lxc-archlinux.in revision 99cbd2996bd5cebf1869c2f7637f6c9fc2004849
58N/A#!/bin/bash
58N/A
58N/A#
58N/A# template script for generating Arch Linux container for LXC
58N/A#
58N/A
58N/A#
58N/A# lxc: linux Container library
58N/A
58N/A# Authors:
58N/A# Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com>
58N/A# John Lane <lxc@jelmail.com>
58N/A
58N/A# This library is free software; you can redistribute it and/or
58N/A# modify it under the terms of the GNU Lesser General Public
58N/A# License as published by the Free Software Foundation; either
58N/A# version 2.1 of the License, or (at your option) any later version.
58N/A
58N/A# This library is distributed in the hope that it will be useful,
58N/A# but WITHOUT ANY WARRANTY; without even the implied warranty of
58N/A# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1186N/A# Lesser General Public License for more details.
1186N/A
1186N/A# You should have received a copy of the GNU Lesser General Public
1186N/A# License along with this library; if not, write to the Free Software
1186N/A# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
1186N/A
1186N/A# Detect use under userns (unsupported)
1186N/Afor arg in "$@"; do
1186N/A [ "$arg" = "--" ] && break
1186N/A if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
1186N/A echo "This template can't be used for unprivileged containers." 1>&2
1186N/A echo "You may want to try the \"download\" template instead." 1>&2
1186N/A exit 1
1186N/A fi
1186N/Adone
1186N/A
1186N/A# Make sure the usual locations are in PATH
1186N/Aexport PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
1186N/A
1186N/A# defaults
1186N/Aarch=$(uname -m)
1186N/Adefault_path="@LXCPATH@"
1186N/Adefault_locale="en-US.UTF-8"
1186N/Adefault_timezone="UTC"
1186N/Apacman_config="/etc/pacman.conf"
1186N/Ashared_config="@LXCTEMPLATECONFIG@/archlinux.common.conf"
1186N/A
1186N/A# by default, install 'base' except the kernel
1186N/Apkg_blacklist="linux"
1186N/Abase_packages=()
1186N/Afor pkg in $(pacman -Sqg base); do
1186N/A [ "${pkg_blacklist#*$pkg}" = "$pkg_blacklist" ] && base_packages+=($pkg)
1186N/Adone
1186N/Adeclare -a additional_packages
1186N/A
1186N/A# split comma-separated string into an array
1186N/A# ${1} - string to split
1186N/A# ${2} - separator (default is ",")
1186N/A# ${result} - result value on success
1186N/Asplit_string() {
1186N/A local ifs=${IFS}
1186N/A IFS="${2:-,}"
read -a result < <(echo "${1}")
IFS=${ifs}
return 0
}
[ -f /etc/arch-release ] && is_arch=true
# Arch-specific preconfiguration for container
configure_arch() {
# on ArchLinux, read defaults from host systemd configuration
if [ "${is_arch}" ]; then
cp -p /etc/locale.conf /etc/locale.gen "${rootfs_path}/etc/"
else
echo "LANG=${default_lang}" > "${rootfs_path}/etc/locale.conf"
if [ -e "${rootfs_path}/etc/locale.gen" ]; then
sed -i 's@^#\(en_US\.UTF-8\)@\1@' "${rootfs_path}/etc/locale.gen"
if [ ! "${default_locale}" = "en_US.UTF-8" ]; then
echo "${default_locale} ${default_locale##*.}" >> \
"${rootfs_path}/etc/locale.gen"
fi
fi
fi
# hostname and nameservers
echo "${name}" > "${rootfs_path}/etc/hostname"
while read r; do
[ "${r#nameserver}" = "$r" ] || echo "$r"
done < /etc/resolv.conf > "${rootfs_path}/etc/resolv.conf"
# chroot and configure system
arch-chroot "${rootfs_path}" /bin/bash -s << EOF
mkdir /run/lock
locale-gen
ln -s /usr/share/zoneinfo/${default_timezone} /etc/localtime
# set default boot target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# override getty@.service for container ttys
sed -e 's/^ConditionPathExists=/# ConditionPathExists=/' \
-e 's/After=dev-%i.device/After=/' \
< /lib/systemd/system/getty\@.service \
> /etc/systemd/system/getty\@.service
# initialize pacman keyring
pacman-key --init
pacman-key --populate archlinux
EOF
# enable getty on active ttys
nttys=$(grep lxc.tty ${config_path}/config | cut -d= -f 2 | tr -d "[:blank:]")
if [ ${nttys:-0} -gt 1 ]; then
( cd ${rootfs_path}/etc/systemd/system/getty.target.wants
for i in $(seq 1 $nttys); do ln -sf ../getty\@.service getty@tty${i}.service; done )
fi
[ ${nttys:-0} -gt 6 ] && echo \
"You may want to modify container's /etc/securetty \
file to allow root logins on tty7 and higher"
return 0
}
# write container configuration files
copy_configuration() {
mkdir -p "${config_path}"
local config="${config_path}/config"
echo "lxc.utsname = ${name}" >> "${config}"
grep -q "^lxc.arch" "${config}" 2>/dev/null \
|| echo "lxc.arch = ${arch}" >> "${config}"
grep -q "^lxc.rootfs" "${config}" 2>/dev/null \
|| echo "lxc.rootfs = ${rootfs_path}" >> "${config}"
[ -e "${shared_config}" ] \
&& echo "lxc.include = ${shared_config}" >> "${config}"
if [ $? -ne 0 ]; then
echo "Failed to configure container"
return 1
fi
return 0
}
# install packages within container chroot
install_arch() {
[ "${arch}" != "$(uname -m)" ] && different_arch=true
if [ "${different_arch}" = "true" ]; then
container_pacman_config=$(mktemp)
container_mirrorlist=$(mktemp)
sed -e "s:Architecture =.*:Architecture = ${arch}:g" \
-e "s:/etc/pacman.d/mirrorlist:${container_mirrorlist}:g" \
"${pacman_config}" > "${container_pacman_config}"
sed -e "s:\(x86_64\|\$arch\):${arch}:g" \
/etc/pacman.d/mirrorlist > "${container_mirrorlist}"
pacman_config="${container_pacman_config}"
fi
if ! pacstrap -dcGC "${pacman_config}" "${rootfs_path}" \
${base_packages[@]}; then
echo "Failed to install container packages"
return 1
fi
if [ "${different_arch}" = "true" ]; then
sed -i -e "s:Architecture =.*:Architecture = ${arch}:g" \
"${rootfs_path}"/etc/pacman.conf
cp "${container_mirrorlist}" "${rootfs_path}"/etc/pacman.d/mirrorlist
rm "${container_pacman_config}" "${container_mirrorlist}"
fi
[ -d "${rootfs_path}/lib/modules" ] && ldconfig -r "${rootfs_path}"
return 0
}
usage() {
cat <<EOF
usage:
${1} -n|--name=<container_name> [-p|--path=<path>] [-a|--arch=<arch of the container>]
[-r|--root_password=<root password>] [-P|--packages=<pkg1,pkg2,...>]
[-e|--enable_units=unit1,unit2...] [-d|--disable_units=unit1,unit2...]
[-c|--config=<pacman config path>] [-h|--help]
Mandatory args:
-n,--name container name, used to as an identifier for that container from now on
Optional args:
-p,--path path to where the container rootfs will be created (${default_path})
--rootfs path for actual container rootfs, (${default_path/rootfs)
-P,--packages preinstall additional packages, comma-separated list
-e,--enable_units enable systemd services, comma-separated list
-d,--disable_units disable systemd services, comma-separated list
-c,--config use specified pacman config when installing container packages
-a,--arch use specified architecture instead of host's architecture
-r,--root_password set container root password
-h,--help print this help
EOF
return 0
}
options=$(getopt -o hp:P:e:d:n:c:a:r: -l help,rootfs:,path:,packages:,enable_units:,disable_units:,name:,config:,arch:,root_password: -- "${@}")
if [ ${?} -ne 0 ]; then
usage $(basename ${0})
exit 1
fi
eval set -- "${options}"
while true
do
case "${1}" in
-h|--help) usage ${0} && exit 0;;
-p|--path) path=${2}; shift 2;;
-n|--name) name=${2}; shift 2;;
--rootfs) rootfs_path=${2}; shift 2;;
-P|--packages) additional_packages=${2}; shift 2;;
-e|--enable_units) enable_units=${2}; shift 2;;
-d|--disable_units) disable_units=${2}; shift 2;;
-c|--config) pacman_config=${2}; shift 2;;
-a|--arch) arch=${2}; shift 2;;
-r|--root_password) root_passwd=${2}; shift 2;;
--) shift 1; break ;;
*) break ;;
esac
done
if [ -z "${name}" ]; then
echo "missing required 'name' parameter"
exit 1
fi
type pacman >/dev/null 2>&1
if [ ${?} -ne 0 ]; then
echo "'pacman' command is missing, refer to wiki.archlinux.org for information about installing pacman"
exit 1
fi
if [ -z "${path}" ]; then
path="${default_path}/${name}"
fi
if [ "${EUID}" != "0" ]; then
echo "This script should be run as 'root'"
exit 1
fi
if [ -z "$rootfs_path" ]; then
rootfs_path="${path}/rootfs"
fi
config_path="${path}"
revert() {
echo "Interrupted, cleaning up"
lxc-destroy -n "${name}"
rm -rf "${path}/${name}"
rm -rf "${default_path}/${name}"
exit 1
}
trap revert SIGHUP SIGINT SIGTERM
copy_configuration
if [ ${?} -ne 0 ]; then
echo "failed to write configuration file"
rm -rf "${config_path}"
exit 1
fi
if [ ${#additional_packages[@]} -gt 0 ]; then
split_string ${additional_packages}
base_packages+=(${result[@]})
fi
mkdir -p "${rootfs_path}"
install_arch
if [ ${?} -ne 0 ]; then
echo "failed to install Arch Linux"
rm -rf "${config_path}" "${path}"
exit 1
fi
configure_arch
if [ ${?} -ne 0 ]; then
echo "failed to configure Arch Linux for a container"
rm -rf "${config_path}" "${path}"
exit 1
fi
if [ ${#enable_units[@]} -gt 0 ]; then
split_string ${enable_units}
for unit in ${result[@]}; do
[ "${unit##*.}" = "service" ] || unit="${unit}.service"
ln -s "/usr/lib/systemd/system/${unit}" \
"${rootfs_path}/etc/systemd/system/multi-user.target.wants/"
done
fi
if [ ${#disable_units[@]} -gt 0 ]; then
split_string ${disable_units}
for unit in ${result[@]}; do
[ "${unit##*.}" = "service" ] || unit="${unit}.service"
ln -s /dev/null "${rootfs_path}/etc/systemd/system/${unit}"
done
fi
if [ -n "${root_passwd}" ]; then
echo "root:${root_passwd}" | chroot "${rootfs_path}" chpasswd
fi
cat << EOF
Arch Linux container ${name} is successfully created! The configuration is
stored in ${config_path}/config. Please refer to https://wiki.archlinux.org for
information about configuring Arch Linux.
EOF