This reverts commit 8587ac4b855b7b66931a37742c45cd2c8c624658.
The changes made the branch to fail to build on Ubuntu/Debian, so
reverting the commits and re-opening the pull request.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
The package 'docbook-tools' [1] required to format Docbook 3.0 into man pages
has been obsoleted a long time ago and can no longer be downloaded from its
former homepage. Recent versions of that package -- now called 'docbook2X' --,
cannot deal with that old markup format anymore (and don't support the '-w all'
command line switch either). To remedy these issues, all SGML files have been
updated to Docbook 4.5 so that recent versions of docbook2man can process them.
[1] http://sources.redhat.com/docbook-tools/
[2] http://docbook2x.sourceforge.net/
Signed-off-by: Peter Simons <simons@cryp.to>
This allows a distro to put the distro specific default network
configuration (for example bridge device, link type), or other lxc
configuration in the case that -f is not passed by the user to
lxc-create, in which case lxc-create will use the distro conf file as
the basis for the containers config.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Make the oracle template honor the lxc.network.type and
lxc.network.link configuration items if a "base" configuration file is
passed to lxc-create. If no configuration file is passed and the host
system is Oracle or Fedora, the template assumes a type of veth and
the default name created by libvirt.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Always rebuild the rpm database with the guest's rpm so there are no
db version mismatches when you boot the guest and run rpm or yum.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Use the file command to see if the rpm database version needs to
be downgraded. Use the lsb_release command to determine the host
system, which is then used to set the commands needed to do the
conversion, and lets us move the rpm database to the correct location
if the host rpm doesn't put it where the guest expects it to be.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
This is a new template to create containers based on Oracle Linux. A version
such as 5.8, 6.3, or 6.latest can be specified with -R in which case a rootfs
will be created from rpms downloaded from the Oracle public-yum repo.
Alternatively the path to an existing rootfs of Oracle 5 or 6 may be given to
the template with the -t option.
The architecture of the downloaded rpms installed in the container can be
specified with the -a template option.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
The script used to contain a workaround for back when create()
wouldn't properly flush the config and reload it.
As these issues have now been fixed, these workarounds can be removed.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Re-organize the code to only call get_ips() when we actually need
the IP address of the container.
Also bump the timeout for get_ips() from 5s to 10s to accomodate
slower machines.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
When using lxc-start-ephemeral to directly call a command, return
ssh's return code (the command's return code) when exiting.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
shutdown() when given a timeout already does a stop call so there's no
need to check its return value and do another one.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
When overriding wait(), I forgot to actually return the value coming
from the C binding...
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Apparently a ")" was dropped in a recent change, causing
lxc-start-ephemeral to fail to start completely (invalid syntax).
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
These variables are not expanded correctly in doc/lxc-create.sgml.in
and a workaround is in place to ensure ${localstatedir}, and ${datadir}
are set in the various shell scripts that use it. There is no workaround
to ensure ${datadir} is set in src/lxc/lxc-create.in, nor is
${localstatedir} set in templates/lxc-altlinux.in so I think that these
are currently broken.
Using AS_AC_EXPAND instead of AC_SUBST fixes these problems and removes
the need for the workarounds. In addition the lxc-start-ephemeral.in
script can be autoconf'ed instead of sed'ed by the makefile.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Fix gcc error confile.c:83: error: redefinition of typedef ‘config_cb’.
Its already defined the same way in confile.h.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Add a few missing #if's to fix compilation when configured without
AppArmor.
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
At Serge's suggestion, always convert the state passed to the wait()
function in the python API to its uppercase equivalent.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
The previous commit was missing part of the changes, leading to a non-working
version of lxc-start-ephemeral.
This commit adds the missing parts.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
This commit adds lxc-start-ephemeral as a python script using the
new python-lxc API.
This script is somewhat similar to lxc-clone except that it uses
overlayfs or aufs to provide an overlay on top of the source container.
It also allows the user to directly run a command in the container using
SSH and can fetch the IP address from the container when starting the
container in the background.
The initial work on lxc-start-ephemeral was done by Serge Hallyn in Ubuntu,
this is a re-implementation of it using python and the new LXC hooks.
Compared to the shell implementation, there are three notable differences:
- When starting without a command, lxc-start-ephemeral now attaches to tty1
- When starting in the background (-d), the name and IP of the container is
shown on screen.
- A new "-k" option is added, allowing the user to keep the ephemeral
container after shutdown. This turns off the tmpfs backend and sets up the
hooks so that the container can be started/stopped multiple times.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
So the container will be reparented by init. Otherwise children of the
lxc-start might be reaped by python3 rather than lxc-start.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This code was addeed to deal with stopped/dead containers but
really shouldn't be implemented there. Instead the setsid() call in
start() should be enough to prevent python from getting the SIGCHLD and
having to deal with it.
The liblxc API currently doesn't work as non-root, so check that the euid
is 0 when getting a Container instance in the python API.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Then after lxcapi container->create(), free whatever lxc_conf may be
loaded and reload from the newly created configuration file.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Replaced python-lxc/test.py by a new api_test.py script that
uses all the available function of the API to run a batch of
basic tests.
This example is useful both as a test of the API and as a guide on
how to use the python API to manage containers.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Add a new --enable-tests option to configure which is used to
optionally build the tests/examples. Default is off.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
This happens in the container's namespace, but before the rootfs is
setup and mounted. This gives us a chance to mangle the rootfs - i.e.
ecryptfs-mount it.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Otherwise it defaults to 0, meaning don't wait. -1 means wait forever,
which is what we want as the default behavior.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
LXC has optional apparmor support, default profile is lxc-container-default.
This change adds a commented "lxc.aa_profile = default" line to all templates,
uncommenting this will bypass apparmor for the container.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
This is a simple POSIX shell script, so no need for the weird extension
or for the explicit use of /bin/bash
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
