lxc/templates/lxc-opensuse.in

	lxc-opensuse.in revision a7273db9f87f59815d36c3eca4d4501304ae84b2
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch#!/bin/bash
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen#
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# template script for generating suse container for LXC
bdd36cfdba3ff66d25570a9ff568d69e1eb543cfTimo Sirainen#
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen#
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# lxc: linux Container library
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen# Authors:
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# Daniel Lezcano <daniel.lezcano@free.fr>
9522aa5f33cc37fe8ccd0d647cc51dd3ba6a9b55Timo Sirainen# Frederic Crozat <fcrozat@suse.com>
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# This library is free software; you can redistribute it and/or
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# modify it under the terms of the GNU Lesser General Public
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# License as published by the Free Software Foundation; either
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# version 2.1 of the License, or (at your option) any later version.
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# This library is distributed in the hope that it will be useful,
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# but WITHOUT ANY WARRANTY; without even the implied warranty of
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# Lesser General Public License for more details.
f158d9a303bb15a6848ca276c9391c7ca52e452bTimo Sirainen
f158d9a303bb15a6848ca276c9391c7ca52e452bTimo Sirainen# You should have received a copy of the GNU Lesser General Public
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# License along with this library; if not, write to the Free Software
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo SirainenDISTRO=12.2
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainenconfigure_opensuse()
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen{
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen    rootfs=$1
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen    hostname=$2
b44033e45e9f48f8a6e1ac5905234fec5de6d6ccAki Tuomi
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen   # set network as static, but everything is done by LXC outside the container
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen   cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo SirainenSTARTMODE='auto'
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo SirainenBOOTPROTO='none'
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo SirainenEOF
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen   # create empty fstab
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen   touch $rootfs/etc/fstab
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    # set the hostname
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    cat <<EOF > $rootfs/etc/HOSTNAME
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen$hostname
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo SirainenEOF
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen    # ensure /etc/hostname is available too
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen    ln -s -f HOSTNAME $rootfs/etc/hostname
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    # do not use hostname from HOSTNAME variable
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    cat <<EOF >> $rootfs/etc/sysconfig/cron
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenunset HOSTNAME
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo SirainenEOF
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
11ee3b40320a31669bd717fecbe1e332dad4fd84Timo Sirainen    # set minimal hosts
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    cat <<EOF > $rootfs/etc/hosts
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen127.0.0.1 localhost $hostname
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo SirainenEOF
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    # disable various services
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    # disable yast->bootloader in container
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    cat <<EOF > $rootfs/etc/sysconfig/bootloader
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo SirainenLOADER_TYPE=none
cf9d67e4a9bfee31cf3be05244555d51a3d1b9feTimo SirainenLOADER_LOCATION=none
09060303d565e15d54e42b4ef722f9d3c26f5336Timo SirainenEOF
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    # set /dev/console as securetty
093b42b11c1236a687d3da564b26a324e2189ae6Timo Sirainen    cat << EOF >> $rootfs/etc/securetty
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenconsole
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo SirainenEOF
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    cat <<EOF >> $rootfs/etc/sysconfig/boot
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# disable root fsck
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo SirainenROOTFS_FSCK="0"
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo SirainenROOTFS_BLKDEV="/dev/null"
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo SirainenEOF
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    # remove pointless services in a container
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    ln -s /dev/null $rootfs/etc/systemd/system/proc-sys-fs-binfmt_misc.automount
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    ln -s /dev/null $rootfs/etc/systemd/system/console-shell.service
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    ln -s /dev/null $rootfs/etc/systemd/system/systemd-vconsole-setup.service
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    ln -s /lib/systemd/system/getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@console.service
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    touch $rootfs/etc/sysconfig/kernel
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
b44033e45e9f48f8a6e1ac5905234fec5de6d6ccAki Tuomi    echo "Please change root-password !"
b44033e45e9f48f8a6e1ac5905234fec5de6d6ccAki Tuomi    echo "root:root" | chpasswd -R $rootfs
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    return 0
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen}
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainendownload_opensuse()
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen{
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    cache=$1
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    arch=$2
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    if [ ! -x /usr/bin/build ]; then
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen       echo "Could not create openSUSE template :"
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen       echo "you need to install \"build\" package"
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen       return 1
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    fi
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    # check the mini opensuse was not already downloaded
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    mkdir -p "$cache/partial-$arch"
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    if [ $? -ne 0 ]; then
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen        echo "Failed to create '$cache/partial-$arch' directory"
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen        return 1
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    fi
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    # download a mini opensuse into a cache
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen    echo "Downloading opensuse minimal ..."
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    mkdir -p "$cache/partial-$arch-packages"
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update
8b16d3b00f051401c97568697ccdbba48663759aTimo Sirainen    zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base iputils
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    cat > $cache/partial-$arch-packages/opensuse.conf << EOF
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: aaa_base bash coreutils diffutils
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: filesystem fillup glibc grep insserv
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: libbz2-1 libgcc47 libncurses5 pam
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: permissions libreadline6 rpm sed tar zlib libselinux1
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: liblzma5 libcap2 libacl1 libattr1
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: libpopt0 libelf1 liblua5_1
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenPreinstall: libpcre1
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenRunScripts: aaa_base
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: zypper
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: patterns-openSUSE-base
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: lxc
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: ncurses-utils
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: iputils
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: udev
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: netcfg
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: dhcpcd hwinfo insserv module-init-tools openSUSE-release openssh
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenSupport: pwdutils rpcbind sysconfig rsyslog
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenIgnore: rpm:suse-build-key,build-key
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenIgnore: systemd:systemd-presets-branding
ad404d294fedf792619aed432ed8de5174e9ce7cTimo SirainenEOF
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    if [ "$arch" == "i686" ]; then
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i586/*" ; do
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        done
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/update/i586/*" ; do
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686/
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    done
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    fi
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" PATH="$PATH:/usr/lib/build" /usr/lib/build/init_buildsystem  --clean --configdir /usr/lib/build/configs --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen#   really clean the image
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    rm -fr $cache/partial-$arch/dev
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen#    make sure we have a minimal /dev
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    mkdir -p "$cache/partial-$arch/dev"
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    mknod -m 666 $cache/partial-$arch/dev/null c 1 3
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen#   create mtab symlink
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    rm -f $cache/partial-$arch/etc/mtab
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen# ensure /var/run and /run are symlinked
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    rm -fr $cache/partial-$arch/var/run
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    ln -s -f ../run $cache/partial-$arch/var/run
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen    if [ $? -ne 0 ]; then
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen        echo "Failed to download the rootfs, aborting."
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen        return 1
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    fi
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    rm -fr "$cache/partial-$arch-packages"
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    mv "$1/partial-$arch" "$1/rootfs-$arch"
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    echo "Download complete."
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
8c2b4a45f17a5cb13bb01058ca37798cf48d91baTimo Sirainen    return 0
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen}
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainencopy_opensuse()
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen{
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    cache=$1
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    arch=$2
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    rootfs=$3
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    # make a local copy of the mini opensuse
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    echo -n "Copying rootfs to $rootfs ..."
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    mkdir -p $rootfs
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    return 0
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen}
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Siraineninstall_opensuse()
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen{
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    cache="@LOCALSTATEDIR@/cache/lxc/opensuse"
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen    rootfs=$1
8c2b4a45f17a5cb13bb01058ca37798cf48d91baTimo Sirainen    mkdir -p @LOCALSTATEDIR@/lock/subsys/
8c2b4a45f17a5cb13bb01058ca37798cf48d91baTimo Sirainen    (
8c2b4a45f17a5cb13bb01058ca37798cf48d91baTimo Sirainen        flock -x 200
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        if [ $? -ne 0 ]; then
4fda77c9e9fc68feb292c4dacae1fac49dd08165Timo Sirainen            echo "Cache repository is busy."
8c2b4a45f17a5cb13bb01058ca37798cf48d91baTimo Sirainen            return 1
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        fi
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        arch=$(arch)
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen
ad404d294fedf792619aed432ed8de5174e9ce7cTimo Sirainen        echo "Checking cache download in $cache/rootfs-$arch ... "
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen        if [ ! -e "$cache/rootfs-$arch" ]; then
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen            download_opensuse $cache $arch
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen            if [ $? -ne 0 ]; then
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen                echo "Failed to download 'opensuse base'"
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen                return 1
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen            fi
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen        fi
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen        echo "Copy $cache/rootfs-$arch to $rootfs ... "
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        copy_opensuse $cache $arch $rootfs
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        if [ $? -ne 0 ]; then
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen            echo "Failed to copy rootfs"
009217abb57a24a4076092e8e4e165545747839eStephan Bosch            return 1
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen
49ec317299dedfbc27be79ab97d5b7a8ba7a4eacTimo Sirainen        return 0
009217abb57a24a4076092e8e4e165545747839eStephan Bosch    ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    return $?
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen}
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainencopy_configuration()
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen{
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    path=$1
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    rootfs=$2
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen    name=$3
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    if grep -q "^lxc.network.type" $path/config; then
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    TYPE=$(sed '/^#/d; /lxc.network.type/!d; s/.*=[ \t]*//' $path/config)
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    grep -q "^lxc.network.ipv4" $path/config
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen    IPV4_NOT_CONFIGURED=$?
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    if [ ! grep -q "^lxc.network.*.gateway" $path/config ]; then
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        [ $IPV4_NOT_CONFIGURED -eq 0 ] && IPV4=$(sed '/^#/d; /lxc.network.ipv4/!d; /gateway/d; s/.*=[ \t]*//; s/\([[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\).*/\1/' $path/config)
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        if [ "$TYPE" = "veth" -o "$TYPE" = "macvlan" ]; then
009217abb57a24a4076092e8e4e165545747839eStephan Bosch        if [ $IPV4_NOT_CONFIGURED -eq 0 -a "$IPV4" != "0.0.0.0" ]; then
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen            # set default route
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen            IP=$(/sbin/ip route | awk '/default/ { print $3 }')
49ec317299dedfbc27be79ab97d5b7a8ba7a4eacTimo Sirainen            echo "lxc.network.ipv4.gateway = $IP " >> $path/config
009217abb57a24a4076092e8e4e165545747839eStephan Bosch        else
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen            # set network as dhcp
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen            sed -i -e 's/BOOTPROTO=.*/BOOTPROTO=dhcp/' $rootfs/etc/sysconfig/network/ifcfg-eth0
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    if [ "$TYPE" != "empty" ]; then
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        echo "#remove next line if host DNS configuration should not be available to container" >> $path/config
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen        echo "lxc.mount.entry = /etc/resolv.conf etc/resolv.conf none bind,ro 0 0" >> $path/config
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen    fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    else
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    echo 'lxc.network.type = empty' >> $path/config
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen    fi
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainen    cat <<EOF >> $path/config
e4194f4703eeec32b432371ae30fc8f25ab720d8Timo Sirainenlxc.utsname = $name
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainenlxc.autodev=1
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainenlxc.tty = 4
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainenlxc.pts = 1024
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenlxc.mount = $path/fstab
cf9d67e4a9bfee31cf3be05244555d51a3d1b9feTimo Sirainenlxc.cap.drop = sys_module mac_admin mac_override mknod
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen# When using LXC with apparmor, uncomment the next line to run unconfined:
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen#lxc.aa_profile = unconfined
8ae72ad7d0c69e972cfa65d1e2ce4e3e9a8b765cTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenlxc.cgroup.devices.deny = a
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen# /dev/null and zero
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 1:3 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 1:5 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen# consoles
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 5:1 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 5:0 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 4:0 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainenlxc.cgroup.devices.allow = c 4:1 rwm
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen# /dev/{,u}random
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainenlxc.cgroup.devices.allow = c 1:9 rwm
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainenlxc.cgroup.devices.allow = c 1:8 rwm
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainenlxc.cgroup.devices.allow = c 136:* rwm
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainenlxc.cgroup.devices.allow = c 5:2 rwm
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen# rtc
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenlxc.cgroup.devices.allow = c 254:0 rwm
8ae72ad7d0c69e972cfa65d1e2ce4e3e9a8b765cTimo SirainenEOF
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    cat <<EOF > $path/fstab
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenproc            proc         proc   nodev,noexec,nosuid 0 0
cf9d67e4a9bfee31cf3be05244555d51a3d1b9feTimo Sirainensysfs           sys          sysfs  defaults  0 0
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainentmpfs           run          tmpfs  mode=0755,nodev,nosuid 0 0
a4502a71879d6018bd2c64f13614bb619911dd9fTimo SirainenEOF
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    if [ $? -ne 0 ]; then
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen        echo "Failed to add configuration"
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen        return 1
9058f3006fffd25835ad701e1b2c3c8faafd3c80Timo Sirainen    fi
9058f3006fffd25835ad701e1b2c3c8faafd3c80Timo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    return 0
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen}
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainenclean()
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen{
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen    cache="@LOCALSTATEDIR@/cache/lxc/opensuse"
8ae72ad7d0c69e972cfa65d1e2ce4e3e9a8b765cTimo Sirainen
b3abfd0ac256ffa0cbfd74c3793eac4e83d41f78Martti Rannanjärvi    if [ ! -e $cache ]; then
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen        exit 0
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen    fi
09060303d565e15d54e42b4ef722f9d3c26f5336Timo Sirainen
0a53eb0283d7ec28c6105f61e118b96fce8ecb95Timo Sirainen    # lock, so we won't purge while someone is creating a repository
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    (
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen        flock -x 200
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen        if [ $? != 0 ]; then
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen            echo "Cache repository is busy."
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen            exit 1
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen        fi
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen        echo -n "Purging the download cache..."
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen        rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen        exit 0
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen    ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen}
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainenusage()
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen{
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen    cat <<EOF
a4502a71879d6018bd2c64f13614bb619911dd9fTimo Sirainen$1 -h|--help -p|--path=<path> --clean
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo SirainenEOF
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen    return 0
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen}
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenoptions=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenif [ $? -ne 0 ]; then
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen    usage $(basename $0)
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen    exit 1
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenfi
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Siraineneval set -- "$options"
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainenwhile true
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainendo
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen    case "$1" in
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen        -h|--help)      usage $0 && exit 0;;
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen        -p|--path)      path=$2; shift 2;;
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen        -n|--name)      name=$2; shift 2;;
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen        -c|--clean)     clean=$2; shift 2;;
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen        --)             shift 1; break ;;
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen        *)              break ;;
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen    esac
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainendone
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainenif [ ! -z "$clean" -a -z "$path" ]; then
28789c7ce1aa66ab21798bfb73ec64308b9a4de8Timo Sirainen    clean || exit 1
b3abfd0ac256ffa0cbfd74c3793eac4e83d41f78Martti Rannanjärvi    exit 0
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenfi
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainentype zypper > /dev/null
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenif [ $? -ne 0 ]; then
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    echo "'zypper' command is missing"
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainen    exit 1
a5ddfd7a8b473f73135b93d5e081e470a87f0f7eTimo Sirainenfi
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenif [ -z "$path" ]; then
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    echo "'path' parameter is required"
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    exit 1
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenfi
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenif [ "$(id -u)" != "0" ]; then
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    echo "This script should be run as 'root'"
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen    exit 1
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenfi
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainen# detect rootfs
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenconfig="$path/config"
68f7668b9315dd6c9e3d61c04d6da08e1ac3624fTimo Sirainenif grep -q '^lxc.rootfs' $config 2>/dev/null ; then
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainenelse
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen    rootfs=$path/rootfs
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenfi
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Siraineninstall_opensuse $rootfs
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenif [ $? -ne 0 ]; then
892e25e1c0caad62ced087d9eba2741a59e3d9ceTimo Sirainen    echo "failed to install opensuse"
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainen    exit 1
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainenfi
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen
cf9d67e4a9bfee31cf3be05244555d51a3d1b9feTimo Sirainenconfigure_opensuse $rootfs $name
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenif [ $? -ne 0 ]; then
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainen    echo "failed to configure opensuse for a container"
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    exit 1
0a53eb0283d7ec28c6105f61e118b96fce8ecb95Timo Sirainenfi
0a53eb0283d7ec28c6105f61e118b96fce8ecb95Timo Sirainen
e2a88d59c0d47d63ce1ad5b1fd95e487124a3fd4Timo Sirainencopy_configuration $path $rootfs $name
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenif [ $? -ne 0 ]; then
3c3001681da75afc68578a180ec8f8b2d6dfacfaTimo Sirainen    echo "failed write configuration file"
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainen    exit 1
2670cd577aa57eb9f915a4f4220ae48c9b4fc5fbTimo Sirainenfi
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainen
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainenif [ ! -z $clean ]; then
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainen    clean || exit 1
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainen    exit 0
9ffd3c8ca82bd2af8ca4f7e167339820ddcf1fe3Timo Sirainenfi
5e9bb72de1209cd39fdf3e95bdb26e047cc5594eTimo Sirainen