Ubuntu
lxc package

Merge lp:~ubuntu-branches/ubuntu/precise/lxc/precise-201204100226 into lp:ubuntu/precise/lxc

  1. Precise (12.04)
  2. precise-201204100226
  3. Merge into precise
Proposed by Ubuntu Package Importer
Status: Rejected
Rejected by: James Westby
Proposed branch: lp:~ubuntu-branches/ubuntu/precise/lxc/precise-201204100226
Merge into: lp:ubuntu/precise/lxc
Diff against target: 1163 lines (+1086/-1) (has conflicts)
9 files modified
.pc/.quilt_patches (+1/-0)
.pc/.quilt_series (+1/-0)
.pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu-cloud.in (+361/-0)
.pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu.in (+679/-0)
.pc/applied-patches (+4/-0)
debian/changelog (+9/-0)
debian/local/lxc-start-ephemeral (+1/-1)
debian/patches/0068-fix-lxc-config-layout (+26/-0)
debian/patches/series (+4/-0)
Conflict adding file .pc/0068-fix-lxc-config-layout.  Moved existing file to .pc/0068-fix-lxc-config-layout.moved.
Text conflict in .pc/applied-patches
Text conflict in debian/changelog
Conflict adding file debian/patches/0068-fix-lxc-config-layout.  Moved existing file to debian/patches/0068-fix-lxc-config-layout.moved.
Text conflict in debian/patches/series
To merge this branch: bzr merge lp:~ubuntu-branches/ubuntu/precise/lxc/precise-201204100226
Reviewer Review Type Date Requested Status
Ubuntu branches Pending
Review via email: mp+101320@code.launchpad.net

Description of the change

The package importer has detected a possible inconsistency between the package history in the archive and the history in bzr. As the archive is authoritative the importer has made lp:ubuntu/precise/lxc reflect what is in the archive and the old bzr branch has been pushed to lp:~ubuntu-branches/ubuntu/precise/lxc/precise-201204100226. This merge proposal was created so that an Ubuntu developer can review the situations and perform a merge/upload if necessary. There are three typical cases where this can happen.
  1. Where someone pushes a change to bzr and someone else uploads the package without that change. This is the reason that this check is done by the importer. If this appears to be the case then a merge/upload should be done if the changes that were in bzr are still desirable.
  2. The importer incorrectly detected the above situation when someone made a change in bzr and then uploaded it.
  3. The importer incorrectly detected the above situation when someone just uploaded a package and didn't touch bzr.

If this case doesn't appear to be the first situation then set the status of the merge proposal to "Rejected" and help avoid the problem in future by filing a bug at https://bugs.launchpad.net/udd linking to this merge proposal.

(this is an automatically generated message)

To post a comment you must log in.

Unmerged revisions

91. By Stéphane Graber

Add missing space after lxc.network.hwaddr

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file '.pc/.quilt_patches'
2--- .pc/.quilt_patches 1970-01-01 00:00:00 +0000
3+++ .pc/.quilt_patches 2012-04-10 02:30:27 +0000
4@@ -0,0 +1,1 @@
5+debian/patches
6
7=== added file '.pc/.quilt_series'
8--- .pc/.quilt_series 1970-01-01 00:00:00 +0000
9+++ .pc/.quilt_series 2012-04-10 02:30:27 +0000
10@@ -0,0 +1,1 @@
11+series
12
13=== added directory '.pc/0068-fix-lxc-config-layout'
14=== renamed directory '.pc/0068-fix-lxc-config-layout' => '.pc/0068-fix-lxc-config-layout.moved'
15=== added directory '.pc/0068-fix-lxc-config-layout/templates'
16=== added file '.pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu-cloud.in'
17--- .pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu-cloud.in 1970-01-01 00:00:00 +0000
18+++ .pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu-cloud.in 2012-04-10 02:30:27 +0000
19@@ -0,0 +1,361 @@
20+#!/bin/bash
21+
22+# template script for generating ubuntu container for LXC based on released cloud
23+# images
24+#
25+# Copyright © 2012 Serge Hallyn <serge.hallyn@canonical.com>
26+#
27+# This program is free software; you can redistribute it and/or modify
28+# it under the terms of the GNU General Public License version 2, as
29+# published by the Free Software Foundation.
30+
31+# This program is distributed in the hope that it will be useful,
32+# but WITHOUT ANY WARRANTY; without even the implied warranty of
33+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
34+# GNU General Public License for more details.
35+
36+# You should have received a copy of the GNU General Public License along
37+# with this program; if not, write to the Free Software Foundation, Inc.,
38+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
39+#
40+
41+set -e
42+
43+if [ -r /etc/default/lxc ]; then
44+ . /etc/default/lxc
45+fi
46+
47+copy_configuration()
48+{
49+ path=$1
50+ rootfs=$2
51+ name=$3
52+ arch=$4
53+
54+ if [ $arch = "i386" ]; then
55+ arch="i686"
56+ fi
57+
58+ # if there is exactly one veth network entry, make sure it has an
59+ # associated hwaddr.
60+ nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
61+ if [ $nics -eq 1 ]; then
62+ grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
63+lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
64+EOF
65+ fi
66+
67+ cat <<EOF >> $path/config
68+lxc.utsname = $name
69+
70+lxc.tty = 4
71+lxc.pts = 1024
72+lxc.rootfs = $rootfs
73+lxc.mount = $path/fstab
74+lxc.arch = $arch
75+lxc.cap.drop = sys_module mac_admin
76+# uncomment the next line to run the container unconfined:
77+#lxc.aa_profile = unconfined
78+
79+lxc.cgroup.devices.deny = a
80+# Allow any mknod (but not using the node)
81+lxc.cgroup.devices.allow = c *:* m
82+lxc.cgroup.devices.allow = b *:* m
83+# /dev/null and zero
84+lxc.cgroup.devices.allow = c 1:3 rwm
85+lxc.cgroup.devices.allow = c 1:5 rwm
86+# consoles
87+lxc.cgroup.devices.allow = c 5:1 rwm
88+lxc.cgroup.devices.allow = c 5:0 rwm
89+#lxc.cgroup.devices.allow = c 4:0 rwm
90+#lxc.cgroup.devices.allow = c 4:1 rwm
91+# /dev/{,u}random
92+lxc.cgroup.devices.allow = c 1:9 rwm
93+lxc.cgroup.devices.allow = c 1:8 rwm
94+lxc.cgroup.devices.allow = c 136:* rwm
95+lxc.cgroup.devices.allow = c 5:2 rwm
96+# rtc
97+lxc.cgroup.devices.allow = c 254:0 rwm
98+#fuse
99+lxc.cgroup.devices.allow = c 10:229 rwm
100+#tun
101+lxc.cgroup.devices.allow = c 10:200 rwm
102+#full
103+lxc.cgroup.devices.allow = c 1:7 rwm
104+#hpet
105+lxc.cgroup.devices.allow = c 10:228 rwm
106+#kvm
107+lxc.cgroup.devices.allow = c 10:232 rwm
108+EOF
109+
110+ cat <<EOF > $path/fstab
111+proc proc proc nodev,noexec,nosuid 0 0
112+sysfs sys sysfs defaults 0 0
113+EOF
114+
115+ return 0
116+}
117+
118+usage()
119+{
120+ cat <<EOF
121+LXC Container configuration for Ubuntu Cloud images.
122+
123+Generic Options
124+[ -r | --release <release> ]: Release name of container, defaults to host
125+[ -a | --arch ]: Arhcitecture of container, defaults to host arcitecture
126+[ -C | --cloud ]: Configure container for use with meta-data service, defaults to no
127+[ -T | --tarball ]: Location of tarball
128+[ -d | --debug ]: Run with 'set -x' to debug errors
129+[ -s | --stream]: Use specified stream rather than 'released'
130+
131+Options, mutually exclusive of "-C" and "--cloud":
132+ [ -i | --hostid ]: HostID for cloud-init, defaults to random string
133+ [ -u | --userdata ]: Cloud-init user-data file to configure container on start
134+ [ -S | --auth-key ]: SSH Public key file to inject into container
135+ [ -L | --nolocales ]: Do not copy host's locales into container
136+
137+EOF
138+ return 0
139+}
140+
141+options=$(getopt -o a:hp:r:n:Fi:CLS:T:ds: -l arch:,help,path:,release:,name:,flush-cache,hostid:,auth-key:,cloud,no_locales,tarball:,debug,stream: -- "$@")
142+if [ $? -ne 0 ]; then
143+ usage $(basename $0)
144+ exit 1
145+fi
146+eval set -- "$options"
147+
148+release=lucid
149+if [ -f /etc/lsb-release ]; then
150+ . /etc/lsb-release
151+ case "$DISTRIB_CODENAME" in
152+ lucid|maverick|natty|oneiric|precise)
153+ release=$DISTRIB_CODENAME
154+ ;;
155+ esac
156+fi
157+
158+arch=$(arch)
159+
160+# Code taken from debootstrap
161+if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
162+ arch=`/usr/bin/dpkg --print-architecture`
163+elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
164+ arch=`/usr/bin/udpkg --print-architecture`
165+else
166+ arch=$(arch)
167+ if [ "$arch" = "i686" ]; then
168+ arch="i386"
169+ elif [ "$arch" = "x86_64" ]; then
170+ arch="amd64"
171+ elif [ "$arch" = "armv7l" ]; then
172+ # note: arm images don't exist before oneiric; are called armhf in
173+ # precise; and are not supported by the query, so we don't actually
174+ # support them yet (see check later on). When Query2 is available,
175+ # we'll use that to enable arm images.
176+ arch="armel"
177+ fi
178+fi
179+
180+debug=0
181+hostarch=$arch
182+cloud=0
183+locales=1
184+flushcache=0
185+stream="released"
186+while true
187+do
188+ case "$1" in
189+ -h|--help) usage $0 && exit 0;;
190+ -p|--path) path=$2; shift 2;;
191+ -n|--name) name=$2; shift 2;;
192+ -F|--flush-cache) flushcache=1; shift 1;;
193+ -r|--release) release=$2; shift 2;;
194+ -a|--arch) arch=$2; shift 2;;
195+ -i|--hostid) host_id=$2; shift 2;;
196+ -u|--userdata) userdata=$2; shift 2;;
197+ -C|--cloud) cloud=1; shift 1;;
198+ -S|--auth-key) auth_key=$2; shift 2;;
199+ -L|--no_locales) locales=0; shift 2;;
200+ -T|--tarball) tarball=$2; shift 2;;
201+ -d|--debug) debug=1; shift 1;;
202+ -s|--stream) stream=$2; shift 2;;
203+ --) shift 1; break ;;
204+ *) break ;;
205+ esac
206+done
207+
208+if [ $debug -eq 1 ]; then
209+ set -x
210+fi
211+
212+if [ "$arch" == "i686" ]; then
213+ arch=i386
214+fi
215+
216+if [ $hostarch = "i386" -a $arch = "amd64" ]; then
217+ echo "can't create amd64 container on i386"
218+ exit 1
219+fi
220+
221+if [ $arch != "i386" -a $arch != "amd64" ]; then
222+ echo "Only i386 and amd64 are supported by the ubuntu cloud template."
223+ exit 1
224+fi
225+
226+if [ "$stream" != "daily" -a "$stream" != "released" ]; then
227+ echo "Only 'daily' and 'released' streams are supported"
228+ exit 1
229+fi
230+
231+if [ -z "$path" ]; then
232+ echo "'path' parameter is required"
233+ exit 1
234+fi
235+
236+if [ "$(id -u)" != "0" ]; then
237+ echo "This script should be run as 'root'"
238+ exit 1
239+fi
240+
241+rootfs=$path/rootfs
242+
243+type ubuntu-cloudimg-query
244+type wget
245+
246+# determine the url, tarball, and directory names
247+# download if needed
248+cache="/var/cache/lxc/cloud-$release"
249+
250+mkdir -p $cache
251+
252+if [ -n "$tarball" ]; then
253+ url2="$tarball"
254+else
255+ url1=`ubuntu-cloudimg-query $release $stream $arch --format "%{url}\n"`
256+ url2=`echo $url1 | sed -e 's/.tar.gz/-root\0/'`
257+fi
258+
259+filename=`basename $url2`
260+
261+buildcleanup()
262+{
263+ cd $rootfs
264+ umount -l $cache/$xdir || true
265+ rm -rf $cache
266+}
267+
268+# if the release doesn't have a *-rootfs.tar.gz, then create one from the
269+# cloudimg.tar.gz by extracting the .img, mounting it loopback, and creating
270+# a tarball from the mounted image.
271+build_root_tgz()
272+{
273+ url=$1
274+ filename=$2
275+
276+ xdir=`mktemp -d -p .`
277+ tarname=`basename $url`
278+ imgname="`basename $tarname .tar.gz`.img"
279+ trap buildcleanup EXIT
280+ if [ $flushcache -eq 1 -o ! -f $cache/$tarname ]; then
281+ rm -f $tarname
282+ echo "Downloading cloud image from $url"
283+ wget $url || { echo "Couldn't find cloud image $url."; exit 1; }
284+ fi
285+ echo "Creating new cached cloud image rootfs"
286+ tar zxf $tarname $imgname
287+ mount -o loop $imgname $xdir
288+ (cd $xdir; tar zcf ../$filename .)
289+ umount $xdir
290+ rm -f $tarname $imgname
291+ rmdir $xdir
292+ echo "New cloud image cache created"
293+ trap EXIT
294+}
295+
296+mkdir -p /var/lock/subsys/
297+(
298+ flock -n -x 200
299+
300+ cd $cache
301+ if [ $flushcache -eq 1 ]; then
302+ echo "Clearing the cached images"
303+ rm -f $filename
304+ fi
305+
306+ if [ ! -f $filename ]; then
307+ wget $url2 || build_root_tgz $url1 $filename
308+ fi
309+
310+ echo "Extracting container rootfs"
311+ mkdir -p $rootfs
312+ cd $rootfs
313+ tar -zxf $cache/$filename
314+
315+
316+ if [ $cloud -eq 0 ]; then
317+ echo "Configuring for running outside of a cloud environment"
318+ echo "If you want to configure for a cloud evironment, please use '-- -C' to create the container"
319+
320+ seed_d=$rootfs/var/lib/cloud/seed/nocloud-net
321+ rhostid=$(uuidgen | cut -c -8)
322+ host_id=${hostid:-$rhostid}
323+ mkdir -p $seed_d
324+
325+ cat > "$seed_d/meta-data" <<EOF
326+instance_id: lxc-$host_id
327+EOF
328+
329+ rm $rootfs/etc/hostname
330+
331+ if [ $locales -eq 1 ]; then
332+ cp /usr/lib/locale/locale-archive $rootfs/usr/lib/locale/locale-archive
333+ fi
334+
335+
336+ if [ -n "$auth_key" -a -f "$auth_key" ]; then
337+ u_path="/home/ubuntu/.ssh"
338+ root_u_path="$rootfs/$u_path"
339+ mkdir -p $root_u_path
340+ cp $auth_key "$root_u_path/authorized_keys"
341+ chroot $rootfs chown -R ubuntu: "$u_path"
342+
343+ echo "Inserted SSH public key from $auth_key into /home/ubuntu/.ssh/authorized_keys"
344+ fi
345+
346+ if [ ! -f $userdata ]; then
347+ cp $userdata $data_d/user-data
348+ else
349+
350+ if [ -z "$MIRROR" ]; then
351+ MIRROR="http://archive.ubuntu.com/ubuntu"
352+ fi
353+
354+ cat > "$seed_d/user-data" <<EOF
355+#cloud-config
356+output: {all: '| tee -a /var/log/cloud-init-output.log'}
357+apt-mirror: $MIRROR
358+manage_etc_hosts: localhost
359+locale: $(/usr/bin/locale | awk -F= '/LANG=/ {print$NF}')
360+EOF
361+
362+ fi
363+
364+ chroot $rootfs /usr/sbin/usermod -U ubuntu
365+ echo "ubuntu:ubuntu" | chroot $rootfs chpasswd
366+ echo "Please login as user ubuntu with password ubuntu."
367+
368+ else
369+
370+ echo "Configured for running in a cloud environment."
371+ echo "If you do not have a meta-data service, this container will likely be useless."
372+
373+ fi
374+
375+) 200>/var/lock/subsys/lxc-ubucloud
376+
377+copy_configuration $path $rootfs $name $arch
378+
379+echo "Container $name created."
380+exit 0
381
382=== added file '.pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu.in'
383--- .pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu.in 1970-01-01 00:00:00 +0000
384+++ .pc/0068-fix-lxc-config-layout/templates/lxc-ubuntu.in 2012-04-10 02:30:27 +0000
385@@ -0,0 +1,679 @@
386+#!/bin/bash
387+
388+#
389+# template script for generating ubuntu container for LXC
390+#
391+# This script consolidates and extends the existing lxc ubuntu scripts
392+#
393+
394+# Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com>
395+# Copyright © 2010 Wilhelm Meier
396+# Author: Wilhelm Meier <wilhelm.meier@fh-kl.de>
397+#
398+# This program is free software; you can redistribute it and/or modify
399+# it under the terms of the GNU General Public License version 2, as
400+# published by the Free Software Foundation.
401+
402+# This program is distributed in the hope that it will be useful,
403+# but WITHOUT ANY WARRANTY; without even the implied warranty of
404+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
405+# GNU General Public License for more details.
406+
407+# You should have received a copy of the GNU General Public License along
408+# with this program; if not, write to the Free Software Foundation, Inc.,
409+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
410+#
411+
412+set -e
413+
414+if [ -r /etc/default/lxc ]; then
415+ . /etc/default/lxc
416+fi
417+
418+configure_ubuntu()
419+{
420+ rootfs=$1
421+ hostname=$2
422+ release=$3
423+
424+ # configure the network using the dhcp
425+ cat <<EOF > $rootfs/etc/network/interfaces
426+auto lo
427+iface lo inet loopback
428+
429+auto eth0
430+iface eth0 inet dhcp
431+EOF
432+
433+ # set the hostname
434+ cat <<EOF > $rootfs/etc/hostname
435+$hostname
436+EOF
437+ # set minimal hosts
438+ cat <<EOF > $rootfs/etc/hosts
439+127.0.0.1 localhost $hostname
440+EOF
441+
442+ if [ "$release" != "precise" ]; then
443+ # suppress log level output for udev
444+ sed -i "s/=\"err\"/=0/" $rootfs/etc/udev/udev.conf
445+
446+ # remove jobs for consoles 5 and 6 since we only create 4 consoles in
447+ # this template
448+ rm -f $rootfs/etc/init/tty{5,6}.conf
449+ fi
450+
451+ if [ -z "$bindhome" ]; then
452+ chroot $rootfs useradd --create-home -s /bin/bash ubuntu
453+ echo "ubuntu:ubuntu" | chroot $rootfs chpasswd
454+ fi
455+
456+ return 0
457+}
458+
459+# finish setting up the user in the container by injecting ssh key and
460+# adding sudo group membership.
461+# passed-in user is either 'ubuntu' or the user to bind in from host.
462+finalize_user()
463+{
464+ user=$1
465+
466+ if [ "$release" = "precise" ]; then
467+ groups="sudo"
468+ else
469+ groups="sudo admin"
470+ fi
471+
472+ for group in $groups; do
473+ chroot $rootfs groupadd --system $group >/dev/null 2>&1 || true
474+ chroot $rootfs adduser ${user} $group >/dev/null 2>&1 || true
475+ done
476+
477+ if [ -n "$auth_key" -a -f "$auth_key" ]; then
478+ u_path="/home/${user}/.ssh"
479+ root_u_path="$rootfs/$u_path"
480+ mkdir -p $root_u_path
481+ cp $auth_key "$root_u_path/authorized_keys"
482+ chroot $rootfs chown -R ${user}: "$u_path"
483+
484+ echo "Inserted SSH public key from $auth_key into /home/${user}/.ssh/authorized_keys"
485+ fi
486+ return 0
487+}
488+
489+write_sourceslist()
490+{
491+ # $1 => path to the rootfs
492+ # $2 => architecture we want to add
493+ # $3 => whether to use the multi-arch syntax or not
494+
495+ case $2 in
496+ amd64|i386)
497+ MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu}
498+ SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu}
499+ ;;
500+ sparc)
501+ case $SUITE in
502+ gutsy)
503+ MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu}
504+ SECURITY_MIRROR=${SECURITY_MIRRORMIRROR:-http://security.ubuntu.com/ubuntu}
505+ ;;
506+ *)
507+ MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
508+ SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
509+ ;;
510+ esac
511+ ;;
512+ *)
513+ MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
514+ SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
515+ ;;
516+ esac
517+ if [ -n "$3" ]; then
518+ cat >> "$1/etc/apt/sources.list" << EOF
519+deb [arch=$2] $MIRROR ${release} main restricted universe multiverse
520+deb [arch=$2] $MIRROR ${release}-updates main restricted universe multiverse
521+deb [arch=$2] $SECURITY_MIRROR ${release}-security main restricted universe multiverse
522+EOF
523+ else
524+ cat >> "$1/etc/apt/sources.list" << EOF
525+deb $MIRROR ${release} main restricted universe multiverse
526+deb $MIRROR ${release}-updates main restricted universe multiverse
527+deb $SECURITY_MIRROR ${release}-security main restricted universe multiverse
528+EOF
529+ fi
530+}
531+
532+download_ubuntu()
533+{
534+ cache=$1
535+ arch=$2
536+ release=$3
537+
538+ if [ $release = "lucid" ]; then
539+ packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg
540+ elif [ $release = "maverick" ]; then
541+ packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg,netbase
542+ elif [ $release = "natty" ]; then
543+ packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase
544+ else
545+ packages=dialog,apt,apt-utils,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase,ubuntu-keyring
546+ fi
547+ echo "installing packages: $packages"
548+
549+ # check the mini ubuntu was not already downloaded
550+ mkdir -p "$cache/partial-$arch"
551+ if [ $? -ne 0 ]; then
552+ echo "Failed to create '$cache/partial-$arch' directory"
553+ return 1
554+ fi
555+
556+ # download a mini ubuntu into a cache
557+ echo "Downloading ubuntu $release minimal ..."
558+ if [ -n "$(which qemu-debootstrap)" ]; then
559+ qemu-debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR
560+ else
561+ debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR
562+ fi
563+
564+ if [ $? -ne 0 ]; then
565+ echo "Failed to download the rootfs, aborting."
566+ return 1
567+ fi
568+
569+ # Serge isn't sure whether we should avoid doing this when
570+ # $release == `distro-info -d`
571+ echo "Installing updates"
572+ > $cache/partial-$arch/etc/apt/sources.list
573+ write_sourceslist $cache/partial-$arch/ $arch
574+
575+ chroot "$1/partial-${arch}" apt-get update
576+ if [ $? -ne 0 ]; then
577+ echo "Failed to update the apt cache"
578+ return 1
579+ fi
580+ cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF
581+#!/bin/sh
582+exit 101
583+EOF
584+ chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d
585+
586+ lxc-unshare -s MOUNT -- chroot "$1/partial-${arch}" apt-get dist-upgrade -y
587+ ret=$?
588+ rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d
589+
590+ if [ $ret -ne 0 ]; then
591+ echo "Failed to upgrade the cache"
592+ return 1
593+ fi
594+
595+ mv "$1/partial-$arch" "$1/rootfs-$arch"
596+ echo "Download complete"
597+ return 0
598+}
599+
600+copy_ubuntu()
601+{
602+ cache=$1
603+ arch=$2
604+ rootfs=$3
605+
606+ # make a local copy of the miniubuntu
607+ echo "Copying rootfs to $rootfs ..."
608+ mkdir -p $rootfs
609+ rsync -a $cache/rootfs-$arch/ $rootfs/ || return 1
610+ return 0
611+}
612+
613+install_ubuntu()
614+{
615+ rootfs=$1
616+ release=$2
617+ flushcache=$3
618+ cache="/var/cache/lxc/$release"
619+ mkdir -p /var/lock/subsys/
620+ (
621+ flock -n -x 200
622+ if [ $? -ne 0 ]; then
623+ echo "Cache repository is busy."
624+ return 1
625+ fi
626+
627+
628+ if [ $flushcache -eq 1 ]; then
629+ echo "Flushing cache..."
630+ rm -rf "$cache/partial-$arch"
631+ rm -rf "$cache/rootfs-$arch"
632+ fi
633+
634+ echo "Checking cache download in $cache/rootfs-$arch ... "
635+ if [ ! -e "$cache/rootfs-$arch" ]; then
636+ download_ubuntu $cache $arch $release
637+ if [ $? -ne 0 ]; then
638+ echo "Failed to download 'ubuntu $release base'"
639+ return 1
640+ fi
641+ fi
642+
643+ echo "Copy $cache/rootfs-$arch to $rootfs ... "
644+ copy_ubuntu $cache $arch $rootfs
645+ if [ $? -ne 0 ]; then
646+ echo "Failed to copy rootfs"
647+ return 1
648+ fi
649+
650+ return 0
651+
652+ ) 200>/var/lock/subsys/lxc
653+
654+ return $?
655+}
656+
657+copy_configuration()
658+{
659+ path=$1
660+ rootfs=$2
661+ name=$3
662+ arch=$4
663+ release=$5
664+
665+ if [ $arch = "i386" ]; then
666+ arch="i686"
667+ fi
668+
669+ ttydir=""
670+ if [ $release = "precise" ]; then
671+ ttydir=" lxc"
672+ fi
673+
674+ # if there is exactly one veth network entry, make sure it has an
675+ # associated hwaddr.
676+ nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
677+ if [ $nics -eq 1 ]; then
678+ grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
679+lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
680+EOF
681+ fi
682+
683+ cat <<EOF >> $path/config
684+lxc.utsname = $name
685+
686+lxc.devttydir =$ttydir
687+lxc.tty = 4
688+lxc.pts = 1024
689+lxc.rootfs = $rootfs
690+lxc.mount = $path/fstab
691+lxc.arch = $arch
692+lxc.cap.drop = sys_module mac_admin
693+# uncomment the next line to run the container unconfined:
694+#lxc.aa_profile = unconfined
695+
696+lxc.cgroup.devices.deny = a
697+# Allow any mknod (but not using the node)
698+lxc.cgroup.devices.allow = c *:* m
699+lxc.cgroup.devices.allow = b *:* m
700+# /dev/null and zero
701+lxc.cgroup.devices.allow = c 1:3 rwm
702+lxc.cgroup.devices.allow = c 1:5 rwm
703+# consoles
704+lxc.cgroup.devices.allow = c 5:1 rwm
705+lxc.cgroup.devices.allow = c 5:0 rwm
706+#lxc.cgroup.devices.allow = c 4:0 rwm
707+#lxc.cgroup.devices.allow = c 4:1 rwm
708+# /dev/{,u}random
709+lxc.cgroup.devices.allow = c 1:9 rwm
710+lxc.cgroup.devices.allow = c 1:8 rwm
711+lxc.cgroup.devices.allow = c 136:* rwm
712+lxc.cgroup.devices.allow = c 5:2 rwm
713+# rtc
714+lxc.cgroup.devices.allow = c 254:0 rwm
715+#fuse
716+lxc.cgroup.devices.allow = c 10:229 rwm
717+#tun
718+lxc.cgroup.devices.allow = c 10:200 rwm
719+#full
720+lxc.cgroup.devices.allow = c 1:7 rwm
721+#hpet
722+lxc.cgroup.devices.allow = c 10:228 rwm
723+#kvm
724+lxc.cgroup.devices.allow = c 10:232 rwm
725+EOF
726+
727+ cat <<EOF > $path/fstab
728+proc proc proc nodev,noexec,nosuid 0 0
729+sysfs sys sysfs defaults 0 0
730+EOF
731+
732+ if [ $? -ne 0 ]; then
733+ echo "Failed to add configuration"
734+ return 1
735+ fi
736+
737+ return 0
738+}
739+
740+trim()
741+{
742+ rootfs=$1
743+ release=$2
744+
745+ # provide the lxc service
746+ cat <<EOF > $rootfs/etc/init/lxc.conf
747+# fake some events needed for correct startup other services
748+
749+description "Container Upstart"
750+
751+start on startup
752+
753+script
754+ rm -rf /var/run/*.pid
755+ rm -rf /var/run/network/*
756+ /sbin/initctl emit stopped JOB=udevtrigger --no-wait
757+ /sbin/initctl emit started JOB=udev --no-wait
758+end script
759+EOF
760+
761+ # fix buggus runlevel with sshd
762+ cat <<EOF > $rootfs/etc/init/ssh.conf
763+# ssh - OpenBSD Secure Shell server
764+#
765+# The OpenSSH server provides secure shell access to the system.
766+
767+description "OpenSSH server"
768+
769+start on filesystem
770+stop on runlevel [!2345]
771+
772+expect fork
773+respawn
774+respawn limit 10 5
775+umask 022
776+# replaces SSHD_OOM_ADJUST in /etc/default/ssh
777+oom never
778+
779+pre-start script
780+ test -x /usr/sbin/sshd || { stop; exit 0; }
781+ test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
782+ test -c /dev/null || { stop; exit 0; }
783+
784+ mkdir -p -m0755 /var/run/sshd
785+end script
786+
787+# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
788+# 'exec' line here instead
789+exec /usr/sbin/sshd
790+EOF
791+
792+ cat <<EOF > $rootfs/etc/init/console.conf
793+# console - getty
794+#
795+# This service maintains a console on tty1 from the point the system is
796+# started until it is shut down again.
797+
798+start on stopped rc RUNLEVEL=[2345]
799+stop on runlevel [!2345]
800+
801+respawn
802+exec /sbin/getty -8 38400 /dev/console
803+EOF
804+
805+ cat <<EOF > $rootfs/lib/init/fstab
806+# /lib/init/fstab: cleared out for bare-bones lxc
807+EOF
808+
809+ # reconfigure some services
810+ if [ -z "$LANG" ]; then
811+ chroot $rootfs locale-gen en_US.UTF-8
812+ chroot $rootfs update-locale LANG=en_US.UTF-8
813+ else
814+ chroot $rootfs locale-gen $LANG
815+ chroot $rootfs update-locale LANG=$LANG
816+ fi
817+
818+ # remove pointless services in a container
819+ chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
820+
821+ chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done'
822+ chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done'
823+ chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done'
824+ chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done'
825+ chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done'
826+
827+ # if this isn't lucid, then we need to twiddle the network upstart bits :(
828+ if [ $release != "lucid" ]; then
829+ sed -i 's/^.*emission handled.*$/echo Emitting lo/' $rootfs/etc/network/if-up.d/upstart
830+ fi
831+}
832+
833+post_process()
834+{
835+ rootfs=$1
836+ release=$2
837+ trim_container=$3
838+
839+ if [ $trim_container -eq 1 ]; then
840+ trim $rootfs $release
841+ elif [ $release = "lucid" -o $release = "maverick" -o $release = "natty" \
842+ -o $release = "oneiric" ]; then
843+ # for lucid and maverick, if not trimming, then add the ubuntu-virt
844+ # ppa and install lxcguest
845+ if [ $release = "lucid" -o $release = "maverick" ]; then
846+ chroot $rootfs apt-get install --force-yes -y python-software-properties
847+ chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa
848+ fi
849+ cresolvonf="${rootfs}/etc/resolv.conf"
850+ mv $cresolvonf ${cresolvonf}.lxcbak
851+ cat /etc/resolv.conf > ${cresolvonf}
852+ chroot $rootfs apt-get update
853+ chroot $rootfs apt-get install --force-yes -y lxcguest
854+ rm -f ${cresolvonf}
855+ mv ${cresolvonf}.lxcbak ${cresolvonf}
856+ fi
857+
858+ # If the container isn't running a native architecture, setup multiarch
859+ if [ -x "$(ls -1 ${rootfs}/usr/bin/qemu-*-static 2>/dev/null)" ]; then
860+ mkdir -p ${rootfs}/etc/dpkg/dpkg.cfg.d
861+ echo "foreign-architecture ${hostarch}" > ${rootfs}/etc/dpkg/dpkg.cfg.d/lxc-multiarch
862+
863+ # Save existing value of MIRROR and SECURITY_MIRROR
864+ DEFAULT_MIRROR=$MIRROR
865+ DEFAULT_SECURITY_MIRROR=$SECURITY_MIRROR
866+
867+ # Write a new sources.list containing both native and multiarch entries
868+ > ${rootfs}/etc/apt/sources.list
869+ write_sourceslist $rootfs $arch "native"
870+
871+ MIRROR=$DEFAULT_MIRROR
872+ SECURITY_MIRROR=$DEFAULT_SECURITY_MIRROR
873+ write_sourceslist $rootfs $hostarch "multiarch"
874+
875+ # Finally update the lists and install upstart using the host architecture
876+ chroot $rootfs apt-get update
877+ chroot $rootfs apt-get install --force-yes -y --no-install-recommends upstart:${hostarch} mountall:amd64 iproute:amd64 isc-dhcp-client:amd64
878+ fi
879+}
880+
881+do_bindhome()
882+{
883+ rootfs=$1
884+ user=$2
885+
886+ # copy /etc/passwd, /etc/shadow, and /etc/group entries into container
887+ pwd=`getent passwd $user` || { echo "Failed to copy password entry for $user"; false; }
888+ echo $pwd >> $rootfs/etc/passwd
889+
890+ # make sure user's shell exists in the container
891+ shell=`echo $pwd | cut -d: -f 7`
892+ if [ ! -x $rootfs/$shell ]; then
893+ echo "shell $shell for user $user was not found in the container."
894+ pkg=`dpkg -S $(readlink -m $shell) | cut -d ':' -f1`
895+ echo "Installing $pkg"
896+ chroot $rootfs apt-get --force-yes -y install $pkg
897+ fi
898+
899+ shad=`getent shadow $user`
900+ echo "$shad" >> $rootfs/etc/shadow
901+
902+ # bind-mount the user's path into the container's /home
903+ h=`getent passwd $user | cut -d: -f 6`
904+ mkdir -p $rootfs/$h
905+ # use relative path in container
906+ h2=${h#/}
907+ while [ ${h2:0:1} = "/" ]; do
908+ h2=${h2#/}
909+ done
910+ echo "$h $h2 none bind 0 0" >> $path/fstab
911+
912+ # Make sure the group exists in container
913+ grp=`echo $pwd | cut -d: -f 4` # group number for $user
914+ grpe=`getent group $grp` || return 0 # if host doesn't define grp, ignore in container
915+ chroot $rootfs getent group "$grpe" || echo "$grpe" >> $rootfs/etc/group
916+}
917+
918+usage()
919+{
920+ cat <<EOF
921+$1 -h|--help [-a|--arch] [-b|--bindhome <user>] [--trim] [-d|--debug]
922+ [-F | --flush-cache] [-r|--release <release>] [ -S | --auth-key <keyfile>]
923+release: lucid | maverick | natty | oneiric | precise
924+trim: make a minimal (faster, but not upgrade-safe) container
925+bindhome: bind <user>'s home into the container
926+ The ubuntu user will not be created, and <user> will have
927+ sudo access.
928+arch: amd64 or i386: defaults to host arch
929+auth-key: SSH Public key file to inject into container
930+EOF
931+ return 0
932+}
933+
934+options=$(getopt -o a:b:hp:r:xn:FS:d -l arch:,bindhome:,help,path:,release:,trim,name:,flush-cache,auth-key:,debug -- "$@")
935+if [ $? -ne 0 ]; then
936+ usage $(basename $0)
937+ exit 1
938+fi
939+eval set -- "$options"
940+
941+release=lucid
942+if [ -f /etc/lsb-release ]; then
943+ . /etc/lsb-release
944+ case "$DISTRIB_CODENAME" in
945+ lucid|maverick|natty|oneiric|precise)
946+ release=$DISTRIB_CODENAME
947+ ;;
948+ esac
949+fi
950+
951+bindhome=
952+arch=$(arch)
953+
954+# Code taken from debootstrap
955+if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
956+ arch=`/usr/bin/dpkg --print-architecture`
957+elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
958+ arch=`/usr/bin/udpkg --print-architecture`
959+else
960+ arch=$(arch)
961+ if [ "$arch" = "i686" ]; then
962+ arch="i386"
963+ elif [ "$arch" = "x86_64" ]; then
964+ arch="amd64"
965+ elif [ "$arch" = "armv7l" ]; then
966+ arch="armel"
967+ fi
968+fi
969+
970+debug=0
971+trim_container=0
972+hostarch=$arch
973+flushcache=0
974+while true
975+do
976+ case "$1" in
977+ -h|--help) usage $0 && exit 0;;
978+ -p|--path) path=$2; shift 2;;
979+ -n|--name) name=$2; shift 2;;
980+ -F|--flush-cache) flushcache=1; shift 1;;
981+ -r|--release) release=$2; shift 2;;
982+ -b|--bindhome) bindhome=$2; shift 2;;
983+ -a|--arch) arch=$2; shift 2;;
984+ -x|--trim) trim_container=1; shift 1;;
985+ -S|--auth-key) auth_key=$2; shift 2;;
986+ -d|--debug) debug=1; shift 1;;
987+ --) shift 1; break ;;
988+ *) break ;;
989+ esac
990+done
991+
992+if [ $debug -eq 1 ]; then
993+ set -x
994+fi
995+
996+if [ -n "$bindhome" ]; then
997+ pwd=`getent passwd $bindhome`
998+ if [ $? -ne 0 ]; then
999+ echo "Error: no password entry found for $bindhome"
1000+ exit 1
1001+ fi
1002+fi
1003+
1004+
1005+if [ "$arch" == "i686" ]; then
1006+ arch=i386
1007+fi
1008+
1009+if [ $hostarch = "i386" -a $arch = "amd64" ]; then
1010+ echo "can't create amd64 container on i386"
1011+ exit 1
1012+fi
1013+
1014+type debootstrap
1015+if [ $? -ne 0 ]; then
1016+ echo "'debootstrap' command is missing"
1017+ exit 1
1018+fi
1019+
1020+if [ -z "$path" ]; then
1021+ echo "'path' parameter is required"
1022+ exit 1
1023+fi
1024+
1025+if [ "$(id -u)" != "0" ]; then
1026+ echo "This script should be run as 'root'"
1027+ exit 1
1028+fi
1029+
1030+rootfs=$path/rootfs
1031+
1032+install_ubuntu $rootfs $release $flushcache
1033+if [ $? -ne 0 ]; then
1034+ echo "failed to install ubuntu $release"
1035+ exit 1
1036+fi
1037+
1038+configure_ubuntu $rootfs $name $release
1039+if [ $? -ne 0 ]; then
1040+ echo "failed to configure ubuntu $release for a container"
1041+ exit 1
1042+fi
1043+
1044+copy_configuration $path $rootfs $name $arch $release
1045+if [ $? -ne 0 ]; then
1046+ echo "failed write configuration file"
1047+ exit 1
1048+fi
1049+
1050+post_process $rootfs $release $trim_container
1051+
1052+if [ -n "$bindhome" ]; then
1053+ do_bindhome $rootfs $bindhome
1054+ finalize_user $bindhome
1055+else
1056+ finalize_user ubuntu
1057+fi
1058+
1059+echo ""
1060+echo "##"
1061+echo "# The default user is 'ubuntu' with password 'ubuntu'!"
1062+echo "# Use the 'sudo' command to run tasks as root in the container."
1063+echo "##"
1064+echo ""
1065
1066=== modified file '.pc/applied-patches'
1067--- .pc/applied-patches 2012-04-09 14:24:24 +0000
1068+++ .pc/applied-patches 2012-04-10 02:30:27 +0000
1069@@ -78,5 +78,9 @@
1070 0065-fix-bindhome-relpath
1071 0066-confile-typo
1072 0067-templates-lxc-profile
1073+<<<<<<< TREE
1074 0068-fix-lxc-config-layout
1075 0069-ubuntu-cloud-fix
1076+=======
1077+0068-fix-lxc-config-layout
1078+>>>>>>> MERGE-SOURCE
1079
1080=== modified file 'debian/changelog'
1081--- debian/changelog 2012-04-09 14:24:24 +0000
1082+++ debian/changelog 2012-04-10 02:30:27 +0000
1083@@ -1,3 +1,4 @@
1084+<<<<<<< TREE
1085 lxc (0.7.5-3ubuntu50) precise; urgency=low
1086
1087 [ Stéphane Graber ]
1088@@ -8,6 +9,14 @@
1089
1090 -- Ben Howard <ben.howard@canonical.com> Mon, 09 Apr 2012 14:24:24 -0600
1091
1092+=======
1093+lxc (0.7.5-3ubuntu50) UNRELEASED; urgency=low
1094+
1095+ * Minor ubuntu template tweak to add missing space after lxc.network.hwaddr.
1096+
1097+ -- Stéphane Graber <stgraber@ubuntu.com> Mon, 02 Apr 2012 22:21:04 -0400
1098+
1099+>>>>>>> MERGE-SOURCE
1100 lxc (0.7.5-3ubuntu49) precise; urgency=low
1101
1102 * debian/lxc-default.apparmor: add mediate_deleted flag (LP: #969299)
1103
1104=== modified file 'debian/local/lxc-start-ephemeral'
1105--- debian/local/lxc-start-ephemeral 2012-03-21 08:20:06 +0000
1106+++ debian/local/lxc-start-ephemeral 2012-04-10 02:30:27 +0000
1107@@ -198,7 +198,7 @@
1108 (
1109 while read line; do
1110 if [ "${line:0:18}" = "lxc.network.hwaddr" ]; then
1111- echo "lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')"
1112+ echo "lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')"
1113 else
1114 echo $line
1115 fi
1116
1117=== added file 'debian/patches/0068-fix-lxc-config-layout'
1118--- debian/patches/0068-fix-lxc-config-layout 1970-01-01 00:00:00 +0000
1119+++ debian/patches/0068-fix-lxc-config-layout 2012-04-10 02:30:27 +0000
1120@@ -0,0 +1,26 @@
1121+Description: Minor lxc config template layout fix
1122+Author: Stéphane Graber <stgraber@ubuntu.com>
1123+Forwarded: no
1124+
1125+--- lxc-0.7.5.orig/templates/lxc-ubuntu-cloud.in
1126++++ lxc-0.7.5/templates/lxc-ubuntu-cloud.in
1127+@@ -41,7 +41,7 @@ copy_configuration()
1128+ nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
1129+ if [ $nics -eq 1 ]; then
1130+ grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
1131+-lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
1132++lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
1133+ EOF
1134+ fi
1135+
1136+--- lxc-0.7.5.orig/templates/lxc-ubuntu.in
1137++++ lxc-0.7.5/templates/lxc-ubuntu.in
1138+@@ -291,7 +291,7 @@ copy_configuration()
1139+ nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
1140+ if [ $nics -eq 1 ]; then
1141+ grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
1142+-lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
1143++lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
1144+ EOF
1145+ fi
1146+
1147
1148=== renamed file 'debian/patches/0068-fix-lxc-config-layout' => 'debian/patches/0068-fix-lxc-config-layout.moved'
1149=== modified file 'debian/patches/series'
1150--- debian/patches/series 2012-04-09 14:24:24 +0000
1151+++ debian/patches/series 2012-04-10 02:30:27 +0000
1152@@ -78,5 +78,9 @@
1153 0065-fix-bindhome-relpath
1154 0066-confile-typo
1155 0067-templates-lxc-profile
1156+<<<<<<< TREE
1157 0068-fix-lxc-config-layout
1158 0069-ubuntu-cloud-fix
1159+=======
1160+0068-fix-lxc-config-layout
1161+>>>>>>> MERGE-SOURCE
1162
1163=== modified file 'templates/lxc-ubuntu-cloud.in'

Subscribers

People subscribed via source and target branches

to all changes: