The lxc-debian template debootstraps a minimum debian system which does not contain dbus.
If systemd is used this will result in getty-static.service to be used instead of getty@ .
The systemd default files uses 6 tty's instead of the 4 the script creates.
This will lead to repeated error messages in the systemd journal.
Signed-off-by: Cyril Bitterich <Cyril.Bitterich@1und1.de>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Add an additional template parameter for SSH support in the container. Currently
this can be implemented using the Dropbear or OpenSSH utility. The respective
tool needs to be available on the host Linux.
If the parameter is omitted, the template will look for the Dropbear utility on
the host and install it if it is available (legacy behavior).
Adding OpenSSH support has been done following the model in the lxc-sshd
template.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
URL for packages and LiveOS differs from x86, x86_64 and ARM.
This patch allows to select the good mirror URL according to
the architecture.
Primary architecture: http://mirrors.kernel.org/fedora
Secondary architecture: http://mirrors.kernel.org/fedora-secondary
The managed secondary architectures are only ppc64 and s390x,
the secondary architectures for Fedora 20 (the base of initial bootstrap).
Signed-off-by: Laurent Vivier <Laurent@Vivier.EU>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
$container_rootfs may not be used so 'sed' will try to patch
"/etc/init/tty.conf". It must not be correct.
Signed-off-by: Teruo Oshida <teruo.oshida@miraclelinux.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Fix a typo in the getopt call, should be auth-key not auth_key.
Also provide the argument to cat, so the script doesn't hang waiting
on stdin.
Closes#379
Signed-off-by: Erik Mackdanz <erikmack@gmail.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
follow new gentoo's download server configuration.
Should be backported in earlier lxc versions.
Signed-off-by: Guillaume ZITTA <lxc@zitta.fr>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Otherwise lxc-stop -r has no effect on the container.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc-plamo stop:
* creating objects under /dev when creating the container
* removing /dev population process from original rc script
now populate /dev at container boot time, and allow to enable
lxc.autodev=1
Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
- Implements mixed mode for /sys where it's mounted read-only but with
/sys/devices/virtual/net/ writable.
- Sets lxc.mount.auto to "cgroup:mixed proc:mixed sys:mixed" for all
templates.
- Drop any template-specific mount for /proc, /sys or /sys/fs/cgroup.
- Get rid of the fstab file by default, using lxc.mount.entry instead.
- Set sys:mixed as the default for "sys". sys:mixed is slightly more
permissive than sys:ro so this shouldn't be a problem.
The read-only bind mount of /sys on top of itself is there so that
mountall and other init systems don't attempt to remount /sys
read-write.
v2 changes:
- Fix the mount list, don't specify a source for the remount.
- Update the documentation.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
1. tty5 is not needed
2. the devices should be optional in case they didn't exist in the
host / parent-container
3. switch from 'touch $rootfs/dev/$dev' to using create=file in the
mount entry.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
- document environment variables
- add missing --packages switch to command line
- describe how to pass template options to lxc-create (since
lxc-create -h doesn't tell you)
- render help text in the same pretty format as lxc-create does
Signed-off-by: Tomáš Posíšek <tpo_deb@sourcepole.ch>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Reuse the code from the Debian template to associate a hwaddr if there
is only one veth interface in the container's config file.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Hi Michael,
do you have any concerns with the attached patch to
the fedora template that adds an option --mask-tmp
that prevents fedora/systemd from over-mounting
/tmp with tmpfs, which is useful in some cases?
Thanks - Michael
----- Forwarded message from Michael Adam <obnox@samba.org> -----
Date: Sat, 10 Jan 2015 13:12:06 +0100
From: Michael Adam <obnox@samba.org>
To: LXC development mailing-list <lxc-devel@lists.linuxcontainers.org>
Subject: Re: [lxc-devel] [PATCHES] add "--mask-tmp" to lxc-fedora, plus some
template script fixes
User-Agent: Mutt/1.5.23 (2014-03-12)
On 2015-01-10 at 13:08 +0100, Michael Adam wrote:
> On 2015-01-10 at 04:05 +0000, Serge Hallyn wrote:
>
> > The less controversial one is adding mask-tmp to the fedora template.
> > It looks fine to me, but that should go separately to mwarfield, our
> > fedora template maintainer :)
>
> I had notified mhw of my patches on irc, but apparently he is
> currently very busy.
>
> For a start, following is an update of the uncontroversial fix
> patches, i.e. the fix patche without the path ones, and without
> the mask-tmp patch.
And here comes the mask-tmp patch.
It needs to be applied onto the previous fix-patchset.
From 9589dca113535ed2f4faad89db2fab33bb8a9d7e Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Thu, 8 Jan 2015 10:25:24 +0100
Subject: [PATCH] lxc-fedora: add a new option --mask-tmp
This will configure the container to prevent the standard
behaviour of over-mounting /tmp with tmpfs, which can be
undesirable in some cases.
My personal use case is vagrant-lxc in combination with
vagrant-cachier.
Signed-off-by: Michael Adam <obnox@samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
It's now been proven over and over again that the symlink from /dev/kmsg
to /dev/console is harmful for everything but upstart systems. As Ubuntu
is now switching over to systemd too, lets switch the default.
Upstart users wishing to see boot messages can always set lxc.kmsg = 1
manually in their config (so long as they don't expect to then
dist-upgrade the container to systemd succesfuly).
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Now that autodev works fine with unprivileged containers and shouldn't
come with any side effect, lets turn it on by default.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
--help and --list are special in the sense that they
are independent of the other options and exit early.
Document them separately.
Signed-off-by: Michael Adam <obnox@samba.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Make it possible to use --list without having to specify
--dist, --release, and --arch, which does not make a lot
of sense.
Signed-off-by: Michael Adam <obnox@samba.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
Alpine Linux provides yaml files with latest release instead of the old
approach with .latest.txt.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
fedora-release has been split into fedora-release and fedora-repos.
Signed-off-by: Michael Adam <obnox@samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
This is to prevent systemd-journald to enter a 100% cpu loop.
Signed-off-by: Michael Adam <obnox@samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
