diff options
Diffstat (limited to '')
-rw-r--r-- | share/bash-completion/container | 2 | ||||
-rw-r--r-- | share/config/container.conf.in | 1 | ||||
-rw-r--r-- | share/doc/examples/dschinn-backports.cfg | 1 | ||||
-rw-r--r-- | share/man/container-create.1.txt | 8 | ||||
-rw-r--r-- | share/man/container.1.txt | 1 | ||||
-rwxr-xr-x | share/scripts/curl | 7 | ||||
-rwxr-xr-x | share/scripts/debconf | 46 | ||||
-rwxr-xr-x | share/scripts/debconf.d/0002-preseed-debconf | 6 | ||||
-rwxr-xr-x | share/scripts/debootstrap | 7 |
9 files changed, 68 insertions, 11 deletions
diff --git a/share/bash-completion/container b/share/bash-completion/container index 0bc22c0..3995a16 100644 --- a/share/bash-completion/container +++ b/share/bash-completion/container @@ -73,7 +73,7 @@ _container() ;; *) - opts="-n --name -c --capability -d --drop-capability -s --script -b --bind" + opts="-n --name -c --capability -d --drop-capability -s --script -b --bind --bind-ro" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; diff --git a/share/config/container.conf.in b/share/config/container.conf.in index b5678c0..bf1ecc5 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -5,6 +5,7 @@ cnt.auto=@CNT_AUTO@ cnt.network-bridge=@CNT_NETWORK_BRIDGE@ cnt.overlay=@CNT_OVERLAY@ bind=@BIND@ +bind-ro=@BIND_RO@ boot=@BOOT@ capability=@CAPABILITY@ directory=@DIRECTORY@ diff --git a/share/doc/examples/dschinn-backports.cfg b/share/doc/examples/dschinn-backports.cfg index 75296dc..1cddcf2 100644 --- a/share/doc/examples/dschinn-backports.cfg +++ b/share/doc/examples/dschinn-backports.cfg @@ -64,3 +64,4 @@ container-tools cnt-debconf/nameserver/options string timeout:1 attempts:1 container-tools cnt-debconf/auto string FQDN #container-tools cnt-debconf/overlay string #container-tools cnt-debconf/bind string +#container-tools cnt-debconf/bind-ro string diff --git a/share/man/container-create.1.txt b/share/man/container-create.1.txt index 9176b84..22f9c8e 100644 --- a/share/man/container-create.1.txt +++ b/share/man/container-create.1.txt @@ -54,7 +54,10 @@ The following container-create options are available: Specify container creation script, defaults to debootstrap. *-b, --bind='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: - Specify container bind mounts, see systemd-nspawn(1) --bind option. + Specify container read-write bind mounts, see systemd-nspawn(1) --bind option. + +*--bind-ro='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: + Specify container read-only bind mounts, see systemd-nspawn(1) --bind-ro option. *--cnt-overlay='DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED[;DIRECTORY_UPPER:DIRECTORY_LOWER:DIRECTORY_WORK:DIRECTORY_MERGED]'*:: Specify container overlay mounts, see Documentation/filesystems/overlayfs.txt. @@ -88,6 +91,9 @@ EXAMPLES *Create example.net container using debconf script:*:: sudo container create -n example.net -s debconf +*Create example.net container with the default create script and start it:*:: + sudo container create,start -n example.net + SEE ALSO -------- container-tools(7), diff --git a/share/man/container.1.txt b/share/man/container.1.txt index 7708c6a..fa94d7f 100644 --- a/share/man/container.1.txt +++ b/share/man/container.1.txt @@ -30,6 +30,7 @@ container - Manage systemd-nspawn containers SYNOPSIS -------- *container* 'COMMAND' ['OPTIONS'] +*container* 'COMMAND1','COMMAND2',... 'COMMANDn' DESCRIPTION diff --git a/share/scripts/curl b/share/scripts/curl index 67691e3..18d49c0 100755 --- a/share/scripts/curl +++ b/share/scripts/curl @@ -26,7 +26,7 @@ CACHE="/var/cache/container-tools/images" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,clean,image:,server:,password:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,clean,image:,server:,password:" GETOPT_OPTIONS="b:,s:,n:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -47,6 +47,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 diff --git a/share/scripts/debconf b/share/scripts/debconf index 5fc9542..df9241c 100755 --- a/share/scripts/debconf +++ b/share/scripts/debconf @@ -26,7 +26,7 @@ MACHINES="/var/lib/machines" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,preseed-file:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,preseed-file:" GETOPT_OPTIONS="b:,s:,n:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -47,6 +47,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 @@ -622,7 +627,7 @@ EOF then for FILE in ${PRESEED_FILE} do - cat "${FILE}" >> "${DIRECTORY}/preseed.cfg" + sed -e "s|@NAME@|${NAME}|g" "${FILE}" >> "${DIRECTORY}/preseed.cfg" done Chroot "${DIRECTORY}" "debconf-set-selections preseed.cfg" @@ -687,8 +692,6 @@ EOF fi done - rm -f "${DIRECTORY}/preseed.cfg" - # FIXME: Install additional packages after lxc-support has been run. # This is suboptimal, ideally we should install all packages but not run the maintainer scripts, # then run lxc-support, and run the maintainer scripts. This way, lxc-support would see @@ -913,6 +916,7 @@ Commands () sed -i -e "s|^cnt.network-bridge=.*|cnt.network-bridge=${HOST_INTERFACE_NAME}:${NETWORK0_BRIDGE:-br0}|g" "${CONFIG}/${NAME}.conf" sed -i -e "s|^cnt.overlay=.*|cnt.overlay=${CNT_OVERLAY}|g" "${CONFIG}/${NAME}.conf" sed -i -e "s|^bind=.*|bind=${BIND}|" "${CONFIG}/${NAME}.conf" + sed -i -e "s|^bind-ro=.*|bind-ro=${BIND_RO}|" "${CONFIG}/${NAME}.conf" sed -i -e "s|^network-veth-extra=.*|network-veth-extra=${HOST_INTERFACE_NAME}:eth0|g" "${CONFIG}/${NAME}.conf" for NUMBER in $(seq 1 ${NETWORK_NUMBER}) @@ -1005,7 +1009,7 @@ Cleanup_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" mkdir -p "${MACHINES}" cp -a "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" "${MACHINES}/${NAME}" -# Mounting bind mounts +# Mounting rw bind mounts if [ -n "${BIND}" ] then BINDS="$(echo ${BIND} | sed -e 's|;| |g')" @@ -1022,6 +1026,23 @@ then done fi +# Mounting ro bind mounts +if [ -n "${BIND_RO}" ] +then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for ENTRY in ${BINDS_RO} + do + SOURCE="$(echo ${ENTRY} | awk -F: '{ print $1 }')" + TARGET="$(echo ${ENTRY} | awk -F: '{ print $2 }')" + + mkdir -p "${SOURCE}" + mkdir -p "${MACHINES}/${NAME}/${TARGET}" + + mount -o rbind "${SOURCE}" "${MACHINES}/${NAME}/${TARGET}" + done +fi + # Mounting overlay mounts if [ -n "${CNT_OVERLAY}" ] then @@ -1071,7 +1092,20 @@ then done fi -# Unmounting bind mounts +# Unmounting ro bind mounts +if [ -n "${BIND_RO}" ] +then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for ENTRY in ${BINDS_RO} + do + TARGET="$(echo ${ENTRY} | awk -F: '{ print $2 }')" + + umount "${MACHINES}/${NAME}/${TARGET}" + done +fi + +# Unmounting rw bind mounts if [ -n "${BIND}" ] then BINDS="$(echo ${BIND} | sed -e 's|;| |g')" diff --git a/share/scripts/debconf.d/0002-preseed-debconf b/share/scripts/debconf.d/0002-preseed-debconf index 05b9379..48fa6a1 100755 --- a/share/scripts/debconf.d/0002-preseed-debconf +++ b/share/scripts/debconf.d/0002-preseed-debconf @@ -72,8 +72,12 @@ done for DEBCONF_PRESEED_FILE in ${DEBCONF_PRESEED_FILES} do + sed -e "s|@NAME@|${NAME}|g" "${DEBCONF_PRESEED_FILE}" > "${DIRECTORY}/preseed.cfg" + # Apply user specified preseed files - debconf-set-selections "${DEBCONF_PRESEED_FILE}" + debconf-set-selections "${DIRECTORY}/preseed.cfg" + + rm -f "${DIRECTORY}/preseed.cfg" done # Write expanded list of debconf preseed files diff --git a/share/scripts/debootstrap b/share/scripts/debootstrap index ecf167c..79a3193 100755 --- a/share/scripts/debootstrap +++ b/share/scripts/debootstrap @@ -25,7 +25,7 @@ MACHINES="/var/lib/machines" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,architecture:,distribution:,mirror:,password:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,distribution:,mirror:,password:" GETOPT_OPTIONS="b:,s:,n:,a:,d:,m:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -46,6 +46,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 |