diff options
Diffstat (limited to '')
-rwxr-xr-x | lib/container/create | 32 | ||||
-rwxr-xr-x | lib/container/enter | 12 | ||||
-rwxr-xr-x | lib/container/list | 6 | ||||
-rwxr-xr-x | lib/container/remove | 25 | ||||
-rwxr-xr-x | lib/container/start | 70 | ||||
-rwxr-xr-x | lib/container/status | 2 | ||||
-rwxr-xr-x | lib/container/stop | 23 |
7 files changed, 145 insertions, 25 deletions
diff --git a/lib/container/create b/lib/container/create index 8080ffa..cb51871 100755 --- a/lib/container/create +++ b/lib/container/create @@ -26,7 +26,7 @@ SCRIPTS="/usr/share/container-tools/scripts" Parameters () { - LONG_OPTIONS="name:,cnt.auto:,bind:,capability:,drop-capability:script:," + LONG_OPTIONS="name:,cnt.auto:,cnt.overlay:,bind:,capability:,drop-capability:script:," OPTIONS="n:,b:,c:,d:,s:," PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})" @@ -52,6 +52,11 @@ Parameters () shift 2 ;; + --cnt.overlay) + CNT_OVERLAY="${2}" + shift 2 + ;; + -b|--bind) BIND="${2}" shift 2 @@ -87,7 +92,7 @@ Parameters () Usage () { - echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2 + echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2 exit 1 } @@ -149,20 +154,41 @@ then done fi +# Creating overlay mounts +if [ -n "${CNT_OVERLAY}" ] +then + CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')" + + for CNT_OVERLAY in ${CNT_OVERLAYS} + do + DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')" + DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')" + DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')" + DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')" + + for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" + do + mkdir -p "${DIRECTORY}" + done + done +fi + # config mkdir -p "${CONFIG}" sed -e "s|@CNT_AUTO@|${CNT_AUTO}|g" \ -e "s|@CNT_NETWORK_BRIDGE@|${CNT_NETWORK_BRIDGE}|g" \ + -e "s|@CNT_OVERLAY@|${CNT_OVERLAY}|g" \ -e "s|@NAME@|${NAME}|g" \ -e "s|@BIND@|${BIND}|g" \ -e "s|@BOOT@|yes|g" \ -e "s|@CAPABILITY@|${CAPABILITY}|g" \ -e "s|@DIRECTORY@|${MACHINES}/${NAME}|g" \ -e "s|@DROP_CAPABILITY@|${DROP_CAPABILITY}|g" \ + -e "s|@LINK_JOURNAL@|no|g" \ -e "s|@MACHINE@|${NAME}|g" \ -e "s|@NETWORK_VETH_EXTRA@|${NETWORK_VETH_EXTRA}|g" \ - -e "s|@LINK_JOURNAL@|no|g" \ + -e "s|@PRIVATE_USERS@|no|g" \ -e "s|@REGISTER@|yes|g" \ /usr/share/container-tools/config/container.conf.in > "${CONFIG}/${NAME}.conf" diff --git a/lib/container/enter b/lib/container/enter index 101b43e..4eff504 100755 --- a/lib/container/enter +++ b/lib/container/enter @@ -60,7 +60,7 @@ Parameters () Usage () { - echo "Usage: container ${COMMAND} -n|--name NAME [-- COMMAND|\"COMMANDS\"]" >&2 + echo "Usage: container ${COMMAND} -n|--name NAME" >&2 exit 1 } @@ -90,7 +90,13 @@ case "${STATE}" in esac LEADER="$(machinectl status ${NAME} | awk '/Leader: / { print $2 }')" -COMMANDS="$(echo ${@} | sed -e 's|.*-- ||')" # Run -nsenter --target ${LEADER} --mount --uts --ipc --net --pid --root --wd=/root ${COMMANDS} +if [ -e "${MACHINES}/${NAME}/usr/bin/container-nsenter" ] +then + OPTIONS="/usr/bin/container-nsenter" +else + OPTIONS="" +fi + +nsenter --target ${LEADER} --mount --uts --ipc --net --pid --root --wd=/root ${OPTIONS} diff --git a/lib/container/list b/lib/container/list index 60ae782..d522623 100755 --- a/lib/container/list +++ b/lib/container/list @@ -148,12 +148,6 @@ CONTAINERS="$(cd "${MACHINES}" 2>/dev/null && find -maxdepth 1 -type d -and -not for CONTAINER in ${CONTAINERS} do - # FIXME: ignore lxc container for now - if [ -e "${MACHINES}/${CONTAINER}/rootfs" ] - then - continue - fi - STATE="$(machinectl show ${CONTAINER} 2>&1 | awk -F= '/^State=/ { print $2 }')" if [ -e "${CONFIG}/${CONTAINER}.conf" ] diff --git a/lib/container/remove b/lib/container/remove index e4bb20c..843e9c3 100755 --- a/lib/container/remove +++ b/lib/container/remove @@ -25,8 +25,8 @@ MACHINES="/var/lib/machines" Parameters () { - LONG_OPTIONS="name:,force," - OPTIONS="n:,f," + LONG_OPTIONS="name:,force,verbose," + OPTIONS="n:,f,v," PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})" @@ -51,6 +51,11 @@ Parameters () shift 1 ;; + -f|--verbose) + VERBOSE="true" + shift 1 + ;; + --) shift 1 break @@ -66,7 +71,7 @@ Parameters () Usage () { - echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force]" >&2 + echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force] [-v|--verbose]" >&2 exit 1 } @@ -113,6 +118,16 @@ case "${FORCE}" in ;; esac +case "${VERBOSE}" in + true) + RM_OPTIONS="--verbose" + ;; + + *) + RM_OPTIONS="" + ;; +esac + # data if [ -e "${CONFIG}/${NAME}.conf" ] then @@ -133,5 +148,5 @@ then fi # Run -rm --preserve-root --one-file-system -rf "${MACHINES}/${NAME}" -rm -f "${CONFIG}/${NAME}.conf" +rm --preserve-root --one-file-system -rf ${RM_OPTIONS} "${MACHINES}/${NAME}" +rm -f ${RM_OPTIONS} "${CONFIG}/${NAME}.conf" diff --git a/lib/container/start b/lib/container/start index a4dc033..5191ae2 100755 --- a/lib/container/start +++ b/lib/container/start @@ -28,8 +28,8 @@ SYSTEMCTL="true" Parameters () { - LONG_OPTIONS="name:,nspawn,start," - OPTIONS="n:," + LONG_OPTIONS="name:,force,nspawn,start," + OPTIONS="n:f," PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})" @@ -49,6 +49,11 @@ Parameters () shift 2 ;; + -f|--force) + FORCE="true" + shift 1 + ;; + --nspawn) # internal option SYSTEMCTL="false" @@ -77,7 +82,7 @@ Parameters () Usage () { - echo "Usage: container ${COMMAND} -n|--name NAME" >&2 + echo "Usage: container ${COMMAND} -n|--name NAME [-f|--force]" >&2 exit 1 } @@ -107,6 +112,20 @@ case "${START}" in ;; esac +if [ -e "${MACHINES}/.#${NAME}.lck" ] +then + case "${FORCE}" in + true) + rm -f "${MACHINES}/.#${NAME}.lck" + ;; + + *) + echo "'${NAME}': container is locked" >&2 + exit 1 + ;; + esac +fi + HOST_ARCHITECTURE="$(dpkg --print-architecture)" MACHINE_ARCHITECTURE="$(chroot ${MACHINES}/${NAME} dpkg --print-architecture)" @@ -139,6 +158,31 @@ esac # config if [ -e "${CONFIG}/${NAME}.conf" ] then + CNT_OVERLAY="$(awk -F= '/^cnt.overlay=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + + if [ -n "${CNT_OVERLAY}" ] + then + CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')" + + for CNT_OVERLAY in ${CNT_OVERLAYS} + do + DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')" + DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')" + DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')" + DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')" + + for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" + do + mkdir -p "${DIRECTORY}" + done + + if ! findmnt -n -o SOURCE "${DIRECTORY_MERGED}" | grep -qs '^cnt.overlay-' + then + mount cnt.overlay-${NAME} -t overlay -olowerdir="${DIRECTORY_LOWER}",upperdir="${DIRECTORY_UPPER}",workdir="${DIRECTORY_WORK}",default_permissions "${DIRECTORY_MERGED}" + fi + done + fi + BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)" if [ -n "${BIND}" ] @@ -199,6 +243,18 @@ then ;; esac + LINK_JOURNAL="$(awk -F= '/^link-journal=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)" + + case "${LINK_JOURNAL}" in + yes) + LINK_JOURNAL="--link-journal=yes" + ;; + + *) + LINK_JOURNAL="--link-journal=no" + ;; + esac + MACHINE="--machine=${NAME}" NETWORK_VETH_EXTRA_CONF="$(awk -F= '/^network-veth-extra=/ { print $2 }' ${CONFIG}/${NAME}.conf)" @@ -256,15 +312,15 @@ EOF ;; esac - LINK_JOURNAL="$(awk -F= '/^link-journal=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)" + PRIVATE_USERS="$(awk -F= '/^private-users=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)" - case "${LINK_JOURNAL}" in + case "${PRIVATE_USERS}" in yes) - LINK_JOURNAL="--link-journal=yes" + PRIVATE_USERS="--private-users=yes" ;; *) - LINK_JOURNAL="--link-journal=no" + PRIVATE_USERS="--private-users=no" ;; esac diff --git a/lib/container/status b/lib/container/status index a41d005..b797c98 100755 --- a/lib/container/status +++ b/lib/container/status @@ -79,4 +79,4 @@ then fi # Run -systemctl status container@${NAME}.service +systemctl status container@${NAME}.service --full diff --git a/lib/container/stop b/lib/container/stop index dc78f05..ec24d51 100755 --- a/lib/container/stop +++ b/lib/container/stop @@ -94,6 +94,29 @@ STATE="$(machinectl show ${NAME} 2>&1 | awk -F= '/^State=/ { print $2 }')" case "${CLEAN}" in true) + # Removing overlay mounts + CNT_OVERLAY="$(awk -F= '/^cnt.overlay=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + + if [ -n "${CNT_OVERLAY}" ] + then + CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')" + + for CNT_OVERLAY in ${CNT_OVERLAYS} + do + DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')" + DIRECTORY_UPPER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $2 }')" + DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')" + DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')" + + umount -f "${DIRECTORY_MERGED}" + + for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" + do + rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true + done + done + fi + # Removing bind mounts BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)" |