oracle template: add support for creating ol4 container from ovm template

Also: disable the interactive part of ovmd so ol5,6 containers won't
hang if started for the first time with -d. Don't let containers do rawio,
or have access to /dev/rtc0, they can mess up the hosts system clock among
other things.

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

templates/lxc-oracle.in

@@ -49,7 +49,7 @@ is_btrfs_subvolume()
 # fix up the container_rootfs
 container_rootfs_configure()
 {
-    echo "Configuring container for Oracle Linux $container_release_major"
+    echo "Configuring container for Oracle Linux $container_release_major.$container_release_minor"
 
     # "disable" selinux. init in OL 5 honors /etc/selinux/config. note that
     # this doesnt actually disable it if it's enabled in the host, since
@@ -88,6 +88,11 @@ NETWORKING_IPV6=no
 HOSTNAME=$name
 EOF
 
+    # disable interactive ovmd asking questions
+    if [ -f $container_rootfs/etc/sysconfig/ovmd ]; then
+        sed -i 's|INITIAL_CONFIG=yes|INITIAL_CONFIG=no|' $container_rootfs/etc/sysconfig/ovmd
+    fi
+
     # set minimal hosts
     echo "127.0.0.1 localhost $name" > $container_rootfs/etc/hosts
 
@@ -119,23 +124,46 @@ EOF
         sed -i 's|READAHEAD="yes"|READAHEAD="no"|' $container_rootfs/etc/sysconfig/readahead
     fi
 
+    if [ $container_release_major = "4" ]; then
+        # enable fastboot always
+        sed -i 's|\[ -f /fastboot \]|/bin/true|' $container_rootfs/etc/rc.sysinit
+        sed -i 's|\[ -f /fastboot \]|/bin/true|' $container_rootfs/etc/rc.d/rc.sysinit
+
+        # dont attempt to set kernel parameters
+        sed -i 's|action $"Configuring kernel parameters|# LXC action $"Configuring kernel parameters|' $container_rootfs/etc/rc.sysinit
+        sed -i 's|action $"Configuring kernel parameters|# LXC action $"Configuring kernel parameters|' $container_rootfs/etc/rc.d/rc.sysinit
+        sed -i 's|action $"Setting network parameters|# LXC action $"Setting network parameters|' $container_rootfs/etc/init.d/network
+        sed -i 's|action $"Setting network parameters|# LXC action $"Setting network parameters|' $container_rootfs/etc/init.d/NetworkManager
+    fi
+
     # disable udev in the container
-    sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.sysinit
+    if [ $container_release_major = "4" ]; then
-    sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.d/rc.sysinit
+        sed -i 's|\[ -x /sbin/start_udev \]|# LXC no udev|' $container_rootfs/etc/rc.sysinit
+        sed -i 's|\[ -x /sbin/start_udev \]|# LXC no udev|' $container_rootfs/etc/rc.d/rc.sysinit
+    else
+        sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.sysinit
+        sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.d/rc.sysinit
+    fi
 
     # disable nash raidautorun in the container since no /dev/md*
-    if [ $container_release_major = "5" ]; then
+    if [ $container_release_major = "4" -o $container_release_major = "5" ]; then
         sed -i 's|echo "raidautorun /dev/md0"|echo ""|' $container_rootfs/etc/rc.sysinit
         sed -i 's|echo "raidautorun /dev/md0"|echo ""|' $container_rootfs/etc/rc.d/rc.sysinit
     fi
 
     # prevent rc.sysinit from attempting to loadkeys
-    if [ $container_release_major = "5" -a -e $container_rootfs/etc/sysconfig/keyboard ]; then
+    if [ \( $container_release_major = "4" -o $container_release_major = "5" \) -a -e $container_rootfs/etc/sysconfig/keyboard ]; then
         rm $container_rootfs/etc/sysconfig/keyboard
     fi
 
-    # dont try to sync the hwclock at shutdown
+    # dont use the hwclock, it messes up the host's time
-    sed -i 's|\[ -x /sbin/hwclock|\[ 0 -eq 1|' $container_rootfs/etc/rc.d/init.d/halt
+    if [ $container_release_major = "4" ]; then
+        sed -i 's|runcmd $"Syncing hardware clock|# LXC no hwclock runcmd $"Syncing hardware clock|' $container_rootfs/etc/rc.d/init.d/halt
+    else
+        sed -i 's|\[ -x /sbin/hwclock|\[ 0 -eq 1|' $container_rootfs/etc/rc.d/init.d/halt
+    fi
+    sed -i 's|/sbin/hwclock|# LXC no hwclock /sbin/hwclock|' $container_rootfs/etc/rc.sysinit
+    sed -i 's|/sbin/hwclock|# LXC no hwclock /sbin/hwclock|' $container_rootfs/etc/rc.d/rc.sysinit
 
     # dont start lvm
     sed -i 's|action $"Setting up Logical Volume Management:"|#action $"Setting up Logical Volume Management:"|' $container_rootfs/etc/rc.sysinit
@@ -168,7 +196,7 @@ EOF
     sed -i 's|&& $1 !~ /^\\/dev\\/ram/|\&\& $2 !~ /^\\/dev\\/lxc/ \&\& $1 !~ /^\\/dev\\/ram/|' $container_rootfs/etc/init.d/halt
 
     # start a getty on /dev/console, /dev/tty[1-4]
-    if [ $container_release_major = "5" ]; then
+    if [ $container_release_major = "4" -o $container_release_major = "5" ]; then
         sed -i '/1:2345:respawn/i cns:2345:respawn:/sbin/mingetty console' $container_rootfs/etc/inittab
         sed -i '/5:2345:respawn/d' $container_rootfs/etc/inittab
         sed -i '/6:2345:respawn/d' $container_rootfs/etc/inittab
@@ -193,10 +221,10 @@ EOF
     # some of these might not exist in the image, so we silence chkconfig complaining
     # about the service file not being found
     for service in \
-        acpid auditd autofs cpuspeed dund gpm haldaemon hidd	\
+        acpid apmd auditd autofs cpuspeed dund gpm haldaemon hidd	\
-        ip6tables irqbalance iscsi iscsid isdn kdump kudzu	\
+        ip6tables irqbalance iscsi iscsid isdn kdump kudzu		\
-        lm_sensors lvm2-monitor mdmonitor microcode_ctl		\
+        lm_sensors lvm2-monitor mdmonitor microcode_ctl			\
-        ntpd postfix sendmail udev-post ;
+        ntpd pcmcia postfix sendmail udev-post xfs ;
     do
         chroot $container_rootfs chkconfig 2>/dev/null $service off
     done
@@ -238,7 +266,7 @@ EOF
     rm -f $container_rootfs/var/log/messages
 
     # add oracle user, set root password
-    chroot $container_rootfs useradd --create-home -s /bin/bash oracle
+    chroot $container_rootfs useradd -m -s /bin/bash oracle
     echo "oracle:oracle" | chroot $container_rootfs chpasswd
     echo "root:root" | chroot $container_rootfs chpasswd
     echo -e "Added container user:\033[1moracle\033[0m password:\033[1moracle\033[0m"
@@ -256,7 +284,7 @@ container_config_create()
                       sed 's/\(..\)/\1:/g; s/.$//'`"
     mkdir -p $cfg_dir || die "unable to create config dir $cfg_dir"
     cat <<EOF >> $cfg_dir/config || die "unable to create $cfg_dir/config"
-# Container configuration for Oracle Linux $release_major.$release_minor
+# Container configuration for Oracle Linux $container_release_major.$container_release_minor
 lxc.arch = $arch
 lxc.utsname = $name
 lxc.devttydir = lxc
@@ -264,6 +292,7 @@ lxc.tty = 4
 lxc.pts = 1024
 lxc.rootfs = $container_rootfs
 lxc.mount = $cfg_dir/fstab
+lxc.cap.drop = sys_rawio
 # Networking
 EOF
 
@@ -291,7 +320,6 @@ lxc.cgroup.devices.allow = c 1:8 rwm	# /dev/random
 lxc.cgroup.devices.allow = c 1:9 rwm	# /dev/urandom
 lxc.cgroup.devices.allow = c 136:* rwm	# /dev/tty[1-4] ptys and lxc console
 lxc.cgroup.devices.allow = c 5:2 rwm	# /dev/ptmx pty master
-lxc.cgroup.devices.allow = c 254:0 rwm	# /dev/rtc0
 EOF
 
     cat <<EOF > $cfg_dir/fstab || die "unable to create $cfg_dir/fstab"
@@ -317,7 +345,7 @@ container_rootfs_clone()
 container_rootfs_create()
 {
     cmds="rpm wget yum"
-    if [ $release_major = "5" ]; then
+    if [ $container_release_major = "5" ]; then
         if [ $host_distribution = "Ubuntu" ]; then
             db_dump_cmd="db5.1_dump"
             db_load_cmd="db4.3_load"
@@ -344,16 +372,16 @@ container_rootfs_create()
             die "The template is busy."
         fi
 
-        echo "Downloading release $release_major.$release_minor for $basearch"
+        echo "Downloading release $container_release_major.$container_release_minor for $basearch"
 
         # get yum repo file
         public_yum_url=http://public-yum.oracle.com
-        if   [ $release_major = "5" ]; then
+        if   [ $container_release_major = "5" ]; then
             repofile=public-yum-el5.repo
-        elif [ $release_major = "6" ]; then
+        elif [ $container_release_major = "6" ]; then
             repofile=public-yum-ol6.repo
         else
-            die "Unsupported release $release_major"
+            die "Unsupported release $container_release_major"
         fi
         mkdir -p $container_rootfs/etc/yum.repos.d
         wget -q $public_yum_url/$repofile -O $container_rootfs/etc/yum.repos.d/$repofile
@@ -371,16 +399,16 @@ container_rootfs_create()
         fi
 
         # disable all repos, then enable the repo for the version we are installing.
-        if [ $release_minor = "latest" ]; then
+        if [ $container_release_minor = "latest" ]; then
-            if [ $release_major = "5" ]; then
+            if [ $container_release_major = "5" ]; then
-        repo="el"$release_major"_"$release_minor
+        repo="el"$container_release_major"_"$container_release_minor
             else
-                repo="ol"$release_major"_"$release_minor
+                repo="ol"$container_release_major"_"$container_release_minor
             fi
-        elif [ $release_minor = "0" ]; then
+        elif [ $container_release_minor = "0" ]; then
-            repo="ol"$release_major"_ga_base"
+            repo="ol"$container_release_major"_ga_base"
         else
-            repo="ol"$release_major"_u"$release_minor"_base"
+            repo="ol"$container_release_major"_u"$container_release_minor"_base"
         fi
         sed -i "s|enabled=1|enabled=0|" $container_rootfs/etc/yum.repos.d/$repofile
         sed -i "/\[$repo\]/,/\[/ s/enabled=0/enabled=1/" $container_rootfs/etc/yum.repos.d/$repofile
@@ -401,7 +429,7 @@ container_rootfs_create()
         # that coreutils is installed, reinstall the packages so their POSTIN
         # runs right. similarly, libutempter depends on libselinux.so.1 when
         # it runs /usr/sbin/groupadd, so reinstall it too
-        if [ $release_major = "5" ]; then
+        if [ $container_release_major = "5" ]; then
             rpm --root $container_rootfs --nodeps -e rsyslog pam libutempter
             $yum_cmd install rsyslog pam libutempter
             if [ $? -ne 0 ]; then
@@ -419,7 +447,7 @@ container_rootfs_create()
         # downgrade it to Hash version 8 for use with OL5.x
         db_version=`file $container_rootfs/var/lib/rpm/Packages | \
                     grep -o 'version [0-9]*' |awk '{print $2}'`
-        if [ $release_major = "5" -a $db_version != "8" ]; then
+        if [ $container_release_major = "5" -a $db_version != "8" ]; then
             echo "Fixing (downgrading) rpm database from version $db_version"
             rm -f $container_rootfs/var/lib/rpm/__db*
             for db in $container_rootfs/var/lib/rpm/* ; do
@@ -436,6 +464,22 @@ container_rootfs_create()
     ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-oracle-$name
 }
 
+container_release_get()
+{
+    if [ -f $1/etc/oracle-release ]; then
+        container_release_version=`cat $1/etc/oracle-release |awk '/^Oracle/ {print $5}'`
+        container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'`
+        container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'`
+    elif grep -q Nahant $1/etc/redhat-release; then
+        container_release_major=`cat $1/etc/redhat-release |awk '{print $7}'`
+        container_release_minor=`cat $1/etc/redhat-release |awk '{print $10}' |tr -d ")"`
+        container_release_version="$container_release_major.$container_release_minor"
+    else
+        echo "Unable to determine container release version"
+        exit 1
+    fi
+}
+
 usage()
 {
     cat <<EOF
@@ -465,7 +509,7 @@ do
         -p|--path)		cfg_dir=$2; shift 2;;
         -n|--name)		name=$2; shift 2;;
         -a|--arch)		arch=$2; shift 2;;
-        -R|--release)		release_version=$2; shift 2;;
+        -R|--release)		container_release_version=$2; shift 2;;
         -u|--url)		repourl=$2; shift;;
         -t|--templatefs)	template_rootfs=$2; shift 2;;
         --)             	shift 1; break ;;
@@ -505,14 +549,15 @@ fi
 container_rootfs="$cfg_dir/rootfs"
 
 if [ -n "$template_rootfs" ]; then
-    release_version=`cat $template_rootfs/etc/oracle-release |awk '/^Oracle/ {print $5}'`
+    container_release_get $template_rootfs
+else
+    if [ -z "$container_release_version" ]; then
+        echo "No release specified with -R, defaulting to 6.3"
+        container_release_version="6.3"
+    fi
+    container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'`
+    container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'`
 fi
-if [ -z "$release_version" ]; then
-    echo "No release specified with -R, defaulting to 6.3"
-    release_version="6.3"
-fi
-release_major=`echo $release_version |awk -F '.' '{print $1}'`
-release_minor=`echo $release_version |awk -F '.' '{print $2}'`
 
 if which lsb_release >/dev/null 2>&1; then
     host_distribution=`lsb_release --id |awk '{print $3}'`
@@ -546,9 +591,7 @@ else
     container_rootfs_create
 fi
 
-container_release_version=`cat $container_rootfs/etc/oracle-release |awk '/^Oracle/ {print $5}'`
+container_release_get $container_rootfs
-container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'`
-container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'`
 
 container_rootfs_configure