diff options
Diffstat (limited to 'app-emulation/lxc/files')
| -rw-r--r-- | app-emulation/lxc/files/lxc-1.0.6-bash-completion.patch | 39 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc-1.1.0-fix-gentoo-template.patch | 35 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc-1.1.1-shm-tmpfs.patch | 31 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch | 33 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc.initd.3 | 139 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc_at.service | 12 | ||||
| -rw-r--r-- | app-emulation/lxc/files/lxc_at.service.2 | 14 |
7 files changed, 303 insertions, 0 deletions
diff --git a/app-emulation/lxc/files/lxc-1.0.6-bash-completion.patch b/app-emulation/lxc/files/lxc-1.0.6-bash-completion.patch new file mode 100644 index 000000000000..942c12f05198 --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.0.6-bash-completion.patch @@ -0,0 +1,39 @@ + config/bash/Makefile.am | 8 ++++---- + config/bash/lxc.in | 2 -- + 2 files changed, 4 insertions(+), 6 deletions(-) + +diff --git a/config/bash/Makefile.am b/config/bash/Makefile.am +index b1768c9..3fbbe8e 100644 +--- a/config/bash/Makefile.am ++++ b/config/bash/Makefile.am +@@ -2,12 +2,12 @@ EXTRA_DIST = lxc + + if ENABLE_BASH + install-bash: +- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ +- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ ++ $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/ ++ $(INSTALL_DATA) lxc $(DESTDIR)$(datarootdir)/bash-completion/completions/ + + uninstall-bash: +- rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc +- rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || : ++ rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc ++ rmdir $(DESTDIR)$(datarootdir)/bash-completion/ || : + + install-data-local: install-bash + uninstall-local: uninstall-bash +diff --git a/config/bash/lxc.in b/config/bash/lxc.in +index 18fd48f..8fff725 100644 +--- a/config/bash/lxc.in ++++ b/config/bash/lxc.in +@@ -1,4 +1,3 @@ +-have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -100,4 +99,3 @@ have lxc-start && { + + complete -o default -F _lxc-generic-o lxc-clone + complete -o default -F _lxc-generic-o lxc-start-ephemeral +-} diff --git a/app-emulation/lxc/files/lxc-1.1.0-fix-gentoo-template.patch b/app-emulation/lxc/files/lxc-1.1.0-fix-gentoo-template.patch new file mode 100644 index 000000000000..35141863c0d7 --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.1.0-fix-gentoo-template.patch @@ -0,0 +1,35 @@ +From 425aa66d33e1833cfa47b988785def8b42b72f1a Mon Sep 17 00:00:00 2001 +From: Markos Chandras <hwoarang@gentoo.org> +Date: Sun, 22 Feb 2015 01:25:36 +0200 +Subject: [PATCH] templates/lxc-gentoo.in: Fix stage3 autodetection code + +The latest-stage3-$variant.txt files list both the tarball name +and the released date but we only need to pass the stage3 tarball +name to the subsequent wget command otherwise we end up with 404 +errors. + +Signed-off-by: Markos Chandras <hwoarang@gentoo.org> +--- +Different patches have been posted to the mailing lists or github so this is +likely to be fixed upstream really soon +--- + templates/lxc-gentoo.in | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/templates/lxc-gentoo.in b/templates/lxc-gentoo.in +index 5a87866..464c948 100644 +--- a/templates/lxc-gentoo.in ++++ b/templates/lxc-gentoo.in +@@ -160,7 +160,8 @@ cache_stage3() + printf "Determining path to latest Gentoo %s (%s) stage3 archive...\n" "${arch}" "${variant}" + printf " => downloading and processing %s\n" "${stage3_pointer}" + +- local stage3_latest_tarball=$(wget -q -O - "${stage3_pointer}" | tail -n1 ) \ ++ local stage3_latest_tarball=$(wget -q -O - "${stage3_pointer}" | \ ++ tail -n1 | cut -d " " -f 1) \ + || die 6 "Error: unable to fetch\n" + + printf " => Got: %s\n" "${stage3_latest_tarball}" +-- +2.3.0 + diff --git a/app-emulation/lxc/files/lxc-1.1.1-shm-tmpfs.patch b/app-emulation/lxc/files/lxc-1.1.1-shm-tmpfs.patch new file mode 100644 index 000000000000..7c8f595e0fb6 --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.1.1-shm-tmpfs.patch @@ -0,0 +1,31 @@ +From 7ed54c6155982bd8376fdb88bed79c664d5e111f Mon Sep 17 00:00:00 2001 +From: Markos Chandras <hwoarang@gentoo.org> +Date: Thu, 12 Mar 2015 20:52:11 +0000 +Subject: [PATCH] templates: gentoo.common: Add /dev/shm tmpfs mount entry + +/dev/shm needs to be mounted as tmpfs. It's needed by python +and possibly other packages. + +Signed-off-by: Markos Chandras <hwoarang@gentoo.org> +--- +Applied in master but not in 1.1.1. It will probably make it +to 1.1.2 +--- + config/templates/gentoo.common.conf.in | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/config/templates/gentoo.common.conf.in b/config/templates/gentoo.common.conf.in +index ca3ffc1..49cd411 100644 +--- a/config/templates/gentoo.common.conf.in ++++ b/config/templates/gentoo.common.conf.in +@@ -21,3 +21,7 @@ lxc.cgroup.devices.allow = c 10:232 rwm + ## To use loop devices, copy the following line to the container's + ## configuration file (uncommented). + #lxc.cgroup.devices.allow = b 7:* rwm ++ ++# /dev/shm needs to be mounted as tmpfs. It's needed by python (bug #496328) ++# and possibly other packages. ++lxc.mount.entry = none dev/shm tmpfs rw,nosuid,nodev,create=dir +-- +2.3.2 + diff --git a/app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch b/app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch new file mode 100644 index 000000000000..86a41445574a --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch @@ -0,0 +1,33 @@ +Patch from https://github.com/lxc/lxc/pull/563 didn't make it to stable-1.1 +yes so lets just include it here in case it doesn't end up in 1.1.X in the +future. + +Signed-off-by: Markos Chandras <hwoarang@gentoo.org> + +From bc19636d587fbabfbc2252f1bf4887fee87bb247 Mon Sep 17 00:00:00 2001 +From: Dennis Schridde <devurandom@gmx.net> +Date: Thu, 11 Jun 2015 15:21:19 +0200 +Subject: [PATCH] Fix creation of dev/mqueue and dev/shm on Gentoo + +The dev/mqueue and dev/shm directories do not exist when using lxc.autodev, thus they have to be created upon mount. + +Signed-off-by: Dennis Schridde <devurandom@gmx.net> +--- + config/templates/gentoo.moresecure.conf.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/config/templates/gentoo.moresecure.conf.in b/config/templates/gentoo.moresecure.conf.in +index 270e9df..f827ad2 100644 +--- a/config/templates/gentoo.moresecure.conf.in ++++ b/config/templates/gentoo.moresecure.conf.in +@@ -8,8 +8,8 @@ lxc.include = @LXCTEMPLATECONFIG@/common.conf + # Container user ? see gentoo.common.conf + + # do not mount sysfs, see http://blog.bofh.it/debian/id_413 +-lxc.mount.entry=mqueue dev/mqueue mqueue rw,nodev,noexec,nosuid 0 0 +-lxc.mount.entry=shm dev/shm tmpfs rw,nosuid,nodev,noexec,relatime 0 0 ++lxc.mount.entry=mqueue dev/mqueue mqueue rw,nodev,noexec,nosuid,create=dir 0 0 ++lxc.mount.entry=shm dev/shm tmpfs rw,nosuid,nodev,noexec,relatime,create=dir 0 0 + lxc.mount.entry=run run tmpfs rw,nosuid,nodev,relatime,mode=755 0 0 + + # this part is based on 'linux capabilities', see: man 7 capabilities diff --git a/app-emulation/lxc/files/lxc.initd.3 b/app-emulation/lxc/files/lxc.initd.3 new file mode 100644 index 000000000000..c9ef99919922 --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.3 @@ -0,0 +1,139 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +CONTAINER=${SVCNAME#*.} + +LXC_PATH=`lxc-config lxc.lxcpath` + +lxc_get_configfile() { + if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then + echo "${LXC_PATH}/${CONTAINER}.conf" + elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then + echo "${LXC_PATH}/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +lxc_get_net_link_type() { + awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } + $1 == "lxc.network.type" {_type=$2;} + $1 == "lxc.network.link" {_link=$2;} + {if(_link != "" && _type != ""){ + printf("%s:%s\n", _link, _type ); + _link=""; _type=""; + }; }' <${CONFIGFILE} +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.utsname) + if [ ${CONTAINER} != ${utsname} ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + + local _x _if + for _x in $(lxc_get_net_link_type); do + _if=${_x%:*} + case "${_x##*:}" in + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + phys) use net.${_if} ;; + *) need net.${_if} ;; + esac + done +} + +start() { + checkconfig || return 1 + rm /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting ${CONTAINER}" + env -i ${setarch} $(type -p lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 0.5 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] + eend $? +} + +stop() { + checkconfig || return 1 + + + if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + init_pid=$(lxc-info -n ${CONTAINER} --pid | awk '{ print $2 }') + + if [ -z "${init_pid}" ]; then + ewarn "${CONTAINER} doesn't seem to be running." + return 0 + fi + + ebegin "Shutting down system in ${CONTAINER}" + kill -PWR ${init_pid} + eend $? + + TIMEOUT=${TIMEOUT:-30} + i=0 + while [ -n "$(pgrep -P ${init_pid})" -a $i -lt ${TIMEOUT} ]; do + sleep 1 + i=$(expr $i + 1) + done + + if [ -n "${missingprocs}" ]; then + ewarn "Something failed to properly shut down in ${CONTAINER}" + fi + + ebegin "Stopping ${CONTAINER}" + lxc-stop -n ${CONTAINER} + eend $? +} diff --git a/app-emulation/lxc/files/lxc_at.service b/app-emulation/lxc/files/lxc_at.service new file mode 100644 index 000000000000..1ef449775306 --- /dev/null +++ b/app-emulation/lxc/files/lxc_at.service @@ -0,0 +1,12 @@ +[Unit] +Description=Linux Container %I +After=network.target + +[Service] +Restart=always +ExecStart=/usr/sbin/lxc-start -n %i +ExecReload=/usr/sbin/lxc-restart -n %i +ExecStop=/usr/sbin/lxc-stop -n %i + +[Install] +WantedBy=multi-user.target diff --git a/app-emulation/lxc/files/lxc_at.service.2 b/app-emulation/lxc/files/lxc_at.service.2 new file mode 100644 index 000000000000..82306a09ab83 --- /dev/null +++ b/app-emulation/lxc/files/lxc_at.service.2 @@ -0,0 +1,14 @@ +[Unit] +Description=Linux Container %I +After=network.target + +[Service] +Restart=always +ExecStartPre=/usr/libexec/lxc/lxc-devsetup +ExecStart=/usr/bin/lxc-start -n %i -F +ExecReload=/usr/bin/lxc-restart -n %i +ExecStop=/usr/bin/lxc-stop -n %i +Delegate=yes + +[Install] +WantedBy=multi-user.target |