lxc-archlinux.in revision c194ffc100f488b08bae2d0df417fa9ffc507c7c
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# template script for generating Arch Linux container for LXC
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# lxc: linux Container library
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# Alexander Vladimirov <alexander.idkfa.vladimirov@gmail.com>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# John Lane <lxc@jelmail.com>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# This library is free software; you can redistribute it and/or
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# modify it under the terms of the GNU Lesser General Public
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# License as published by the Free Software Foundation; either
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# version 2.1 of the License, or (at your option) any later version.
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# This library is distributed in the hope that it will be useful,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# but WITHOUT ANY WARRANTY; without even the implied warranty of
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# Lesser General Public License for more details.
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# You should have received a copy of the GNU Lesser General Public
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# License along with this library; if not, write to the Free Software
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# Detect use under userns (unsupported)
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "This template can't be used for unprivileged containers." 1>&2
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "You may want to try the \"download\" template instead." 1>&2
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# Make sure the usual locations are in PATH
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherexport PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghershared_config="@LXCTEMPLATECONFIG@/archlinux.common.conf"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# by default, install 'base' except the kernel
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher [ "${pkg_blacklist#*$pkg}" = "$pkg_blacklist" ] && base_packages+=($pkg)
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# split comma-separated string into an array
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# ${1} - string to split
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# ${2} - separator (default is ",")
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# ${result} - result value on success
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# Arch-specific preconfiguration for container
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher # on ArchLinux, read defaults from host systemd configuration
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher cp -p /etc/locale.conf /etc/locale.gen "${rootfs_path}/etc/"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "LANG=${default_lang}" > "${rootfs_path}/etc/locale.conf"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher if [ -e "${rootfs_path}/etc/locale.gen" ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher sed -i 's@^#\(en_US\.UTF-8\)@\1@' "${rootfs_path}/etc/locale.gen"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher if [ ! "${default_locale}" = "en_US.UTF-8" ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "${default_locale} ${default_locale##*.}" >> \
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "${name}" > "${rootfs_path}/etc/hostname"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher while read r; do
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher done < /etc/resolv.conf > "${rootfs_path}/etc/resolv.conf"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher arch-chroot "${rootfs_path}" /bin/bash -s << EOF
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghermkdir /run/lock
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherln -s /usr/share/zoneinfo/${default_timezone} /etc/localtime
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# set default boot target
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# override getty@.service for container ttys
e4c29d1f8e3b2c2b268105f169e5156a0a36aebfOndrej Kossed -e 's/^ConditionPathExists=/# ConditionPathExists=/' \
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher -e 's/After=dev-%i.device/After=/' \
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher < /lib/systemd/system/getty\@.service \
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher > /etc/systemd/system/getty\@.service
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher nttys=$(grep lxc.tty ${config_path}/config | cut -d= -f 2 | tr -d "[:blank:]")
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher if [ ${nttys:-0} -gt 1 ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher ( cd ${rootfs_path}/etc/systemd/system/getty.target.wants
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher for i in $(seq 1 $nttys); do ln -sf ../getty\@.service getty@tty${i}.service; done )
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher [ ${nttys:-0} -gt 6 ] && echo \
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher "You may want to modify container's /etc/securetty \
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher file to allow root logins on tty7 and higher"
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher# write container configuration files
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher echo "lxc.utsname = ${name}" >> "${config}"
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher grep -q "^lxc.arch" "${config}" 2>/dev/null \
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher || echo "lxc.arch = ${arch}" >> "${config}"
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher grep -q "^lxc.rootfs" "${config}" 2>/dev/null \
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher || echo "lxc.rootfs = ${rootfs_path}" >> "${config}"
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher && echo "lxc.include = ${shared_config}" >> "${config}"
346f41f1ede975cb2db0af570f5b454b9b306704Stephen Gallagher if [ $? -ne 0 ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher# install packages within container chroot
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher [ "${arch}" != "$(uname -m)" ] && different_arch=true
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny sed -e "s:Architecture =.*:Architecture = ${arch}:g" \
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -e "s:/etc/pacman.d/mirrorlist:${container_mirrorlist}:g" \
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny "${pacman_config}" > "${container_pacman_config}"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny /etc/pacman.d/mirrorlist > "${container_mirrorlist}"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny if ! pacstrap -dcGC "${pacman_config}" "${rootfs_path}" \
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny sed -i -e "s:Architecture =.*:Architecture = ${arch}:g" \
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny cp "${container_mirrorlist}" "${rootfs_path}"/etc/pacman.d/mirrorlist
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny rm "${container_pacman_config}" "${container_mirrorlist}"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny [ -d "${rootfs_path}/lib/modules" ] && ldconfig -r "${rootfs_path}"
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal Zidek ${1} -n|--name=<container_name> [-p|--path=<path>] [-a|--arch=<arch of the container>] [-r|--root_password=<root password>]
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal Zidek [-P|--packages=<pkg1,pkg2,...>] [-e|--enable_units=unit1,unit2...] [-c|--config=<pacman config path>] [-h|--help]
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal ZidekMandatory args:
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal Zidek -n,--name container name, used to as an identifier for that container from now on
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal ZidekOptional args:
4a1e58d85409fbb7a12ac244c3dbef8c0c1b15dfMichal Zidek -p,--path path to where the container rootfs will be created (${default_path})
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny --rootfs path for actual container rootfs, (${default_path/rootfs)
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -P,--packages preinstall additional packages, comma-separated list
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -e,--enable_units enable systemd services, comma-separated list
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -d,--disable_units disable systemd services, comma-separated list
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -c,--config use specified pacman config when installing container packages
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -a,--arch use specified architecture instead of host's architecture
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -r,--root_password set container root password
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -h,--help print this help
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zelenyoptions=$(getopt -o hp:P:e:d:n:c:a:r: -l help,rootfs:,path:,packages:,enable_units:,disable_units:,name:,config:,arch:,root_password: -- "${@}")
b096321a5a02dda0b6b71ba0f9c4d8feacd979e4Michal Zidekeval set -- "${options}"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -P|--packages) additional_packages=${2}; shift 2;;
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny -d|--disable_units) disable_units=${2}; shift 2;;
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny --) shift 1; break ;;
9ab243b369ba317cc964080786dbcdebaf23d6beMichal Zidekif [ -z "${name}" ]; then
9ab243b369ba317cc964080786dbcdebaf23d6beMichal Zidek echo "missing required 'name' parameter"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "'pacman' command is missing, refer to wiki.archlinux.org for information about installing pacman"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherif [ -z "${path}" ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "This script should be run as 'root'"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherif [ -z "$rootfs_path" ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "failed to write configuration file"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherif [ ${#additional_packages[@]} -gt 0 ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "failed to install Arch Linux"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher echo "failed to configure Arch Linux for a container"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherif [ ${#enable_units[@]} -gt 0 ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher [ "${unit##*.}" = "service" ] || unit="${unit}.service"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny "${rootfs_path}/etc/systemd/system/multi-user.target.wants/"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherif [ ${#disable_units[@]} -gt 0 ]; then
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher [ "${unit##*.}" = "service" ] || unit="${unit}.service"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher ln -s /dev/null "${rootfs_path}/etc/systemd/system/${unit}"
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zelenyif [ -n "${root_passwd}" ]; then
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny echo "root:${root_passwd}" | chroot "${rootfs_path}" chpasswd
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen GallagherArch Linux container ${name} is successfully created! The configuration is
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherstored in ${config_path}/config. Please refer to https://wiki.archlinux.org for
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherinformation about configuring Arch Linux.