From 98ba42a446675abeb7fb0780ef9862ccb9ba63ba Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 3 Apr 2017 12:25:05 +0200 Subject: Merging upstream version 20170401. Signed-off-by: Daniel Baumann --- CHANGELOG.txt | 11 +++ Makefile | 10 +-- README.txt | 108 +++++++++++++++++++++++++++ VERSION.txt | 2 +- bin/container | 103 ++++++++++++------------- lib/container/create | 24 +++++- lib/container/move | 29 ++++++- lib/container/remove | 17 ++++- lib/container/start | 23 +++++- lib/container/stop | 17 ++++- share/bash-completion/container | 2 +- share/config/container.conf.in | 1 + share/doc/examples/dschinn-backports.cfg | 1 + share/man/container-create.1.txt | 8 +- share/man/container.1.txt | 1 + share/scripts/curl | 7 +- share/scripts/debconf | 46 ++++++++++-- share/scripts/debconf.d/0002-preseed-debconf | 6 +- share/scripts/debootstrap | 7 +- 19 files changed, 346 insertions(+), 77 deletions(-) create mode 100644 README.txt diff --git a/CHANGELOG.txt b/CHANGELOG.txt index c985fe1..0b05f37 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,3 +1,14 @@ +2017-04-01 Daniel Baumann + + * Releasing version 20170401. + + [ Daniel Baumann ] + * Shortening file removal handling in uninstall target in makefile. + * Cleanup stray preseed.cfg removal. + * Allowing @NAME@ variable in preseed files to allow for more flexibel preseed templating. + * Allowing multiple container commands to be executed in a row. + * Adding support for bind-ro nspawn option for read-only bind mounts. + 2017-01-01 Daniel Baumann * Releasing version 20170101. diff --git a/Makefile b/Makefile index 9e6966e..41b6d99 100644 --- a/Makefile +++ b/Makefile @@ -118,20 +118,14 @@ uninstall: for FILE in share/systemd*; \ do \ - if [ -e "$${FILE}" ]; \ - then \ - rm -f $(DESTDIR)/lib/systemd/system/$$(basename $${FILE}); \ - fi; \ + rm -f $(DESTDIR)/lib/systemd/system/$$(basename $${FILE}); \ done for SECTION in $$(seq 1 8); \ do \ for FILE in share/man/*.$${SECTION}; \ do \ - if [ -e "$${FILE}" ]; \ - then \ - rm -f $(DESTDIR)/usr/share/man/man$${SECTION}/$$(basename $${FILE}); \ - fi; \ + rm -f $(DESTDIR)/usr/share/man/man$${SECTION}/$$(basename $${FILE}); \ done; \ rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/share/man/man$${SECTION} || true; \ done diff --git a/README.txt b/README.txt new file mode 100644 index 0000000..5229136 --- /dev/null +++ b/README.txt @@ -0,0 +1,108 @@ +NAME +---- +container-tools - Manage systemd-nspawn containers + + +DESCRIPTION +----------- +"[A Linux container] is an operating-system-level virtualization environment for running multiple isolated Linux systems (containers) on a single Linux control host.":: + -- Wikipedia (https://en.wikipedia.org/wiki/LXC) + +container-tools provides the system integration for managing containers using systemd-nspawn. + + +DOWNLOAD +-------- + * Upstream Releases: https://files.open-infrastructure.net/software/container-tools/upstream + * Upstream Sources: https://sources.open-infrastructure.net/software/container-tools + * Debian Releases: https://files.open-infrastructure.net/software/container-tools/debian + * Debian Sources: https://sources.progress-linux.org/users/daniel/debian/packages/open-infrastructure-container-tools + + +INSTALLATION +------------ + +SOURCE +~~~~~~ + 1. sudo apt install asciidoc git docbook-xml docbook-xsl libxml2-utils make xsltproc dbus systemd-container net-tools + 2. git clone https://sources.open-infrastructure.net/software/container-tools + 3. cd container-tools && sudo make install + +DEBIAN 9 (STRETCH) AND NEWER +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + * sudo apt install container-tools + + +DEVELOPMENT +----------- +Bug reports, feature requests, help, patches, support and everything else +are welcome on the Open Infrastructure Software Mailing List: + + * https://lists.open-infrastructure.net/listinfo/software + +Please base patches against the 'next' Git branch using common sense: + + * https://www.kernel.org/doc/Documentation/SubmittingPatches + +Debian specific bugs can also be reported in the Debian Bug Tracking System: + + * https://bugs.debian.org + + +KNOWN LIMITATIONS +----------------- + * This version of container-tools currently do not work with systemd-networkd and depend on ifupdown. + * Using overlay, the upper directory can not be an NFS mount due to limitations in Linux' overlay filesystem, + see https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/filesystems/overlayfs.txt + + +USAGE +----- +*Create a new container:*:: + sudo container create -n NAME + +*Start a container:*:: + sudo container start -n NAME + +*Stop a container:*:: + sudo container stop -n NAME + +*Remove a container:*:: + sudo container remove -n NAME + +*List container on the system:*:: + sudo container list + +*Show container-tools version:*:: + container version + +See container(1) for a list of all container commands. + + +LINKS +----- +*2016-02-24: Systemd vs. Docker*:: + https://lwn.net/Articles/676831/ + +*2015-06-10: Systemd and containers*:: + https://lwn.net/Articles/647634/ + +*2014-07-07: Control groups*:: + https://lwn.net/Articles/604609/ + +*2013-11-13: Systemd-Nspawn is Chroot on Steroids [LinuxCon Europe]*:: + https://www.youtube.com/watch?v=s7LlUs5D9p4 + +*2013-11-03: Creating containers with systemd-nspawn*:: + https://lwn.net/Articles/572957/ + +*2013-02-06: Systemd lightweight containers*:: + https://lwn.net/Articles/536033/ + +*2013-01-04: Namespaces in operation*:: + https://lwn.net/Articles/531114/ + + +AUTHORS +------- + * Daniel Baumann diff --git a/VERSION.txt b/VERSION.txt index 162675c..0dde600 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -20161220 +20170401 diff --git a/bin/container b/bin/container index a23f274..1b57193 100755 --- a/bin/container +++ b/bin/container @@ -33,66 +33,69 @@ then fi # Command -COMMAND="${1}" - -if [ ! -e "/usr/lib/${SOFTWARE}/${PROGRAM}/${COMMAND}" ] -then - echo "'${COMMAND}': no such ${PROGRAM} command" >&2 - exit 1 -fi +COMMANDS="${1}" # Options shift 1 OPTIONS="${@}" -# Pre hooks -for FILE in "${HOOKS}/pre-${PROGRAM}".* "${HOOKS}/${NAME}.pre-${PROGRAM}" +for COMMAND in $(echo ${COMMANDS} | sed -e 's|,| |g') do - if [ -x "${FILE}" ] + if [ ! -e "/usr/lib/${SOFTWARE}/${PROGRAM}/${COMMAND}" ] then - "${FILE}" + echo "'${COMMAND}': no such ${PROGRAM} command" >&2 + exit 1 fi -done -# Notification -if echo "${OPTIONS}" | grep -qs "\--no-notification" -then - OPTIONS="$(echo "${OPTIONS}" | sed -e 's|--no-notification||')" -else - case "${COMMAND}" in - create|remove|rm|restart|start|stop) - USER="${SUDO_USER:-${USER}}" - DATE="$(date +%Y-%m-%d\ %H:%M:%S)" - HOST="$(hostname -f)" - - # logfile - echo "${DATE} ${HOST} ${USER} ${PROGRAM} ${COMMAND} ${OPTIONS}" >> "/var/log/${SOFTWARE}/${PROGRAM}.log" - - # irc - if [ -e /usr/bin/irk ] && [ -e "/etc/default/${SOFTWARE}" ] - then - . /etc/default/${SOFTWARE} - - if [ -n "${IRK_TARGETS}" ] + # Pre hooks + for FILE in "${HOOKS}/pre-${PROGRAM}".* "${HOOKS}/${NAME}.pre-${PROGRAM}" + do + if [ -x "${FILE}" ] + then + "${FILE}" + fi + done + + # Notification + if echo "${OPTIONS}" | grep -qs "\--no-notification" + then + OPTIONS="$(echo "${OPTIONS}" | sed -e 's|--no-notification||')" + else + case "${COMMAND}" in + create|remove|rm|restart|start|stop) + USER="${SUDO_USER:-${USER}}" + DATE="$(date +%Y-%m-%d\ %H:%M:%S)" + HOST="$(hostname -f)" + + # logfile + echo "${DATE} ${HOST} ${USER} ${PROGRAM} ${COMMAND} ${OPTIONS}" >> "/var/log/${SOFTWARE}/${PROGRAM}.log" + + # irc + if [ -e /usr/bin/irk ] && [ -e "/etc/default/${SOFTWARE}" ] then - for TARGET in ${IRK_TARGETS} - do - irk ${TARGET} "\x0300${USER}\x03@\x0312${HOST}:\x03 \x0303${PROGRAM}\x03 \x0307${COMMAND}\x03 ${OPTIONS}" - done + . /etc/default/${SOFTWARE} + + if [ -n "${IRK_TARGETS}" ] + then + for TARGET in ${IRK_TARGETS} + do + irk ${TARGET} "\x0300${USER}\x03@\x0312${HOST}:\x03 \x0303${PROGRAM}\x03 \x0307${COMMAND}\x03 ${OPTIONS}" + done + fi fi - fi - ;; - esac -fi - -# Run -exec "/usr/lib/${SOFTWARE}/${PROGRAM}/${COMMAND}" "${OPTIONS}" - -# Post hooks -for FILE in "${HOOKS}/post-${PROGRAM}".* "${HOOKS}/${NAME}.post-${PROGRAM}" -do - if [ -x "${FILE}" ] - then - "${FILE}" + ;; + esac fi + + # Run + exec "/usr/lib/${SOFTWARE}/${PROGRAM}/${COMMAND}" "${OPTIONS}" + + # Post hooks + for FILE in "${HOOKS}/post-${PROGRAM}".* "${HOOKS}/${NAME}.post-${PROGRAM}" + do + if [ -x "${FILE}" ] + then + "${FILE}" + fi + done done diff --git a/lib/container/create b/lib/container/create index 54cbb1d..b4fc5e9 100755 --- a/lib/container/create +++ b/lib/container/create @@ -27,7 +27,7 @@ SCRIPTS="/usr/share/container-tools/scripts" Parameters () { - GETOPT_LONGOPTIONS="name:,cnt.auto:,cnt.overlay:,bind:,capability:,drop-capability:script:," + GETOPT_LONGOPTIONS="name:,cnt.auto:,cnt.overlay:,bind:,bind-ro:,capability:,drop-capability:script:," GETOPT_OPTIONS="n:,b:,c:,d:,s:," PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -63,6 +63,11 @@ Parameters () shift 2 ;; + --bind-ro) + BIND_RO="${2}" + shift 2 + ;; + -c|--capability) CAPABILITY="${2}" shift 2 @@ -93,7 +98,7 @@ Parameters () Usage () { - echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2 + echo "Usage: container ${COMMAND} -n|--name NAME [--cnt.auto=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [--bind-ro DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-- SCRIPT_OPTIONS]" >&2 exit 1 } @@ -151,7 +156,7 @@ do fi done -# Creating bind mounts +# Creating rw bind mounts if [ -n "${BIND}" ] then BINDS="$(echo ${BIND} | sed -e 's|;| |g')" @@ -164,6 +169,19 @@ then done fi +# Creating ro bind mounts +if [ -n "${BIND_RO}" ] +then + BINDS="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for BIND_RO in ${BINDS_RO} + do + DIRECTORY="$(echo ${BIND_RO} | awk -F: '{ print $1 }')" + + mkdir -p "${DIRECTORY}" + done +fi + # Creating overlay mounts if [ -n "${CNT_OVERLAY}" ] then diff --git a/lib/container/move b/lib/container/move index 78b0c7f..4d64c8a 100755 --- a/lib/container/move +++ b/lib/container/move @@ -141,7 +141,7 @@ done mv "${CONFIG}/${OLD}.conf" "${CONFIG}/${NEW}.conf" mv "${MACHINES}/${OLD}" "${MACHINES}/${NEW}" -# bind mounts +# rw bind mounts BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)" if [ -n "${BIND}" ] @@ -168,6 +168,33 @@ then done fi +# ro bind mounts +BIND_RO="$(awk -F= '/^bind-ro=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + +if [ -n "${BIND_RO}" ] +then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for BIND_RO in ${BINDS_RO} + do + SOURCE_OLD="$(echo ${BIND_RO} | awk -F: '{ print $1 }')" + SOURCE_NEW="$(echo ${SOURCE_OLD} | sed -e "s|${OLD}|${NEW}|g")" + + if [ "${SOURCE_OLD}" != "${SOURCE_NEW}" ] + then + mv "${SOURCE_OLD}" "${SOURCE_NEW}" + fi + + TARGET_OLD="$(echo ${BIND_RO} | awk -F: '{ print $2 }')" + TARGET_NEW="$(echo ${TARGET_OLD} | sed -e "s|${OLD}|${NEW}|g")" + + if [ "${TARGET_OLD}" != "${TARGET_NEW}" ] + then + mv "${MACHINES}/${NEW}/${TARGET_OLD}" "${MACHINES}/${NEW}/${TARGET_NEW}" + fi + done +fi + # config sed -i -e "s|${OLD}|${NEW}|g" "${CONFIG}/${NEW}.conf" diff --git a/lib/container/remove b/lib/container/remove index 03549a4..1b1ba7d 100755 --- a/lib/container/remove +++ b/lib/container/remove @@ -141,7 +141,7 @@ done # data if [ -e "${CONFIG}/${NAME}.conf" ] then - # Removing bind mounts + # Removing rw bind mounts BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)" if [ -n "${BIND}" ] @@ -155,6 +155,21 @@ then rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true done fi + + # Removing ro bind mounts + BIND_RO="$(awk -F= '/^bind-ro=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + + if [ -n "${BIND_RO}" ] + then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for BIND_RO in ${BINDS_RO} + do + DIRECTORY="$(echo ${BIND_RO} | awk -F: '{ print $1 }')" + + rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true + done + fi fi # Run diff --git a/lib/container/start b/lib/container/start index 0009fd0..014e859 100755 --- a/lib/container/start +++ b/lib/container/start @@ -221,6 +221,27 @@ then done fi + BIND_RO="$(awk -F= '/^bind-ro=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + + if [ -n "${BIND_RO}" ] + then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for BIND_RO in ${BINDS_RO} + do + DIRECTORY="$(echo ${BIND_RO} | awk -F: '{ print $1 }')" + + mkdir -p "${DIRECTORY}" + done + + BIND_RO="" + + for DIRECTORIES in ${BINDS_RO} + do + BIND_RO="${BIND_RO} --bind ${DIRECTORIES}" + done + fi + BOOT="$(awk -F= '/^boot=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo yes)" case "${BOOT}" in @@ -437,7 +458,7 @@ case "${START}" in *) # Run - ${SETARCH} systemd-nspawn --keep-unit ${BIND} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} + ${SETARCH} systemd-nspawn --keep-unit ${BIND} ${BIND_RO} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} # Post hooks for FILE in "${HOOKS}/post-${COMMAND}".* "${HOOKS}/${NAME}.post-${COMMAND}" diff --git a/lib/container/stop b/lib/container/stop index b8793ac..359a136 100755 --- a/lib/container/stop +++ b/lib/container/stop @@ -127,7 +127,7 @@ case "${CLEAN}" in done fi - # Removing bind mounts + # Removing rw bind mounts BIND="$(awk -F= '/^bind=/ { print $2 }' ${CONFIG}/${NAME}.conf)" if [ -n "${BIND}" ] @@ -142,6 +142,21 @@ case "${CLEAN}" in done fi + # Removing ro bind mounts + BIND_RO="$(awk -F= '/^bind-ro=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + + if [ -n "${BIND_RO}" ] + then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for BIND_RO in ${BINDS_RO} + do + DIRECTORY="$(echo ${BIND_RO} | awk -F: '{ print $1 }')" + + rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true + done + fi + # Removing network configuration NETWORK_VETH_EXTRA_CONF="$(awk -F= '/^network-veth-extra=/ { print $2 }' ${CONFIG}/${NAME}.conf)" diff --git a/share/bash-completion/container b/share/bash-completion/container index 0bc22c0..3995a16 100644 --- a/share/bash-completion/container +++ b/share/bash-completion/container @@ -73,7 +73,7 @@ _container() ;; *) - opts="-n --name -c --capability -d --drop-capability -s --script -b --bind" + opts="-n --name -c --capability -d --drop-capability -s --script -b --bind --bind-ro" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; diff --git a/share/config/container.conf.in b/share/config/container.conf.in index b5678c0..bf1ecc5 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -5,6 +5,7 @@ cnt.auto=@CNT_AUTO@ cnt.network-bridge=@CNT_NETWORK_BRIDGE@ cnt.overlay=@CNT_OVERLAY@ bind=@BIND@ +bind-ro=@BIND_RO@ boot=@BOOT@ capability=@CAPABILITY@ directory=@DIRECTORY@ diff --git a/share/doc/examples/dschinn-backports.cfg b/share/doc/examples/dschinn-backports.cfg index 75296dc..1cddcf2 100644 --- a/share/doc/examples/dschinn-backports.cfg +++ b/share/doc/examples/dschinn-backports.cfg @@ -64,3 +64,4 @@ container-tools cnt-debconf/nameserver/options string timeout:1 attempts:1 container-tools cnt-debconf/auto string FQDN #container-tools cnt-debconf/overlay string #container-tools cnt-debconf/bind string +#container-tools cnt-debconf/bind-ro string diff --git a/share/man/container-create.1.txt b/share/man/container-create.1.txt index 9176b84..22f9c8e 100644 --- a/share/man/container-create.1.txt +++ b/share/man/container-create.1.txt @@ -54,7 +54,10 @@ The following container-create options are available: Specify container creation script, defaults to debootstrap. *-b, --bind='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: - Specify container bind mounts, see systemd-nspawn(1) --bind option. + Specify container read-write bind mounts, see systemd-nspawn(1) --bind option. + +*--bind-ro='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: + Specify container read-only bind mounts, see systemd-nspawn(1) --bind-ro option. *--cnt-overlay='DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED[;DIRECTORY_UPPER:DIRECTORY_LOWER:DIRECTORY_WORK:DIRECTORY_MERGED]'*:: Specify container overlay mounts, see Documentation/filesystems/overlayfs.txt. @@ -88,6 +91,9 @@ EXAMPLES *Create example.net container using debconf script:*:: sudo container create -n example.net -s debconf +*Create example.net container with the default create script and start it:*:: + sudo container create,start -n example.net + SEE ALSO -------- container-tools(7), diff --git a/share/man/container.1.txt b/share/man/container.1.txt index 7708c6a..fa94d7f 100644 --- a/share/man/container.1.txt +++ b/share/man/container.1.txt @@ -30,6 +30,7 @@ container - Manage systemd-nspawn containers SYNOPSIS -------- *container* 'COMMAND' ['OPTIONS'] +*container* 'COMMAND1','COMMAND2',... 'COMMANDn' DESCRIPTION diff --git a/share/scripts/curl b/share/scripts/curl index 67691e3..18d49c0 100755 --- a/share/scripts/curl +++ b/share/scripts/curl @@ -26,7 +26,7 @@ CACHE="/var/cache/container-tools/images" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,clean,image:,server:,password:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,clean,image:,server:,password:" GETOPT_OPTIONS="b:,s:,n:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -47,6 +47,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 diff --git a/share/scripts/debconf b/share/scripts/debconf index 5fc9542..df9241c 100755 --- a/share/scripts/debconf +++ b/share/scripts/debconf @@ -26,7 +26,7 @@ MACHINES="/var/lib/machines" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,preseed-file:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,preseed-file:" GETOPT_OPTIONS="b:,s:,n:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -47,6 +47,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 @@ -622,7 +627,7 @@ EOF then for FILE in ${PRESEED_FILE} do - cat "${FILE}" >> "${DIRECTORY}/preseed.cfg" + sed -e "s|@NAME@|${NAME}|g" "${FILE}" >> "${DIRECTORY}/preseed.cfg" done Chroot "${DIRECTORY}" "debconf-set-selections preseed.cfg" @@ -687,8 +692,6 @@ EOF fi done - rm -f "${DIRECTORY}/preseed.cfg" - # FIXME: Install additional packages after lxc-support has been run. # This is suboptimal, ideally we should install all packages but not run the maintainer scripts, # then run lxc-support, and run the maintainer scripts. This way, lxc-support would see @@ -913,6 +916,7 @@ Commands () sed -i -e "s|^cnt.network-bridge=.*|cnt.network-bridge=${HOST_INTERFACE_NAME}:${NETWORK0_BRIDGE:-br0}|g" "${CONFIG}/${NAME}.conf" sed -i -e "s|^cnt.overlay=.*|cnt.overlay=${CNT_OVERLAY}|g" "${CONFIG}/${NAME}.conf" sed -i -e "s|^bind=.*|bind=${BIND}|" "${CONFIG}/${NAME}.conf" + sed -i -e "s|^bind-ro=.*|bind-ro=${BIND_RO}|" "${CONFIG}/${NAME}.conf" sed -i -e "s|^network-veth-extra=.*|network-veth-extra=${HOST_INTERFACE_NAME}:eth0|g" "${CONFIG}/${NAME}.conf" for NUMBER in $(seq 1 ${NETWORK_NUMBER}) @@ -1005,7 +1009,7 @@ Cleanup_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" mkdir -p "${MACHINES}" cp -a "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" "${MACHINES}/${NAME}" -# Mounting bind mounts +# Mounting rw bind mounts if [ -n "${BIND}" ] then BINDS="$(echo ${BIND} | sed -e 's|;| |g')" @@ -1022,6 +1026,23 @@ then done fi +# Mounting ro bind mounts +if [ -n "${BIND_RO}" ] +then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for ENTRY in ${BINDS_RO} + do + SOURCE="$(echo ${ENTRY} | awk -F: '{ print $1 }')" + TARGET="$(echo ${ENTRY} | awk -F: '{ print $2 }')" + + mkdir -p "${SOURCE}" + mkdir -p "${MACHINES}/${NAME}/${TARGET}" + + mount -o rbind "${SOURCE}" "${MACHINES}/${NAME}/${TARGET}" + done +fi + # Mounting overlay mounts if [ -n "${CNT_OVERLAY}" ] then @@ -1071,7 +1092,20 @@ then done fi -# Unmounting bind mounts +# Unmounting ro bind mounts +if [ -n "${BIND_RO}" ] +then + BINDS_RO="$(echo ${BIND_RO} | sed -e 's|;| |g')" + + for ENTRY in ${BINDS_RO} + do + TARGET="$(echo ${ENTRY} | awk -F: '{ print $2 }')" + + umount "${MACHINES}/${NAME}/${TARGET}" + done +fi + +# Unmounting rw bind mounts if [ -n "${BIND}" ] then BINDS="$(echo ${BIND} | sed -e 's|;| |g')" diff --git a/share/scripts/debconf.d/0002-preseed-debconf b/share/scripts/debconf.d/0002-preseed-debconf index 05b9379..48fa6a1 100755 --- a/share/scripts/debconf.d/0002-preseed-debconf +++ b/share/scripts/debconf.d/0002-preseed-debconf @@ -72,8 +72,12 @@ done for DEBCONF_PRESEED_FILE in ${DEBCONF_PRESEED_FILES} do + sed -e "s|@NAME@|${NAME}|g" "${DEBCONF_PRESEED_FILE}" > "${DIRECTORY}/preseed.cfg" + # Apply user specified preseed files - debconf-set-selections "${DEBCONF_PRESEED_FILE}" + debconf-set-selections "${DIRECTORY}/preseed.cfg" + + rm -f "${DIRECTORY}/preseed.cfg" done # Write expanded list of debconf preseed files diff --git a/share/scripts/debootstrap b/share/scripts/debootstrap index ecf167c..79a3193 100755 --- a/share/scripts/debootstrap +++ b/share/scripts/debootstrap @@ -25,7 +25,7 @@ MACHINES="/var/lib/machines" Parameters () { - GETOPT_LONGOPTIONS="bind:,script:,name:,architecture:,distribution:,mirror:,password:" + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,distribution:,mirror:,password:" GETOPT_OPTIONS="b:,s:,n:,a:,d:,m:,p:" PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -46,6 +46,11 @@ Parameters () shift 2 ;; + --bind-ro) + # ignore + shift 2 + ;; + --cnt.auto) # ignore shift 2 -- cgit v1.2.3