Source

lxc-vectorlinux / src / lxc-vector

Full commit
#!/bin/bash

VL_ARCH=${VL_ARCH:-"i586"}
VL_VERSION=${VL_VERSION:-"7.0"}
SYSFILES="file:///home/vluser/lxc-vectorlinux"

if [ "$VL_ARCH"=="i?86" ]; then
	REPO_RELDIR="veclinux-$VL_VERSION"
elif [ "$VL_ARCH"=="x86_64" ]; then
	REPO_RELDIR="VL64-$VL_VERSION"
else
	REPO_RELDIR="unknown"
fi

function install_vector() {
	path=$1
	name=$2
	_CACHE=$path/cache 
	mkdir -p $_CACHE || exit 1
	_SLAPTGETRC=${_SLAPTGETRC:-"$_CACHE/slapt-getrc.lxc"}
	_ROOT=$path/rootfs

	# Download the system files we will need to replace
	#if [ "$SYSFILES"=="file://*" ]; then
#		echo "$SYSFILES" | sed -s "|file:\/\/||g"
	for sfile in rc.S rc.6 rc.M rc.inet1 inittab; do
		(cd $_CACHE
		if [ "$SYSFILES"=="file:*" ]; then
			fpath=$(echo "$SYSFILES" | cut -f 3- -d /)/$sfile
			#fpath=$(sed 's "|file:\/\/||g" $SYSFILES) #$(echo $SYSFILES | sed -s '|file:||')
			cp $fpath .
		else
			wget $SYSFILES/$file
		fi
		)
	done

cat <<FIN > $_SLAPTGETRC
WORKINGDIR=$_CACHE/veclinux/packages
EXCLUDE=kernel,kernel-ide,kernel-source,kernel-headers,kernel-modules
SOURCE=http://vectorlinux.osuosl.org/$REPO_RELDIR/packages
FIN

PKGLIST="aaa_base \
aaa_elflibs \
aaa_terminfo \
bash \
bin \
bzip2 \
coreutils \
dhcpcd \
dialog \
diffutils \
e2fsprogs \
nano \
etc \
findutils \
gawk \
glibc-solibs \
gnupg \
grep \
gzip \
iputils \
logrotate \
net-tools \
network-scripts \
ncurses \
openssh \
pkgtools-tukaani \
procps \
sed \
shadow \
sharutils \
sysklogd \
sysvinit \
sysvinit-functions \
tar \
udev \
util-linux \
wget \
which \
xz \
slapt-get openssl curl gpgme libgpg-error libassuan \
cyrus-sasl traceroute mingetty"


mkdir -p $_ROOT/rootfs
# Clean out previous installs
rm -fR $_ROOT/*

# Update slapt-get 
slapt-get -c $_SLAPTGETRC -u || exit 1

# Download the stuff
for component in $PKGLIST; do
	slapt-get -c $_SLAPTGETRC -i -d --no-dep --reinstall $component || exit 1
done

# Install the stuff
for component in $PKGLIST; do
	# find $_CACHE -name '$component-*.t?z' -exec installpkg -R $_ROOT {} || exit 1 \;
	installpkg -R $_ROOT $_CACHE/veclinux/packages/*/$component-*.t?z || exit 1
done

# install the stuff from cache
for file in rc.S rc.M rc.6 rc.inet1; do
	cat $_CACHE/$file > $_ROOT/etc/rc.d/$file
	chmod a+x $_ROOT/etc/rc.d/$file
done
cat $_CACHE/inittab > $_ROOT/etc/inittab

#cleanup the cache dir
#rm -rf $_CACHE
}

function configure_container() {
	rootfs=$1
	hostname=$2
	
	(cd $rootfs; chmod 0755 ./ )
	(cd $rootfs; chmod 0755 ./var )
	
	if [ -d $rootfs/usr/src/linux ]; then
		chmod 0755 $rootfs/usr/src/linux
	fi
	if [ ! -d $rootfs/proc ]; then
		mkdir $rootfs/proc
		chown root.root $rootfs/proc
	fi
	if [ ! -d $rootfs/sys ]; then
		mkdir $rootfs/sys
		chown root.root $rootfs/sys
	fi
	chmod 1777 $rootfs/tmp
	if [ ! -d $rootfs/var/spool/mail ]; then
		mkdir -p $rootfs/var/spool/mail
		chmod 0755 $rootfs/var/spool
		chown root.mail $rootfs/var/spool/mail
		chmod 1777 $rootfs/var/spool/mail
	fi
	
	echo <<FIN > $rootfs/etc/rc.d/rc.keymap
#!/bin/bash
# Load the keyboard map.  More maps are in /usr/share/kbd/keymaps."
if [ -x /usr/bin/loadkeys ]; then
	/usr/bin/loadkeys us
fi
FIN
	chmod 0755 $rootfs/etc/rc.d/rc.keymap

	
	# Network configuration is left to the user, that have to edit
	# /etc/rc.d/rc.inet1.conf and /etc/resolv.conf of the container
	# just set the hostname
	echo "$hostname.vector-lxc.net" > $rootfs/etc/HOSTNAME
	cp $rootfs/etc/HOSTNAME $rootfs/etc/hostname
	
	# make needed devices, from Chris Willing's MAKEDEV.sh
	# http://www.vislab.uq.edu.au/howto/lxc/MAKEDEV.sh
	DEV=$rootfs/dev
	mkdir -p ${DEV}
	mknod -m 666 ${DEV}/null c 1 3
	mknod -m 666 ${DEV}/zero c 1 5
	mknod -m 666 ${DEV}/random c 1 8
	mknod -m 666 ${DEV}/urandom c 1 9
	mkdir -m 755 ${DEV}/pts
	mkdir -m 1777 ${DEV}/shm
	mknod -m 666 ${DEV}/tty c 5 0
	mknod -m 600 ${DEV}/console c 5 1
	mknod -m 666 ${DEV}/tty0 c 4 0
	mknod -m 666 ${DEV}/tty1 c 4 1
	mknod -m 666 ${DEV}/tty2 c 4 2
	mknod -m 666 ${DEV}/tty3 c 4 3
	mknod -m 666 ${DEV}/tty4 c 4 4
	mknod -m 666 ${DEV}/tty5 c 4 5
	mknod -m 666 ${DEV}/full c 1 7
	mknod -m 600 ${DEV}/initctl p
	mknod -m 660 ${DEV}/loop0 b 7 0
	mknod -m 660 ${DEV}/loop1 b 7 1
	ln -s pts/ptmx ${DEV}/ptmx
	ln -s /proc/self/fd ${DEV}/fd

	# FSTAB
	
	echo "Adding an etc/fstab that must be modified later with the"
	echo "full path of the container if you decide to move it."
	cat >$rootfs/etc/fstab <<EOF
lxcpts $rootfs/dev/pts devpts defaults,newinstance 0 0
none $rootfs/proc    proc   defaults 0 0
none $rootfs/sys     sysfs  defaults 0 0
none /dev/shm tmpfs  defaults 0 0
EOF

	# RC.S
	# Install this RC.S file into the container
	#mv $rootfs/etc/rc.d/rc.S $rootfs/etc/rc.d/rc.S.old
	#chmod -x $rootfs/etc/rc.d/rc.S.old
	#cat $CWD/rc.S $rootfs/etc/rc.d/rc.S
	#chmod +x $rootfs/etc/rc.d/rc.S
	# RC.6
	# Install this RC.6 file in the container
	#mv $rootfs/etc/rc.d/rc.6 $rootfs/etc/rc.d/rc.6.old
	#chmod -x $rootfs/etc/rc.d/rc.6.old
	#cat $CWD/rc.6 > /etc/rc.d/rc.6
	#chmod +x $rootfs/etc/rc.d/rc.6

	# RC.M
	#mv $rootfs/etc/rc.d/rc.M $rootfs/etc/rc.d/rc.M.old
	#chmod -x $rootfs/etc/rc.d/rc.M.old
	#cat $CWD/rc.M > $rootfs/etc/rc.d/rc.M
	#chmod +x $rootfs/etc/rc.d/rc.M
	
	#	mv $rootfs/etc/rc.d/rc.inet1 $rootfs/etc/rc.d/rc.inet1.old
	#	chmod a-x $rootfs/etc/rc.d/rc.inet1.old
	#cat $CWD/rc.inet1 > $rootfs/etc/rc.d/rc.inet1
	#chmod a+x $rootfs/etc/rc.d/rc.inet1
	
	# install modified initttab
	#cat $CWD/inittab > $rootfs/etc/inittab
	# install the default container config file
	
		cat >$rootfs/../config <<CONTCONFIG
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.hwaddr = 02:aa:11:bb:2c:1E

lxc.utsname = @UTSNAME@

lxc.mount = /var/lib/lxc/@UTSNAME@/rootfs/etc/fstab

lxc.tty = 6 
lxc.pts = 1024
lxc.rootfs = /var/lib/lxc/@UTSNAME@/rootfs

lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm

# loop devices
lxc.cgroup.devices.allow = b 7:* rwm
lxc.cgroup.devices.allow = c 10:237 rwm
# we don't trust even the root user in the container, better safe than sorry.
# comment out only if you know what you're doing.
lxc.cap.drop = sys_module mknod mac_override mac_admin sys_time setfcap setpcap sys_boot

# you can try also this alternative to the line above, whatever suits you better.
# lxc.cap.drop=sys_admin
		
CONTCONFIG




	# Disable some unneeded services starting up
	chmod a-x $rootfs/etc/rc.d/rc.{gpm,udev,wireless,yp} >/dev/null 2>&1

	# add a message to rc.local that confirms successful container startup
	echo "echo ; echo \"* container $name started. *\" ; echo" >> $rootfs/etc/rc.d/rc.local

	# set a default combination for the luggage
	echo "root:root" | chroot $rootfs chpasswd
	echo "Root default password is 'root', please change it!"
	
}

function usage() {

    cat <<EOF
$1 -h|--help -p|--path=<path>
EOF
    return 0
}


function create_container {
	rootpath=$1
	contname=$2
	install_vector $rootpath $contname
	configure_container $rootpath/rootfs vl7
	# fix the config file
	conf=$rootpath/config
	sed -i "s|@UTSNAME@|${contname}|g" $conf
	
	exit 0
}

options=$(getopt -o hp:n: -l help,path:,name: -- "$@")
if [ $? -ne 0 ]; then
        usage $(basename $0)
    exit 1
fi
eval set -- "$options"

while true
do
    case "$1" in
        -h|--help)      usage $0 && exit 0;;
        -p|--path)      path=$2; shift 2;;
        -n|--name)      name=$2; shift 2;;
        --)             shift 1; break ;;
        *)              break ;;
    esac
done

create_container $path $name