[lxc-devel] LXC 0.9.alpha1
Dwight Engen
dwight.engen at oracle.com
Thu Dec 6 18:11:34 UTC 2012
On Thu, 6 Dec 2012 12:46:28 -0500
Dwight Engen <dwight.engen at oracle.com> wrote:
> On Thu, 06 Dec 2012 12:30:18 -0500
> "Michael H. Warfield" <mhw at WittsEnd.com> wrote:
>
> > Deep down below... A correction...
> >
> > On Thu, 2012-12-06 at 11:57 -0500, Michael H. Warfield wrote:
> > > On Wed, 2012-12-05 at 11:54 -0500, Stéphane Graber wrote:
> > > > Hello,
> > >
> > > > After discussing this briefly with Daniel, I wanted to make all
> > > > of you aware that we are currently planning on sending a pull
> > > > request of the staging branch on the 10th of December (next
> > > > Monday).
> > >
> > > > This pull request will very likely contain everything that's
> > > > currently in the staging branch and is intended to become
> > > > 0.9.alpha1.
> > >
> > > > I'd therefore recommend everyone tests the current staging
> > > > branch and sends any remaining bugfixes to the mailing list as
> > > > soon as possible.
> > >
> > > > Also, if a change you sent to the mailing-list hasn't been
> > > > applied yet, it's very likely because I missed it as according
> > > > to my mail client, there's no outstanding patch to review. In
> > > > such case, please reply to this e-mail with a reference to your
> > > > change and I'll make sure it's reviewed before I send the pull
> > > > request.
> > >
> > > Notes in building on Fedora 17...
> > >
> > > *) Manual configure and build:
> > >
> > > configure --help lists --enable-apparmor as an option but does not
> > > list --disable-apparmor. The default is enabled and the
> > > --disable-apparmor has to be used to build on Fedora without
> > > AppArmor.
> > >
> > > Sort of cosmetic since most of us building by hand know to invert
> > > the sense of that enable but I think that help listing could use
> > > some touching up.
>
> Hi, I'm building on Fedora 17 too for some testing. I've noticed this
> once in a while, even though there are configure checks which should
> check for sys/apparmor.h. I haven't been able to track down why it
> sometimes doesn't work, it is a bit annoying when the autodetect
> doesn't work :(
>
>
> > > *) Building rpms using the lxc.spec file in the package...
> > >
> > > With the existing lxc.spec file, rpmbuild blows up on Fedora 17
> > > with this:
> > >
> > > --
> > > checking for docbook2man... yes
> > > checking sys/apparmor.h usability... no
> > > checking sys/apparmor.h presence... no
> > > checking for sys/apparmor.h... no
> > > configure: error: You must install the AppArmor development
> > > package in order to compile lxc
> > > error: Bad exit status from /var/tmp/rpm-tmp.8VlE1L (%build)
> > >
> > >
> > > RPM build errors:
> > > Bad exit status from /var/tmp/rpm-tmp.8VlE1L (%build)
> > > --
> > >
> > > So it looks like --disable-apparmor needs to be added to the
> > > lxc.spec.in file around line 65 (lxc-spec line 66):
> > >
> > > PATH=$PATH:/usr/sbin:/sbin %configure $args --disable-apparmor
> > > --disable-rpath
> > >
> > > Even after that, I run into this problem building an rpm:
> > >
> > > Fedora rpmbuild is also NOT liking this:
> > >
> > > %{_bindir}/*
> > > %attr(4111,root,root) %{_bindir}/lxc-attach
> > > %attr(4111,root,root) %{_bindir}/lxc-create
> > > %attr(4111,root,root) %{_bindir}/lxc-clone
> > > %attr(4111,root,root) %{_bindir}/lxc-shutdown
> > > %attr(4111,root,root) %{_bindir}/lxc-start
> > > %attr(4111,root,root) %{_bindir}/lxc-netstat
> > > %attr(4111,root,root) %{_bindir}/lxc-unshare
> > > %attr(4111,root,root) %{_bindir}/lxc-execute
> > > %attr(4111,root,root) %{_bindir}/lxc-checkpoint
> > > %attr(4111,root,root) %{_bindir}/lxc-restart
> > >
> > > Results in this...
> > >
> > > RPM build errors:
> > > File listed twice: /usr/bin/lxc-attach
> > > File listed twice: /usr/bin/lxc-checkpoint
> > > File listed twice: /usr/bin/lxc-clone
> > > File listed twice: /usr/bin/lxc-create
> > > File listed twice: /usr/bin/lxc-execute
> > > File listed twice: /usr/bin/lxc-netstat
> > > File listed twice: /usr/bin/lxc-restart
> > > File listed twice: /usr/bin/lxc-shutdown
> > > File listed twice: /usr/bin/lxc-start
> > > File listed twice: /usr/bin/lxc-unshare
> > >
> > > I had to comment out the "%{_bindir}/*" line. That's probably not
> > > right but I'm not sure how to resolve the dups due to the wildcard
> > > statement.
> >
> > Yeah, that was a bad move. That resulted in things like lxc-ls not
> > being packaged. My bad. So we want all those explicitly listed to
> > be SUID to root? We may have to list every binary individually in
> > order to avoid the duplicate warnings but it turns out they're not
> > fatal anyways (the failure at that point had been caused the
> > problem below not the duplicates above).
>
> Yeah, the duplicates are just warnings, but we probably should fix it
> by listing the files individually instead of using the glob.
>
> > > Also got a /usr/local/var/lib/lxc in there at line 100 that's
> > > "@LXCPATH@". That doesn't look right. Shouldn't that have ended
> > > up /var/lib/lxc without the "/usr/local" part? Shouldn't that be
> > > using the rpm macros there too?
>
> When you run ./configure, you have to pass the same options rpmbuild
> will to make sure LXCPATH gets expanded right.
Hmm, this isn't great. LXCPATH will only be right in the lxc.spec that
make dist creates if ./configure --localstatedir=<same as what rpmbuild
passes> is given before doing the make dist (or make rpm). However,
using %{_localstatedir}/lib/lxc in the spec instead of @LXCPATH@
won't be right if someone adds --with-config-path= to the configure
line in the spec file (which we do).
I guess we could use %{_localstatedir}/lib/lxc and then if someone
wants to pass --with-config-path from the spec, that line will have to
be changed as well. This is probably better than what it is now.
> > > After making those corrections, I was able to build rpms for F17
> > > and I'm starting testing from them now.
> > >
> > > > Thanks
> > >
> > > Regards,
> > > Mike
> >
> > Regards,
> > Mike
More information about the lxc-devel
mailing list