create symlink for /var/run this patch create /var/run link to point to /run. This will fix various issue present when /var/run is persistent. Signed-off-by: Marc Gariepy <gariepy.marc@gmail.com>

Fix spelling of CentOS in the templates Signed-off-by: Roman Mueller <roman.mueller@gmail.com>

Added OR statement for cases of ID = rhel in RHEL 7+ Signed-off-by: Hartnell Foster <hartnell.foster@bbc.co.uk>

Use ${utsname} instead of ${UTSNAME} because latter variable is not defined. Signed-off-by: KURODA Hiraku <kuroda@syngram.co.jp>

Fix message after {fedora|centos}container creation If the backingstore is not 'dir', then lxc shouldn't ask the user to change the password by performing a 'chroot'. Rather, the user should start, attach, use the passwd command, and then stop the container. Fixes #731 Signed-off-by: Nehal J Wani <nehaljw.kkd1@gmail.com>

use `hostname` for DHCP_HOSTNAME in ifcfg-eth0 Updated centos/fedora/oracle templates to use `hostname` for DHCP_HOSTNAME in /etc/sysconfig/network/ifcfg-eth0, so the container's host name is propagated to the host's DHCP server (e.g. dnsmasq, which also acts as the DNS server). This resolves lxc/lxd#756 Signed-off-by: Lenz Grimmer <lenz@grimmer.com>

Added container-cache option to templates This change adds in the container-cache option within the mainline default lxc templates. The pupose here is to allow a template to pull from a location that may not be `@LOCALSTATEDIR@/cache/lxc` Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>

The yum in Centos 5.11 does not know about '--releasever', which is used by: lxc-create ... -- release=VERSION The release version only needs to be set in the outer bootstrap, not the inner one. With this change an lxc-create bootstrap of CentOS 5.11 completes enough to be usable. CentOS 5.11 containers can be created, started, stopped, and networking works. Signed-off-by: Dwight Schauer <das@teegra.net>

update path of tty.conf $container_rootfs may not be used so 'sed' will try to patch "/etc/init/tty.conf". It must not be correct. Signed-off-by: Teruo Oshida <teruo.oshida@miraclelinux.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Now including grep -q Signed-off-by: Alexandre Letourneau <letourneau.alexandre@gmail.com>

Added a more reliable test for yum --releasever in the centos template Signed-off-by: Alexandre Létourneau <letourneau.alexandre@gmail.com>

no such option: --releasever on CentOS5's yum Signed-off-by: tukiyo3 <tukiyo3@gmail.com>

centos: Fix booting a Centos 6 container Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

lxc-{centos|fedora}: Respect --rootfs Close #406 Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

Turn autodev on by default Now that autodev works fine with unprivileged containers and shouldn't come with any side effect, lets turn it on by default. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

lxc-centos: pass releasever parameter to yum Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

lxc-centos: protect possibly unset variable with quotes for -z check Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

lxc-centos: fix tab/space mixup in help text. Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

lxc-centos: fix parsing of option "--clean": it takes no argument Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

typofixes - https://github.com/vlajos/misspell_fixer Signed-off-by: Veres Lajos <vlajos@gmail.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Fix lxc-centos.in typo. Signed-off-by: 謝致邦 <Yeking@Red54.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Include hostname in DHCP requests With the current old CentOS template, dnsmasq was not able to resolve the hostname of an lxc container after it had been created. This minor change rectifies that. Signed-off-by: Kalman Olah <hello@kalmanolah.net> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

templates: switch from arch command to uname -m Signed-off-by: Michael Werner <xaseron@googlemail.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

centos template: prevent mingetty from calling vhangup(2) When using unprivileged containers, tty fails because of vhangup. Adding --nohangup to nimgetty, it fixes the issue. This is the same problem occurred for oracle template, commit 2e83f7201c5d402478b9849f0a85c62d5b9f1589 Signed-off-by: Claudio Alarcon clalarco@gmail.com

Added lxc.arch to configuration files for CentOS and Fedora Added lxc.arch to the resulting container configuration files to support i686 on x86_64 cross arch containers. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Added root_password_expired password control tuning knob. Added the environment variable "root_password_expired" to control if the initial, temporary, root password is initially set up as "expired". If set to "yes" (default), the root password is set as "expired" and the user must change it at first login. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Support SIGPWR in Fedora and Centos containers. Added code to catch SIGPWR for Upstart in Fedora and CentOS containers as well as for Systemd in Fedora containers. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Set timezone for new container if not previously defined. If the container does not already contain an /etc/localtime timezone definition, then copy a definition from the host to the container. This is often a symlink to an appropriate system timezone definition files and is presumed to exist in Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

templates: Fix bashisms in common code Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

templates: Make sure usual locations are in PATH Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

templates: improve refusing to run unprivileged For all templates except lxc-ubuntu-cloud and lxc-download, detect not only --mapped-uid but also --mapped-gid and error out. Detecting will not be done after -- parameter because of non-option parameters. Also, change the mode of lxc-archlinux.in 100755 to 100644. Signed-off-by: TAMUKI Shoichi <tamuki@linet.gr.jp> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

templates: Refuse to run unprivileged Only the download and ubuntu-cloud templates work with unprivileged containers, for all others, detect --mapped-uid and error out as early as possible, recommending the use of the download template. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>

support a custom CentOS repository This change introduces a flag --repo to the lxc-centos template to allow using a local repository (e.g. a loop mounted installer iso on your web server). Signed-off-by: Harald Dunkel <harri@afaics.de> Acked-by: Michael H. Warfield <mhw@WittsEnd.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Update CentOS and Fedora templates to support archtectures option. Added code to the CentOS and Fedora templates so that x86 32 bit containers may be built on x86_64 platforms. Like archectectures may also be trivially used as well. Option added is "-a {arch}". Additionally cleaned up some bash specific logic. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Update Fedora and CentOS templates for common conf includes. This updates the Fedora and CentOS templates to utilize a common included config. This is largely based on the changes in the Oracle template with some exceptions. Dropping of setpcap (present in the Oracle template) is commented out in the Fedora template. It seems to cause problems, such as large login delays with Fedora 20 containers (but not Fedora 19 - strange). The Fedora template is further modified to disable systemd-journald.service as it is unnecessary in a container and causes serious problems when running in a Fedora 20 container. The Fedora template is also updated to default to Fedora 20 when running on a non-Fedora host. Regards, Mike Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Modify lxc-fedora and lxc-centos for multiple issues... This is a reissue of two previous patches along with some additional changes for hardening the root password process based on discussions on-list. -- This patch modifies the lxc-fedora and lxc-centos templates for 3 things. 1) Extensively modifies root password generation, storage, and management based on discussions on the devel list. Root passwords are hardened and have advanced configurability. A static password may be provided. A password based on a template may be generated, including ${RANDOM}. A password may be generated through mktmp using a template with X's. Root passwords default to expired, initially. Passwords may optionally be echoed to stdout at container creation. (no) Passwords may optionally be stored in ${rootfs_path}/tmp_root_pass. (yes) Users may be optionally forced to change the password at creation time. (no) Default is to generate a pattern based password and store, no force change. All of this may be overridden by environment variables through conditional assignment. 2) Random static hardware addresses are generated for all configured interfaces. 3) Add code to create sysv init style scripts to intercept shutdown and reboot to prevent init restart and hang for CentOS and legacy Fedora systems on shutdown, reboot, init 0, and init 6. This solves a variety of hang conditions but only affects newly created containers. Does not have any impact on systemd based containers. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

handle simple bashisms: - [[ ]] -> [ ] - == -> = - source -> . - redirect of fd 200 is error in mksh, use fd 9 - &> /dev/null -> > /dev/null 2>&1 - useless function keyword - echo -e -> printf still left bash shebang which did not validate with checkbashism, mostly due 'type' being reported as bashism Signed-Off-By: Elan Ruusamäe <glen@delfi.ee> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Additional logic for dealing with container shutdown / reboot Additional logic for dealing with container shutdown / reboot Fix a problem with CentOS containers and legacy Fedora (<16) containers not shutting down or rebooting properly. Copy /etc/init.d/halt to /etc/init.d/lxc-halt, deleting everything from the "hwclock save" and all after and append a force halt or reboot at the end of the new script, to prevent reexecing init. Link that script in as S00lxc-halt in rc0.d and S00lxc-reboot in rc6.d to intercept the shutdown process before it gets to S01halt / S01reboot causing the hang. Fixed some typos in the CentOS template that were introduced in the previous patch for hwaddr settings and missed in regression testing. Cleaned up some instruction typos and tabs from previous patch. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

Fix version checking and deal with pam_loginuid in CentOS template. This deals with a reported issue when running and building containers on a CentOS host system. Fixed various typos in version checking when running on a CentOS system. Added logic for differences between point releases (6.5) and rolling (6). Added version detection logic when running on RHEL systems as well. Fixed cpe detection string (CentOS is not adhering to their own registration). Added logic to disable the pam_loginuid.so binary in containers. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

use /var/lock/subsys/lxc-centos instead of /var/lock/subsys/lxc as a lock name Signed-off-by: S.Çağlar Onur <caglar@10ur.org> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

Added templates/lxc-centos for CentOS containers. This adds an lxc-centos template for crreating CentOS 5+ templates. It does NOT create CentOS 4 or earlier containers as these are way past end of life and no longer supported. It is based on the work of Fajar A. Nugraha <github@fajar.net> who modified an earlier Fedora template. His work has been brought LARGELY into congruence with the current Fedora template. It still lacks the distro agnostic bootstrap and systemd code from the Fedora template but those should only be relevant with CentOS 7 when that can of worms pops open sometime next year or so. Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>