lxc-alpine.in revision 982e7b6ea40ea57923f4f094858424debc1a5f7f
key_sha256sums="9c102bcc376af1498d549b77bdbfa815ae86faa1d2d82f040e616b18ef2df2d4 alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub
2adcf7ce224f476330b5360ca5edb92fd0bf91c92d83292ed028d7c4e26333ab alpine-devel@lists.alpinelinux.org-4d07755e.rsa.pub"
wget="wget -q -O -"
echo -n "Determining the latest release... "
echo failed
return 1
fi
echo $release
fi
fi
rootfs="$1"
echo "Using static apk from $repository/$apk_arch"
# parse APKINDEX to find the current versions
static_pkgs=$($wget/APKINDEX.tar.gz | \
BEGIN { split(pkglist,pkg) }
$0 != "" { f[$1] = $2 }
$0 == "" { for (i in pkg)
if (pkg[i] == f["P"])
print(f["P"] "-" f["V"] ".apk") }')
for pkg in $static_pkgs; do
echo "Downloading $pkg"
done
# clean up .apk meta files
# verify checksum of the key
echo "ERROR: checksum is missing for $keyname"
return 1
fi
# verify the static apk binary signature
echo "Selecting mirror $repository"
fi
}
rootfs="$1"
shift
fi
else
fi
fi
}
rootfs="$1"
::sysinit:/sbin/rc sysinit
::wait:/sbin/rc default
tty1:12345:respawn:/sbin/getty 38400 tty1
::ctrlaltdel:/sbin/reboot
::shutdown:/sbin/rc shutdown
EOF
# set up nameserver
# configure the network using the dhcp
# note that lxc will set up lo interface
cat <<EOF > $rootfs/etc/network/interfaces
#auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
EOF
# set the hostname
# missing device nodes
echo "Setting up device nodes"
# start services
return 0
}
path=$1
rootfs=$2
hostname=$3
fi
lxc_network_link_line="# lxc.network.link = br0"
break
fi
done
cat <<EOF >> $path/config
lxc.network.type = veth
$lxc_network_link_line
lxc.network.flags = up
EOF
fi
# if there is exactly one veth network entry, make sure it has an
# associated mac address.
fi
cat <<EOF >> $path/config
lxc.tty = 4
lxc.pts = 1024
lxc.utsname = $hostname
lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
# devices
lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rm
# mounts point
lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry=run run tmpfs nodev,noexec,nosuid,relatime,size=1m,mode=0755 0 0
lxc.mount.entry=none dev/pts devpts gid=5,mode=620 0 0
EOF
return 0
}
echo "$@" >&2
exit 1
}
cat >&2 <<EOF
Usage: $(basename $0) [-h|--help] [-r|--repository <url>]
[-R|--release <release>] [-a|--arch <arch>]
[--rootfs <rootfs>] -p|--path <path> -n|--name <name>
[PKG...]
EOF
}
exit 1
}
if [ -z "$2" ]; then
usage_err "option '$1' requires an argument"
fi
}
while [ $# -gt 0 ]; do
opt="$1"
shift
-h|--help)
exit 0
;;
-n|--name)
name=$1
shift
;;
--rootfs)
rootfs=$1
shift
;;
-p|--path)
path=$1
shift
;;
-r|--repository)
repository=$1
shift
;;
-R|--release)
release=$1
shift
;;
-a|--arch)
arch=$1
shift
;;
--)
break;;
--*=*)
# split --myopt=foo=bar into --myopt foo=bar
;;
-?)
;;
-*)
# split opts -abc into -a -b -c
;;
esac
done
if [ -z "${path}" ]; then
path="${default_path}/${name}"
fi
if [ -z "$rootfs" ]; then
if [ -z "$rootfs" ]; then
rootfs="${path}/rootfs"
fi
fi
i[3-6]86)
x86)
x86_64|"") ;;
esac
fi
copy_configuration "$path" "$rootfs" "$name"