com>
13
14	# This library is free software; you can redistribute it and/or
15	# modify it under the terms of the GNU Lesser General Public
16	# License as published by the Free Software Foundation; either
17	# version 2.1 of the License, or (at your option) any later version.
18
19	# This library is distributed in the hope that it will be useful,
20	# but WITHOUT ANY WARRANTY; without even the implied warranty of
21	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22	# Lesser General Public License for more details.
23
24	# You should have received a copy of the GNU Lesser General Public
25	# License along with this library; if not, write to the Free Software
26	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27
28	DISTRO=11.4
29
30	configure_opensuse()
31	{
32	rootfs=$1
33	hostname=$2
34
35	# set network as static, but everything is done by LXC outside the container
36	cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
37	STARTMODE='auto'
38	BOOTPROTO='static'
39	EOF
40
41	# set default route
42	IP=$(/sbin/ip route \| awk '/default/ { print $3 }')
43	echo "default $IP - -" > $rootfs/etc/sysconfig/network/routes
44
45	# create empty fstab
46	touch $rootfs/etc/fstab
47
48	# create minimal /dev
49	mknod -m 666 $rootfs/dev/random c 1 8
50	mknod -m 666 $rootfs/dev/urandom c 1 9
51	mkdir -m 755 $rootfs/dev/pts
52	mkdir -m 1777 $rootfs/dev/shm
53	mknod -m 666 $rootfs/dev/tty c 5 0
54	mknod -m 600 $rootfs/dev/console c 5 1
55	mknod -m 666 $rootfs/dev/tty0 c 4 0
56	mknod -m 666 $rootfs/dev/tty1 c 4 1
57	mknod -m 666 $rootfs/dev/tty2 c 4 2
58	mknod -m 666 $rootfs/dev/tty3 c 4 3
59	mknod -m 666 $rootfs/dev/tty4 c 4 4
60	ln -s null $rootfs/dev/tty10
61	mknod -m 666 $rootfs/dev/full c 1 7
62	mknod -m 666 $rootfs/dev/ptmx c 5 2
63	ln -s /proc/self/fd $rootfs/dev/fd
64	ln -s /proc/kcore $rootfs/dev/core
65	mkdir -m 755 $rootfs/dev/mapper
66	mknod -m 600 $rootfs/dev/mapper/control c 10 60
67	mkdir -m 755 $rootfs/dev/net
68	mknod -m 666 $rootfs/dev/net/tun c 10 200
69
70	# set the hostname
71	cat <<EOF > $rootfs/etc/HOSTNAME
72	$hostname
73	EOF
74
75	# do not use hostname from HOSTNAME variable
76	cat <<EOF >> $rootfs/etc/sysconfig/cron
77	unset HOSTNAME
78	EOF
79
80	# set minimal hosts
81	cat <<EOF > $rootfs/etc/hosts
82	127.0.0.1 localhost $hostname
83	EOF
84
85	# disable various services
86	# disable yast->bootloader in container
87	cat <<EOF > $rootfs/etc/sysconfig/bootloader
88	LOADER_TYPE=none
89	LOADER_LOCATION=none
90	EOF
91
92	# cut down inittab
93	cat <<EOF > $rootfs/etc/inittab
94	id:3:initdefault:
95	si::bootwait:/etc/init.d/boot
96	l0:0:wait:/etc/init.d/rc 0
97	l1:1:wait:/etc/init.d/rc 1
98	l2:2:wait:/etc/init.d/rc 2
99	l3:3:wait:/etc/init.d/rc 3
100	l6:6:wait:/etc/init.d/rc 6
101	ls:S:wait:/etc/init.d/rc S
102	~~:S:respawn:/sbin/sulogin
103	p6::ctrlaltdel:/sbin/init 6
104	p0::powerfail:/sbin/init 0
105	cons:2345:respawn:/sbin/mingetty --noclear console screen
106	c1:2345:respawn:/sbin/mingetty --noclear tty1 screen
107	EOF
108
109	# patch boot script, no longer needed in openSUSE 12.1 / SLE11-SP2
110	patch --quiet -d $rootfs/etc/init.d/ << EOF
111	--- boot.orig 2011-05-26 16:03:07.000000000 +0200
112	+++ boot 2011-05-26 16:03:19.000000000 +0200
113	@@ -98,12 +98,12 @@
114	echo "***************************************************************"
115	/sbin/halt -f
116	fi
117	- echo -n "Mounting devtmpfs at /dev"
118	- mount -n -t devtmpfs -o mode=0755 devtmpfs /dev
119	- rc_status -v -r
120	+# echo -n "Mounting devtmpfs at /dev"
121	+# mount -n -t devtmpfs -o mode=0755 devtmpfs /dev
122	+# rc_status -v -r
123	fi
124
125	-cp -axT --remove-destination /lib/udev/devices /dev
126	+#cp -axT --remove-destination /lib/udev/devices /dev
127
128	if test -d /sys/kernel/debug -a "$HAVE_DEBUGFS" = "1" ; then
129	mount -n -t debugfs debugfs /sys/kernel/debug > /dev/null 2>&1
130	EOF
131	cat <<EOF >> $rootfs/etc/sysconfig/boot
132	# disable root fsck
133	ROOTFS_FSCK="0"
134	ROOTFS_BLKDEV="/dev/null"
135	EOF
136
137
138	# remove pointless services in a container
139	insserv -r -f -p $rootfs/etc/init.d boot.udev boot.udev_retry boot.md boot.lvm boot.loadmodules boot.device-mapper boot.clock boot.swap boot.klog
140
141	echo "Please change root-password !"
142	echo "root:root" \| chroot $rootfs chpasswd
143
144	return 0
145	}
146
147	download_opensuse()
148	{
149	cache=$1
150	arch=$2
151
152	# check the mini opensuse was not already downloaded
153	mkdir -p "$cache/partial-$arch"
154
155	if [ $? -ne 0 ]; then
156	echo "Failed to create '$cache/partial-$arch' directory"
157	return 1
158	fi
159
160	# download a mini opensuse into a cache
161	echo "Downloading opensuse minimal ..."
162	mkdir -p "$cache/partial-$arch/dev"
163	mknod -m 666 $cache/partial-$arch/dev/null c 1 3
164	mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
165	zypper --quiet --root $cache/partial-$arch --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
166	zypper --quiet --root $cache/partial-$arch --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
167	zypper --quiet --root $cache/partial-$arch --non-interactive --gpg-auto-import-keys in --auto-agree-with-licenses -t pattern base
168	zypper --quiet --root $cache/partial-$arch --non-interactive --gpg-auto-import-keys in +lxc -kbd -patterns-openSUSE-base
169	if [ $? -ne 0 ]; then
170	echo "Failed to download the rootfs, aborting."
171	return 1
172	fi
173
174	mv "$1/partial-$arch" "$1/rootfs-$arch"
175	echo "Download complete."
176
177	return 0
178	}
179
180	copy_opensuse()
181	{
182	cache=$1
183	arch=$2
184	rootfs=$3
185
186	# make a local copy of the mini opensuse
187	echo -n "Copying rootfs to $rootfs ..."
188	mkdir -p $rootfs
189	rsync -a $cache/rootfs-$arch/ $rootfs/ \|\| return 1
190	return 0
191	}
192
193	install_opensuse()
194	{
195	cache="/var/cache/lxc/opensuse"
196	rootfs=$1
197	mkdir -p /var/lock/subsys/
198	(
199	flock -x 200
200	if [ $? -ne 0 ]; then
201	echo "Cache repository is busy."
202	return 1
203	fi
204
205	arch=$(arch)
206
207	echo "Checking cache download in $cache/rootfs-$arch ... "
208	if [ ! -e "$cache/rootfs-$arch" ]; then
209	download_opensuse $cache $arch
210	if [ $? -ne 0 ]; then
211	echo "Failed to download 'opensuse base'"
212	return 1
213	fi
214	fi
215
216	echo "Copy $cache/rootfs-$arch to $rootfs ... "
217	copy_opensuse $cache $arch $rootfs
218	if [ $? -ne 0 ]; then
219	echo "Failed to copy rootfs"
220	return 1
221	fi
222
223	return 0
224
225	) 200>/var/lock/subsys/lxc
226
227	return $?
228	}
229
230	copy_configuration()
231	{
232	path=$1
233	rootfs=$2
234	name=$3
235
236	cat <<EOF >> $path/config
237	lxc.utsname = $name
238
239	lxc.tty = 4
240	lxc.pts = 1024
241	lxc.rootfs = $rootfs
242	lxc.mount = $path/fstab
243	# uncomment the next line to run the container unconfined:
244	#lxc.aa_profile = unconfined
245
246	lxc.cgroup.devices.deny = a
247	# /dev/null and zero
248	lxc.cgroup.devices.allow = c 1:3 rwm
249	lxc.cgroup.devices.allow = c 1:5 rwm
250	# consoles
251	lxc.cgroup.devices.allow = c 5:1 rwm
252	lxc.cgroup.devices.allow = c 5:0 rwm
253	lxc.cgroup.devices.allow = c 4:0 rwm
254	lxc.cgroup.devices.allow = c 4:1 rwm
255	# /dev/{,u}random
256	lxc.cgroup.devices.allow = c 1:9 rwm
257	lxc.cgroup.devices.allow = c 1:8 rwm
258	lxc.cgroup.devices.allow = c 136:* rwm
259	lxc.cgroup.devices.allow = c 5:2 rwm
260	# rtc
261	lxc.cgroup.devices.allow = c 254:0 rwm
262	EOF
263
264	cat <<EOF > $path/fstab
265	proc proc proc nodev,noexec,nosuid 0 0
266	sysfs sys sysfs defaults 0 0
267	EOF
268
269	if [ $? -ne 0 ]; then
270	echo "Failed to add configuration"
271	return 1
272	fi
273
274	return 0
275	}
276
277	clean()
278	{
279	cache="/var/cache/lxc/opensuse"
280
281	if [ ! -e $cache ]; then
282	exit 0
283	fi
284
285	# lock, so we won't purge while someone is creating a repository
286	(
287	flock -x 200
288	if [ $? != 0 ]; then
289	echo "Cache repository is busy."
290	exit 1
291	fi
292
293	echo -n "Purging the download cache..."
294	rm --preserve-root --one-file-system -rf $cache && echo "Done." \|\| exit 1
295	exit 0
296
297	) 200>/var/lock/subsys/lxc
298	}
299
300	usage()
301	{
302	cat <<EOF
303	$1 -h\|--help -p\|--path=<path> --clean
304	EOF
305	return 0
306	}
307
308	options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
309	if [ $? -ne 0 ]; then
310	usage $(basename $0)
311	exit 1
312	fi
313	eval set -- "$options"
314
315	while true
316	do
317	case "$1" in
318	-h\|--help) usage $0 && exit 0;;
319	-p\|--path) path=$2; shift 2;;
320	-n\|--name) name=$2; shift 2;;
321	-c\|--clean) clean=$2; shift 2;;
322	--) shift 1; break ;;
323	*) break ;;
324	esac
325	done
326
327	if [ ! -z "$clean" -a -z "$path" ]; then
328	clean \|\| exit 1
329	exit 0
330	fi
331
332	type zypper > /dev/null
333	if [ $? -ne 0 ]; then
334	echo "'zypper' command is missing"
335	exit 1
336	fi
337
338	if [ -z "$path" ]; then
339	echo "'path' parameter is required"
340	exit 1
341	fi
342
343	if [ "$(id -u)" != "0" ]; then
344	echo "This script should be run as 'root'"
345	exit 1
346	fi
347
348	rootfs=$path/rootfs
349
350	install_opensuse $rootfs
351	if [ $? -ne 0 ]; then
352	echo "failed to install opensuse"
353	exit 1
354	fi
355
356	configure_opensuse $rootfs $name
357	if [ $? -ne 0 ]; then
358	echo "failed to configure opensuse for a container"
359	exit 1
360	fi
361
362	copy_configuration $path $rootfs $name
363	if [ $? -ne 0 ]; then
364	echo "failed write configuration file"
365	exit 1
366	fi
367
368	if [ ! -z $clean ]; then
369	clean \|\| exit 1
370	exit 0
371	fi

Note: See TracBrowser for help on using the repository browser.

Download in other formats: