Context Navigation

source: lab.git/lxc/0.8.0~rc1-4ubuntu37/templates/lxc-opensuse @ 88df158

vendor

Last change on this file since 88df158 was 88df158, checked in by mitty <mitty@…>, 13 years ago

/usr/lib/lxc/templates of lxc 0.8.0~rc1-4ubuntu37 on Ubuntu 12.10 (beta)

git-svn-id: https://lab.mitty.jp/svn/lab/vendor@175 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

Property mode set to 100755

File size: 10.2 KB

Line
1	#!/bin/bash
2
3	#
4	# template script for generating suse container for LXC
5	#
6
7	#
8	# lxc: linux Container library
9
10	# Authors:
11	# Daniel Lezcano <daniel.lezcano@free.fr>
12	# Frederic Crozat <fcrozat@suse.com>
13
14	# This library is free software; you can redistribute it and/or
15	# modify it under the terms of the GNU Lesser General Public
16	# License as published by the Free Software Foundation; either
17	# version 2.1 of the License, or (at your option) any later version.
18
19	# This library is distributed in the hope that it will be useful,
20	# but WITHOUT ANY WARRANTY; without even the implied warranty of
21	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22	# Lesser General Public License for more details.
23
24	# You should have received a copy of the GNU Lesser General Public
25	# License along with this library; if not, write to the Free Software
26	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27
28	DISTRO=12.1
29
30	configure_opensuse()
31	{
32	rootfs=$1
33	hostname=$2
34
35	# set network as static, but everything is done by LXC outside the container
36	cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
37	STARTMODE='auto'
38	BOOTPROTO='static'
39	EOF
40
41	# set default route
42	IP=$(/sbin/ip route \| awk '/default/ { print $3 }')
43	echo "default $IP - -" > $rootfs/etc/sysconfig/network/routes
44
45	# create empty fstab
46	touch $rootfs/etc/fstab
47
48	# create minimal /dev
49	mknod -m 666 $rootfs/dev/random c 1 8
50	mknod -m 666 $rootfs/dev/urandom c 1 9
51	mkdir -m 755 $rootfs/dev/pts
52	mkdir -m 1777 $rootfs/dev/shm
53	mknod -m 666 $rootfs/dev/tty c 5 0
54	mknod -m 600 $rootfs/dev/console c 5 1
55	mknod -m 666 $rootfs/dev/tty0 c 4 0
56	mknod -m 666 $rootfs/dev/tty1 c 4 1
57	mknod -m 666 $rootfs/dev/tty2 c 4 2
58	mknod -m 666 $rootfs/dev/tty3 c 4 3
59	mknod -m 666 $rootfs/dev/tty4 c 4 4
60	ln -s null $rootfs/dev/tty10
61	mknod -m 666 $rootfs/dev/full c 1 7
62	mknod -m 666 $rootfs/dev/ptmx c 5 2
63	ln -s /proc/self/fd $rootfs/dev/fd
64	ln -s /proc/kcore $rootfs/dev/core
65	mkdir -m 755 $rootfs/dev/mapper
66	mknod -m 600 $rootfs/dev/mapper/control c 10 60
67	mkdir -m 755 $rootfs/dev/net
68	mknod -m 666 $rootfs/dev/net/tun c 10 200
69
70	# set the hostname
71	cat <<EOF > $rootfs/etc/HOSTNAME
72	$hostname
73	EOF
74
75	# do not use hostname from HOSTNAME variable
76	cat <<EOF >> $rootfs/etc/sysconfig/cron
77	unset HOSTNAME
78	EOF
79
80	# set minimal hosts
81	cat <<EOF > $rootfs/etc/hosts
82	127.0.0.1 localhost $hostname
83	EOF
84
85	# disable various services
86	# disable yast->bootloader in container
87	cat <<EOF > $rootfs/etc/sysconfig/bootloader
88	LOADER_TYPE=none
89	LOADER_LOCATION=none
90	EOF
91
92	# cut down inittab
93	cat <<EOF > $rootfs/etc/inittab
94	id:3:initdefault:
95	si::bootwait:/etc/init.d/boot
96	l0:0:wait:/etc/init.d/rc 0
97	l1:1:wait:/etc/init.d/rc 1
98	l2:2:wait:/etc/init.d/rc 2
99	l3:3:wait:/etc/init.d/rc 3
100	l6:6:wait:/etc/init.d/rc 6
101	ls:S:wait:/etc/init.d/rc S
102	~~:S:respawn:/sbin/sulogin
103	p6::ctrlaltdel:/sbin/init 6
104	p0::powerfail:/sbin/init 0
105	cons:2345:respawn:/sbin/mingetty --noclear console screen
106	c1:2345:respawn:/sbin/mingetty --noclear tty1 screen
107	EOF
108
109	# set /dev/console as securetty
110	cat << EOF >> $rootfs/etc/securetty
111	console
112	EOF
113
114	cat <<EOF >> $rootfs/etc/sysconfig/boot
115	# disable root fsck
116	ROOTFS_FSCK="0"
117	ROOTFS_BLKDEV="/dev/null"
118	EOF
119
120
121	# remove pointless services in a container
122	chroot $rootfs /sbin/insserv -r -f boot.udev boot.loadmodules boot.device-mapper boot.clock boot.swap boot.klog kbd
123
124	echo "Please change root-password !"
125	echo "root:root" \| chroot $rootfs chpasswd
126
127	return 0
128	}
129
130	download_opensuse()
131	{
132	cache=$1
133	arch=$2
134
135	if [ ! -x /usr/bin/build ]; then
136	echo "Could not create openSUSE template :"
137	echo "you need to install \"build\" package"
138	return 1
139	fi
140
141	# check the mini opensuse was not already downloaded
142	mkdir -p "$cache/partial-$arch"
143
144	if [ $? -ne 0 ]; then
145	echo "Failed to create '$cache/partial-$arch' directory"
146	return 1
147	fi
148
149	# download a mini opensuse into a cache
150	echo "Downloading opensuse minimal ..."
151	mkdir -p "$cache/partial-$arch-packages"
152	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
153	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
154	zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update
155	zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base sysvinit-init
156	cat > $cache/partial-$arch-packages/opensuse.conf << EOF
157	Preinstall: aaa_base bash coreutils diffutils
158	Preinstall: filesystem fillup glibc grep insserv libacl1 libattr1
159	Preinstall: libbz2-1 libgcc46 libxcrypt libncurses5 pam
160	Preinstall: permissions libreadline6 rpm sed tar zlib libselinux1
161	Preinstall: liblzma5 libcap2 libpcre0
162	Preinstall: libpopt0 libelf1 liblua5_1
163
164	RunScripts: aaa_base
165
166	Support: zypper
167	Support: patterns-openSUSE-base
168	Support: lxc
169	Prefer: sysvinit-init
170
171	Ignore: patterns-openSUSE-base:patterns-openSUSE-yast2_install_wf
172	EOF
173
174	CLEAN_BUILD=1 BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" /usr/lib/build/init_buildsystem --clean --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch
175	chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
176	chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
177	chroot $cache/partial-$arch rpm -e patterns-openSUSE-base
178	umount $cache/partial-$arch/proc
179	# really clean the image
180	rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
181	rm -fr $cache/partial-$arch/dev
182	# make sure we have a minimal /dev
183	mkdir -p "$cache/partial-$arch/dev"
184	mknod -m 666 $cache/partial-$arch/dev/null c 1 3
185	mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
186	# create mtab symlink
187	rm -f $cache/partial-$arch/etc/mtab
188	ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab
189	if [ $? -ne 0 ]; then
190	echo "Failed to download the rootfs, aborting."
191	return 1
192	fi
193
194	rm -fr "$cache/partial-$arch-packages"
195	mv "$1/partial-$arch" "$1/rootfs-$arch"
196	echo "Download complete."
197
198	return 0
199	}
200
201	copy_opensuse()
202	{
203	cache=$1
204	arch=$2
205	rootfs=$3
206
207	# make a local copy of the mini opensuse
208	echo -n "Copying rootfs to $rootfs ..."
209	mkdir -p $rootfs
210	rsync -a $cache/rootfs-$arch/ $rootfs/ \|\| return 1
211	return 0
212	}
213
214	install_opensuse()
215	{
216	cache="/var/cache/lxc/opensuse"
217	rootfs=$1
218	mkdir -p /var/lock/subsys/
219	(
220	flock -x 200
221	if [ $? -ne 0 ]; then
222	echo "Cache repository is busy."
223	return 1
224	fi
225
226	arch=$(arch)
227
228	echo "Checking cache download in $cache/rootfs-$arch ... "
229	if [ ! -e "$cache/rootfs-$arch" ]; then
230	download_opensuse $cache $arch
231	if [ $? -ne 0 ]; then
232	echo "Failed to download 'opensuse base'"
233	return 1
234	fi
235	fi
236
237	echo "Copy $cache/rootfs-$arch to $rootfs ... "
238	copy_opensuse $cache $arch $rootfs
239	if [ $? -ne 0 ]; then
240	echo "Failed to copy rootfs"
241	return 1
242	fi
243
244	return 0
245
246	) 200>/var/lock/subsys/lxc
247
248	return $?
249	}
250
251	copy_configuration()
252	{
253	path=$1
254	rootfs=$2
255	name=$3
256
257	grep -q "^lxc.rootfs" $path/config 2>/dev/null \|\| echo "lxc.rootfs = $rootfs" >> $path/config
258	cat <<EOF >> $path/config
259	lxc.utsname = $name
260
261	lxc.tty = 4
262	lxc.pts = 1024
263	lxc.mount = $path/fstab
264	# uncomment the next line to run the container unconfined:
265	#lxc.aa_profile = unconfined
266
267	lxc.cgroup.devices.deny = a
268	# /dev/null and zero
269	lxc.cgroup.devices.allow = c 1:3 rwm
270	lxc.cgroup.devices.allow = c 1:5 rwm
271	# consoles
272	lxc.cgroup.devices.allow = c 5:1 rwm
273	lxc.cgroup.devices.allow = c 5:0 rwm
274	lxc.cgroup.devices.allow = c 4:0 rwm
275	lxc.cgroup.devices.allow = c 4:1 rwm
276	# /dev/{,u}random
277	lxc.cgroup.devices.allow = c 1:9 rwm
278	lxc.cgroup.devices.allow = c 1:8 rwm
279	lxc.cgroup.devices.allow = c 136:* rwm
280	lxc.cgroup.devices.allow = c 5:2 rwm
281	# rtc
282	lxc.cgroup.devices.allow = c 254:0 rwm
283	EOF
284
285	cat <<EOF > $path/fstab
286	proc proc proc nodev,noexec,nosuid 0 0
287	sysfs sys sysfs defaults 0 0
288	EOF
289
290	if [ $? -ne 0 ]; then
291	echo "Failed to add configuration"
292	return 1
293	fi
294
295	return 0
296	}
297
298	clean()
299	{
300	cache="/var/cache/lxc/opensuse"
301
302	if [ ! -e $cache ]; then
303	exit 0
304	fi
305
306	# lock, so we won't purge while someone is creating a repository
307	(
308	flock -x 200
309	if [ $? != 0 ]; then
310	echo "Cache repository is busy."
311	exit 1
312	fi
313
314	echo -n "Purging the download cache..."
315	rm --preserve-root --one-file-system -rf $cache && echo "Done." \|\| exit 1
316	exit 0
317
318	) 200>/var/lock/subsys/lxc
319	}
320
321	usage()
322	{
323	cat <<EOF
324	$1 -h\|--help -p\|--path=<path> --clean
325	EOF
326	return 0
327	}
328
329	options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
330	if [ $? -ne 0 ]; then
331	usage $(basename $0)
332	exit 1
333	fi
334	eval set -- "$options"
335
336	while true
337	do
338	case "$1" in
339	-h\|--help) usage $0 && exit 0;;
340	-p\|--path) path=$2; shift 2;;
341	-n\|--name) name=$2; shift 2;;
342	-c\|--clean) clean=$2; shift 2;;
343	--) shift 1; break ;;
344	*) break ;;
345	esac
346	done
347
348	if [ ! -z "$clean" -a -z "$path" ]; then
349	clean \|\| exit 1
350	exit 0
351	fi
352
353	type zypper > /dev/null
354	if [ $? -ne 0 ]; then
355	echo "'zypper' command is missing"
356	exit 1
357	fi
358
359	if [ -z "$path" ]; then
360	echo "'path' parameter is required"
361	exit 1
362	fi
363
364	if [ "$(id -u)" != "0" ]; then
365	echo "This script should be run as 'root'"
366	exit 1
367	fi
368
369	# detect rootfs
370	config="$path/config"
371	if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
372	rootfs=`grep 'lxc.rootfs =' $config \| awk -F= '{ print $2 }'`
373	else
374	rootfs=$path/rootfs
375	fi
376
377	install_opensuse $rootfs
378	if [ $? -ne 0 ]; then
379	echo "failed to install opensuse"
380	exit 1
381	fi
382
383	configure_opensuse $rootfs $name
384	if [ $? -ne 0 ]; then
385	echo "failed to configure opensuse for a container"
386	exit 1
387	fi
388
389	copy_configuration $path $rootfs $name
390	if [ $? -ne 0 ]; then
391	echo "failed write configuration file"
392	exit 1
393	fi
394
395	if [ ! -z $clean ]; then
396	clean \|\| exit 1
397	exit 0
398	fi

Note: See TracBrowser for help on using the repository browser.

Download in other formats: