[lxc-devel] [PATCH] [v3] Integrated lxc-net service for rpm based platforms.
Stéphane Graber
stgraber at ubuntu.com
Mon Aug 25 20:28:57 UTC 2014
Just started reviewing this, it looks like you're at least missing
default.conf.lxcbr in your patch.
On Mon, Aug 25, 2014 at 03:00:46PM -0400, Michael H. Warfield wrote:
> Version 3 Integration of lxc-net service for rpm based platforms.
>
> Initial version is deprecated and obsoleted by this version.
>
> Version 2 was discussed in private E-Mail
>
> Patch is against current master.
>
> This includes some patches for the SUSE / OpenSUSE platforms.
>
> Regards,
> Mike
>
> --
> [v3] Integrated lxc-net service for rpm based platforms.
>
> This fixes build and run problems on rpm based platforms (CentOS,
> Fedora, Oracle, SUSE) running with the systemd init following the
> refactoring of the Ubuntu lxc networking logic into a systemd service.
>
> Added lxc-net.in based on src/lxc/lxc.net and lxc.in for sysvinit
> and systemd init systems in parallel with lxc.in.
>
> Added autoconfigure variable for distro specific sysconfigdir and
> implemented in both lxc.in and lxc-net.in.
>
> Fixed configure.ac for "OpenSUSE project" return from lsb_release.
>
> Renamed config/etc/default.conf.ubuntu to config/etc/default.conf.lxcbr
> and set that as the default for Ubuntu, Fedora, CentOS, Oracle, SUSE,
> and OpenSUSE*. Only other things left are "unknown".
>
> Updated lxc-net.service.in for new path to lxc-net script in
> LIBEXECDIR instead of DATADIR.
>
> Renamed config/init/sysvinit to config/init/common reflecting the
> fact that the code in that directory is common to all three init
> paradigms.
>
> Removed src/lxc/lxc.net as it has been replaced by
> config/init/common/lxc-net.in installed in /usr/libexec/lxc.
>
> Changed name of lxc-autostart-helper.in to lxc-containers.in
>
> Added the "lxc-net" sysvinit script for sysvinit rpm packaging
> (CentOS 6, Oracle 6, etc).
>
> Added autogeneration of /etc/sysconfig/lxc-net for rpm based
> distributions into the lxc.spec file.
>
> Added creation of lxc-dnsmasq system user.
>
> Fixed fallbacks for "action" init script verb and lock file
> locations.
>
> Fixed potentially uninitialized variable in lxc_user_nic.c which
> was causing builds to fail on CentOS and Oracle with warnings
> treated as errors.
>
> Fixed lxc.spec.in for several SUSE build gotcha's.
>
> Signed-off-by: Michael H. Warfield <mhw at WittsEnd.com>
> ---
> config/Makefile.am | 2 +-
> config/etc/Makefile.am | 2 +-
> config/etc/default.conf.ubuntu | 4 -
> config/init/Makefile.am | 2 +-
> config/init/systemd/Makefile.am | 14 +---
> config/init/systemd/lxc-net.service.in | 4 +-
> config/init/systemd/lxc.service.in | 4 +-
> config/init/sysvinit/Makefile.am | 14 ----
> config/init/sysvinit/lxc.in | 131 ---------------------------------
> config/init/upstart/lxc-net.conf | 4 +-
> configure.ac | 19 +++--
> lxc.spec.in | 110 ++++++++++++++++++++++++++-
> src/lxc/Makefile.am | 4 +-
> src/lxc/lxc.net | 103 --------------------------
> src/lxc/lxc_user_nic.c | 2 +-
> 15 files changed, 134 insertions(+), 285 deletions(-)
> delete mode 100644 config/etc/default.conf.ubuntu
> delete mode 100644 config/init/sysvinit/Makefile.am
> delete mode 100644 config/init/sysvinit/lxc.in
> delete mode 100755 src/lxc/lxc.net
>
> diff --git a/config/Makefile.am b/config/Makefile.am
> index 37fd24b..54f8859 100644
> --- a/config/Makefile.am
> +++ b/config/Makefile.am
> @@ -1 +1 @@
> -SUBDIRS = apparmor bash etc init selinux templates yum
> +SUBDIRS = apparmor bash etc init selinux templates yum sysconfig
> diff --git a/config/etc/Makefile.am b/config/etc/Makefile.am
> index 03193da..fa8bc2f 100644
> --- a/config/etc/Makefile.am
> +++ b/config/etc/Makefile.am
> @@ -1,7 +1,7 @@
> configdir = $(sysconfdir)/lxc
> config_DATA = default.conf
>
> -EXTRA_DIST = default.conf.ubuntu default.conf.libvirt default.conf.unknown
> +EXTRA_DIST = default.conf.lxcbr default.conf.libvirt default.conf.unknown
>
> clean-local:
> @$(RM) -f default.conf
> diff --git a/config/etc/default.conf.ubuntu b/config/etc/default.conf.ubuntu
> deleted file mode 100644
> index 661718b..0000000
> --- a/config/etc/default.conf.ubuntu
> +++ /dev/null
> @@ -1,4 +0,0 @@
> -lxc.network.type = veth
> -lxc.network.link = lxcbr0
> -lxc.network.flags = up
> -lxc.network.hwaddr = 00:16:3e:xx:xx:xx
> diff --git a/config/init/Makefile.am b/config/init/Makefile.am
> index e2ffe28..dea8e3f 100644
> --- a/config/init/Makefile.am
> +++ b/config/init/Makefile.am
> @@ -1 +1 @@
> -SUBDIRS = systemd sysvinit upstart
> +SUBDIRS = common systemd upstart
> diff --git a/config/init/systemd/Makefile.am b/config/init/systemd/Makefile.am
> index 5959cd8..6ded467 100644
> --- a/config/init/systemd/Makefile.am
> +++ b/config/init/systemd/Makefile.am
> @@ -6,17 +6,9 @@ EXTRA_DIST = \
> $(NULL)
>
> if INIT_SCRIPT_SYSTEMD
> -lxc-autostart-helper: ../sysvinit/lxc.in $(top_builddir)/config.status
> - $(AM_V_GEN)sed \
> - -e 's|[@]SYSCONFDIR[@]|$(sysconfdir)|g' \
> - -e 's|[@]LOCALSTATEDIR[@]|$(localstatedir)|g' \
> - -e 's|[@]BINDIR[@]|$(bindir)|g' \
> - < $< > $@-t && \
> - chmod a+x $@-t && \
> - mv $@-t $@
> -BUILT_SOURCES = lxc-autostart-helper lxc.service lxc-net.service
> +BUILT_SOURCES = lxc.service lxc-net.service
>
> -install-systemd: lxc.service lxc-net.service lxc-devsetup lxc-apparmor-load lxc-autostart-helper
> +install-systemd: lxc.service lxc-net.service lxc-devsetup lxc-apparmor-load
> $(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR)
> $(INSTALL_DATA) lxc.service lxc-net.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/
>
> @@ -25,7 +17,7 @@ uninstall-systemd:
> rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc-net.service
> rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || :
>
> -pkglibexec_SCRIPTS = lxc-devsetup lxc-apparmor-load lxc-autostart-helper
> +pkglibexec_SCRIPTS = lxc-devsetup lxc-apparmor-load
>
> install-data-local: install-systemd
> uninstall-local: uninstall-systemd
> diff --git a/config/init/systemd/lxc-net.service.in b/config/init/systemd/lxc-net.service.in
> index 37d1d69..c054702 100644
> --- a/config/init/systemd/lxc-net.service.in
> +++ b/config/init/systemd/lxc-net.service.in
> @@ -6,5 +6,5 @@ Before=lxc.service
> [Service]
> Type=oneshot
> RemainAfterExit=yes
> -ExecStart=@DATADIR@/lxc/lxc.net start
> -ExecStop=@DATADIR@/lxc/lxc.net stop
> +ExecStart=@LIBEXECDIR@/lxc/lxc-net start
> +ExecStop=@LIBEXECDIR@/lxc/lxc-net stop
> diff --git a/config/init/systemd/lxc.service.in b/config/init/systemd/lxc.service.in
> index f64610f..33da987 100644
> --- a/config/init/systemd/lxc.service.in
> +++ b/config/init/systemd/lxc.service.in
> @@ -8,8 +8,8 @@ Type=oneshot
> RemainAfterExit=yes
> ExecStartPre=@LIBEXECDIR@/lxc/lxc-devsetup
> ExecStartPre=@LIBEXECDIR@/lxc/lxc-apparmor-load
> -ExecStart=@LIBEXECDIR@/lxc/lxc-autostart-helper start
> -ExecStop=@LIBEXECDIR@/lxc/lxc-autostart-helper stop
> +ExecStart=@LIBEXECDIR@/lxc/lxc-containers start
> +ExecStop=@LIBEXECDIR@/lxc/lxc-containers stop
> # Environment=BOOTUP=serial
> # Environment=CONSOLETYPE=serial
> StandardOutput=syslog
> diff --git a/config/init/sysvinit/Makefile.am b/config/init/sysvinit/Makefile.am
> deleted file mode 100644
> index 66c190d..0000000
> --- a/config/init/sysvinit/Makefile.am
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -EXTRA_DIST = lxc
> -
> -if INIT_SCRIPT_SYSV
> -install-sysvinit: lxc
> - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/rc.d/init.d
> - $(INSTALL_SCRIPT) lxc $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
> -
> -uninstall-sysvinit:
> - rm -f $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
> - rmdir $(DESTDIR)$(sysconfdir)/rc.d/init.d || :
> -
> -install-data-local: install-sysvinit
> -uninstall-local: uninstall-sysvinit
> -endif
> diff --git a/config/init/sysvinit/lxc.in b/config/init/sysvinit/lxc.in
> deleted file mode 100644
> index 7cad8c8..0000000
> --- a/config/init/sysvinit/lxc.in
> +++ /dev/null
> @@ -1,131 +0,0 @@
> -#!/bin/sh
> -#
> -# lxc Start/Stop LXC autoboot containers
> -#
> -# chkconfig: 345 99 01
> -# description: Starts/Stops all LXC containers configured for autostart.
> -#
> -### BEGIN INIT INFO
> -# Provides: lxc
> -# Default-Start: 3 4 5
> -# Default-Stop: 0 1 6
> -# Short-Description: Bring up/down LXC autostart containers
> -# Description: Bring up/down LXC autostart containers
> -### END INIT INFO
> -
> -sysconfdir="@SYSCONFDIR@"
> -bindir="@BINDIR@"
> -localstatedir="@LOCALSTATEDIR@"
> -
> -# These can be overridden in @SYSCONFDIR@/sysconfig/lxc
> -
> -# BOOTGROUPS - What groups should start on bootup?
> -# Comma separated list of groups.
> -# Leading comma, trailing comma or embedded double
> -# comma indicates when the NULL group should be run.
> -# Example (default): boot the onboot group first then the NULL group
> -BOOTGROUPS="onboot,"
> -
> -# SHUTDOWNDELAY - Wait time for a container to shut down.
> -# ner shutdown can result in lengthy system
> -# shutdown times. Even 5 seconds per container can be
> -# too long.
> -SHUTDOWNDELAY=5
> -
> -# OPTIONS can be used for anything else.
> -# If you want to boot everything then
> -# options can be "-a" or "-a -A".
> -OPTIONS=
> -
> -# STOPOPTS are stop options. The can be used for anything else to stop.
> -# If you want to kill containers fast, use -k
> -STOPOPTS="-a -A -s"
> -
> -# Source function library.
> -test ! -r "$sysconfdir"/rc.d/init.d/functions ||
> - . "$sysconfdir"/rc.d/init.d/functions
> -
> -# provide action() fallback
> -if ! type action >/dev/null 2>&1; then
> - action() {
> - echo "$@"
> - }
> -fi
> -
> -# Source any configurable options
> -test ! -r "$sysconfdir"/sysconfig/lxc ||
> - . "$sysconfdir"/sysconfig/lxc
> -
> -# Check for needed utility program
> -[ -x "$bindir"/lxc-autostart ] || exit 1
> -
> -# If libvirtd is providing the bridge, it might not be
> -# immediately available, so wait a bit for it before starting
> -# up the containers or else any that use the bridge will fail
> -# to start
> -wait_for_bridge()
> -{
> - [ -f "$sysconfdir"/lxc/default.conf ] || { return 0; }
> -
> - which ifconfig >/dev/null 2>&1
> - if [ $? = 0 ]; then
> - cmd="ifconfig -a"
> - else
> - which ip >/dev/null 2>&1
> - if [ $? = 0 ]; then
> - cmd="ip link list"
> - fi
> - fi
> - [ -n cmd ] || { return 0; }
> -
> - BRNAME=`grep '^[ ]*lxc.network.link' "$sysconfdir"/lxc/default.conf | sed 's/^.*=[ ]*//'`
> - if [ -z "$BRNAME" ]; then
> - return 0
> - fi
> -
> - for try in `seq 1 30`; do
> - eval $cmd |grep "^$BRNAME" >/dev/null 2>&1
> - if [ $? = 0 ]; then
> - return
> - fi
> - sleep 1
> - done
> -}
> -
> -# See how we were called.
> -case "$1" in
> - start)
> - [ ! -f "$localstatedir"/lock/subsys/lxc ] || { exit 0; }
> -
> - if [ -n "$BOOTGROUPS" ]
> - then
> - BOOTGROUPS="-g $BOOTGROUPS"
> - fi
> -
> - # Start containers
> - wait_for_bridge
> - # Start autoboot containers first then the NULL group "onboot,".
> - action $"Starting LXC autoboot containers: " "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
> - touch "$localstatedir"/lock/subsys/lxc
> - ;;
> - stop)
> - if [ -n "$SHUTDOWNDELAY" ]
> - then
> - SHUTDOWNDELAY="-t $SHUTDOWNDELAY"
> - fi
> -
> - # The stop is serialized and can take excessive time. We need to avoid
> - # delaying the system shutdown / reboot as much as we can since it's not
> - # parallelized... Even 5 second timout may be too long.
> - action $"Stopping LXC containers: " "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
> - rm -f "$localstatedir"/lock/subsys/lxc
> - ;;
> - restart|reload|force-reload)
> - $0 stop
> - $0 start
> - ;;
> - *)
> - echo "Usage: $0 {start|stop|restart|reload|force-reload}"
> - exit 2
> -esac
> -exit $?
> diff --git a/config/init/upstart/lxc-net.conf b/config/init/upstart/lxc-net.conf
> index 38f6ea3..15460eb 100644
> --- a/config/init/upstart/lxc-net.conf
> +++ b/config/init/upstart/lxc-net.conf
> @@ -4,5 +4,5 @@ author "Serge Hallyn <serge.hallyn at canonical.com>"
> start on starting lxc
> stop on stopped lxc
>
> -pre-start exec /usr/share/lxc/lxc.net start
> -post-stop exec /usr/share/lxc/lxc.net stop
> +pre-start exec /usr/libexec/lxc/lxc-net start
> +post-stop exec /usr/libexec/lxc/lxc-net stop
> diff --git a/configure.ac b/configure.ac
> index 1a55521..5d5f974 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -60,13 +60,16 @@ if test "z$with_distro" = "z"; then
> fi
> case $with_distro in
> ubuntu|raspbian)
> - distroconf=default.conf.ubuntu
> + distroconf=default.conf.lxcbr
> + distrosysconf="$sysconfdir/default"
> ;;
> - redhat|centos|fedora|oracle|oracleserver)
> - distroconf=default.conf.libvirt
> + redhat|centos|fedora|oracle|oracleserver|suse|opensuse*)
> + distroconf=default.conf.lxcbr
> + distrosysconf="$sysconfdir/sysconfig"
> ;;
> *)
> distroconf=default.conf.unknown
> + distrosysconf="$sysconfdir/default"
> ;;
> esac
> AC_MSG_RESULT([$with_distro])
> @@ -84,7 +87,7 @@ AC_ARG_WITH([init-script],
> case "$with_init_script" in
> distro)
> case $with_distro in
> - fedora)
> + fedora|opensuse*)
> init_script=systemd
> ;;
> redhat|centos|oracle|oracleserver)
> @@ -520,6 +523,7 @@ AS_AC_EXPAND(LXCPATH, "$with_config_path")
> AS_AC_EXPAND(LXC_GLOBAL_CONF, "$with_global_conf")
> AS_AC_EXPAND(LXC_USERNIC_CONF, "$with_usernic_conf")
> AS_AC_EXPAND(LXC_USERNIC_DB, "$with_usernic_db")
> +AS_AC_EXPAND(LXC_DISTRO_SYSCONF, "$distrosysconf")
> AS_AC_EXPAND(LXCROOTFSMOUNT, "$with_rootfs_path")
> AS_AC_EXPAND(LXCTEMPLATEDIR, "$datadir/lxc/templates")
> AS_AC_EXPAND(LXCTEMPLATECONFIG, "$datadir/lxc/config")
> @@ -602,8 +606,9 @@ AC_CONFIG_FILES([
> config/bash/Makefile
> config/bash/lxc
> config/init/Makefile
> - config/init/sysvinit/Makefile
> - config/init/sysvinit/lxc
> + config/init/common/Makefile
> + config/init/common/lxc-containers
> + config/init/common/lxc-net
> config/init/systemd/Makefile
> config/init/systemd/lxc.service
> config/init/systemd/lxc-net.service
> @@ -636,6 +641,8 @@ AC_CONFIG_FILES([
> config/templates/ubuntu.userns.conf
> config/templates/userns.conf
> config/yum/Makefile
> + config/sysconfig/Makefile
> + config/sysconfig/lxc
>
> doc/Makefile
> doc/api/Makefile
> diff --git a/lxc.spec.in b/lxc.spec.in
> index 57912a1..52b6326 100644
> --- a/lxc.spec.in
> +++ b/lxc.spec.in
> @@ -28,7 +28,16 @@
> %if 0%{?fedora} >= 14 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1210
> %global with_systemd 1
> %define init_script systemd
> +#
> +# BuildRequires systemd-units on fedora and rhel
> +%if 0%{?fedora} >= 14 || 0%{?rhel} >= 7
> BuildRequires: systemd-units
> +#
> +# BuildRequires systemd on openSUSE and SUSE
> +%endif
> +%if 0%{?suse_version} >= 1210
> +BuildRequires: systemd
> +%endif
> %else
> %global with_systemd 0
> %define init_script sysvinit
> @@ -53,8 +62,25 @@ Summary: Linux Containers userspace tools
> Group: Applications/System
> License: LGPLv2+
> BuildRoot: %{_tmppath}/%{name}-%{version}-build
> -Requires: openssl rsync
> -BuildRequires: libcap libcap-devel docbook2X graphviz
> +Requires: openssl rsync dnsmasq
> +# Note for Suse. The "docbook2X" BuildRequires does properly
> +# match docbook2x on Suse in a case insensitive manner
> +BuildRequires: libcap libcap-devel docbook2X graphviz libxslt pkgconfig
> +
> +#
> +# Additional packages for openSUSE and SUSE
> +#
> +%if 0%{?suse_version} >= 1210
> +PreReq: permissions
> +BuildRequires: libapparmor-devel linux-glibc-devel lsb-release docbook-utils
> +
> +#
> +# libseccomp-devel only needed on i386/i586/i686 and X86_64
> +#
> +%ifarch %ix86 x86_64
> +BuildRequires: libseccomp-devel
> +%endif
> +%endif
>
> %if %{with_python}
> Requires: python3
> @@ -105,6 +131,9 @@ PATH=$PATH:/usr/sbin:/sbin %configure $args \
> %if %{with_python}
> --enable-python \
> %endif
> +%if "x%{_unitdir}" != "x"
> + --with-systemdsystemunitdir=%{_unitdir} \
> +%endif
> --disable-rpath \
> --with-init-script=%{init_script}
> make %{?_smp_mflags}
> @@ -117,28 +146,102 @@ find %{buildroot} -type f -name '*.la' -exec rm -f {} ';'
> %clean
> rm -rf %{buildroot}
>
> +%pre
> +# Ensure that lxcdnsmasq uid & gid gets correctly allocated
> +if getent passwd lxc-dnsmasq >/dev/null 2>&1 ; then : ; else \
> + /usr/sbin/useradd -M -r -s /sbin/nologin \
> + -c "LXC Networking Service" -d %_localstatedir/%name lxc-dnsmasq 2> /dev/null \
> + || exit 1
> +fi
> +
> %post
> +# This test should trigger a network configure on a new install.
> +if [ ! -f %{_sysconfdir}/sysconfig/lxc-net ] || ! grep -q 'USE_LXC_BRIDGE=' %{_sysconfdir}/sysconfig/lxc-net
> +then
> + # Grab a random 10net subnet. Need to add test logic...
> + while [ true ]
> + do
> + SUBNET=10.$(($RANDOM % 256)).$(($RANDOM % 256))
> + if ! ip -4 route ls | grep -q "^$SUBNET"
> + then
> + break
> + fi
> + done
> +
> + cat > %{_sysconfdir}/sysconfig/lxc-net <<EOF
> +# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your
> +# containers. Set to "false" if you'll use virbr0 or another existing
> +# bridge, or mavlan to your host's NIC.
> +USE_LXC_BRIDGE="true"
> +
> +# If you change the LXC_BRIDGE to something other than lxcbr0, then
> +# you will also need to update your /etc/lxc/default.conf as well as the
> +# configuration (/var/lib/lxc/<container>/config) for any containers
> +# already created using the default config to reflect the new bridge
> +# name.
> +# If you have the dnsmasq daemon installed, you'll also have to update
> +# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon.
> +LXC_BRIDGE="lxcbr0"
> +LXC_ADDR="$SUBNET.1"
> +LXC_NETMASK="255.255.255.0"
> +LXC_NETWORK="$SUBNET.0/24"
> +LXC_DHCP_RANGE="$SUBNET.2,$SUBNET.254"
> +LXC_DHCP_MAX="253"
> +# Uncomment the next line if you'd like to use a conf-file for the lxcbr0
> +# dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have
> +# container 'mail1' always get ip address 10.0.3.100.
> +#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
> +
> +# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc
> +# domain. You can then add "server=/lxc/10.0.3.1' (or your actual $LXC_ADDR)
> +# to /etc/dnsmasq.conf, after which 'container1.lxc' will resolve on your
> +# host.
> +#LXC_DOMAIN="lxc"
> +EOF
> +fi
> +
> %post libs -p /sbin/ldconfig
> %postun libs -p /sbin/ldconfig
>
> %files
> %defattr(-,root,root)
> %{_bindir}/*
> +# openSUSE/SUSE
> +%if 0%{?suse_version} >= 1210
> +%dir %{_sysconfdir}/apparmor.d
> +%dir %{_sysconfdir}/apparmor.d/abstractions
> +%dir %{_sysconfdir}/apparmor.d/abstractions/%{name}
> +%config %{_sysconfdir}/apparmor.d/abstractions/%{name}/container-base
> +%config %{_sysconfdir}/apparmor.d/abstractions/%{name}/start-container
> +%config %{_sysconfdir}/apparmor.d/%{name}-containers
> +%dir %{_sysconfdir}/apparmor.d/%{name}
> +%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default
> +%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default-with-mounting
> +%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default-with-nesting
> +%config %{_sysconfdir}/apparmor.d/usr.bin.%{name}-start
> +%endif
> %{_mandir}/man1/lxc*
> %{_mandir}/man5/lxc*
> %{_mandir}/man7/lxc*
> +# not openSUSE/SUSE
> +%if %{undefined suse_version}
> %{_mandir}/ja/man1/lxc*
> %{_mandir}/ja/man5/lxc*
> %{_mandir}/ja/man7/lxc*
> +%endif
> %{_datadir}/doc/*
> %{_datadir}/lxc/*
> %{_sysconfdir}/bash_completion.d
> +%{_sysconfdir}/sysconfig/*
> %config(noreplace) %{_sysconfdir}/lxc/*
> +%config(noreplace) %{_sysconfdir}/sysconfig/*
>
> %if %{with_systemd}
> +%{_unitdir}/lxc-net.service
> %{_unitdir}/lxc.service
> %else
> %{_sysconfdir}/rc.d/init.d/lxc
> +%{_sysconfdir}/rc.d/init.d/lxc-net
> %endif
>
> %files libs
> @@ -154,7 +257,8 @@ rm -rf %{buildroot}
> %attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
> %if %{with_systemd}
> %attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
> -%attr(555,root,root) %{_libexecdir}/%{name}/lxc-autostart-helper
> +%attr(555,root,root) %{_libexecdir}/%{name}/lxc-net
> +%attr(555,root,root) %{_libexecdir}/%{name}/lxc-containers
> %endif
>
> %if %{with_python}
> diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
> index c1a67d6..6543164 100644
> --- a/src/lxc/Makefile.am
> +++ b/src/lxc/Makefile.am
> @@ -165,8 +165,7 @@ bin_SCRIPTS = lxc-checkconfig
> EXTRA_DIST = \
> lxc-device \
> lxc-ls \
> - lxc-top \
> - lxc.net
> + lxc-top
>
> if ENABLE_PYTHON
> bin_SCRIPTS += lxc-device
> @@ -253,7 +252,6 @@ endif
> install-exec-local: install-soPROGRAMS
> mkdir -p $(DESTDIR)$(datadir)/lxc
> install -c -m 644 lxc.functions $(DESTDIR)$(datadir)/lxc
> - install -c -m 755 lxc.net $(DESTDIR)$(datadir)/lxc
> mv $(DESTDIR)$(libdir)/liblxc.so $(DESTDIR)$(libdir)/liblxc.so.$(VERSION)
> cd $(DESTDIR)$(libdir); \
> ln -sf liblxc.so.$(VERSION) liblxc.so.$(firstword $(subst ., ,$(VERSION))); \
> diff --git a/src/lxc/lxc.net b/src/lxc/lxc.net
> deleted file mode 100755
> index 9ec9695..0000000
> --- a/src/lxc/lxc.net
> +++ /dev/null
> @@ -1,103 +0,0 @@
> -#!/bin/sh
> -set -eu
> -
> -USE_LXC_BRIDGE="true"
> -LXC_BRIDGE="lxcbr0"
> -LXC_ADDR="10.0.3.1"
> -LXC_NETMASK="255.255.255.0"
> -LXC_NETWORK="10.0.3.0/24"
> -LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
> -LXC_DHCP_MAX="253"
> -LXC_DHCP_CONFILE=""
> -varrun="/run/lxc"
> -LXC_DOMAIN=""
> -
> -start() {
> - [ -f /etc/default/lxc ] && . /etc/default/lxc
> -
> - [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { stop; exit 0; }
> -
> - use_iptables_lock="-w"
> - iptables -w -L -n > /dev/null 2>&1 || use_iptables_lock=""
> - cleanup() {
> - # dnsmasq failed to start, clean up the bridge
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -D FORWARD -i ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -D FORWARD -o ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -t nat -D POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true
> - iptables $use_iptables_lock -t mangle -D POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
> - ifconfig ${LXC_BRIDGE} down || true
> - brctl delbr ${LXC_BRIDGE} || true
> - }
> -
> - if [ -d /sys/class/net/${LXC_BRIDGE} ]; then
> - if [ ! -f ${varrun}/network_up ]; then
> - # bridge exists, but we didn't start it
> - stop;
> - fi
> - exit 0;
> - fi
> -
> - # set up the lxc network
> - brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in kernel"; stop; exit 0; }
> - echo 1 > /proc/sys/net/ipv4/ip_forward
> - mkdir -p ${varrun}
> - ifconfig ${LXC_BRIDGE} ${LXC_ADDR} netmask ${LXC_NETMASK} up
> - iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -I FORWARD -i ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -I FORWARD -o ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -t nat -A POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE
> - iptables $use_iptables_lock -t mangle -A POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
> -
> - LXC_DOMAIN_ARG=""
> - if [ -n "$LXC_DOMAIN" ]; then
> - LXC_DOMAIN_ARG="-s $LXC_DOMAIN -S /$LXC_DOMAIN/"
> - fi
> - DNSMASQ_USER="lxc-dnsmasq"
> - if ! getent passwd ${DNSMASQ_USER} >/dev/null; then
> - DNSMASQ_USER="dnsmasq"
> - fi
> - dnsmasq $LXC_DOMAIN_ARG -u ${DNSMASQ_USER} --strict-order --bind-interfaces --pid-file=${varrun}/dnsmasq.pid --conf-file=${LXC_DHCP_CONFILE} --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override --except-interface=lo --interface=${LXC_BRIDGE} --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases --dhcp-authoritative || cleanup
> - touch ${varrun}/network_up
> -}
> -
> -stop() {
> - [ -f /etc/default/lxc ] && . /etc/default/lxc
> - [ -f "${varrun}/network_up" ] || exit 0;
> - # if $LXC_BRIDGE has attached interfaces, don't shut it down
> - ls /sys/class/net/${LXC_BRIDGE}/brif/* > /dev/null 2>&1 && exit 0;
> -
> - if [ -d /sys/class/net/${LXC_BRIDGE} ]; then
> - use_iptables_lock="-w"
> - iptables -w -L -n > /dev/null 2>&1 || use_iptables_lock=""
> - ifconfig ${LXC_BRIDGE} down
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
> - iptables $use_iptables_lock -D FORWARD -i ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -D FORWARD -o ${LXC_BRIDGE} -j ACCEPT
> - iptables $use_iptables_lock -t nat -D POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true
> - iptables $use_iptables_lock -t mangle -D POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
> - pid=`cat ${varrun}/dnsmasq.pid 2>/dev/null` && kill -9 $pid || true
> - rm -f ${varrun}/dnsmasq.pid
> - brctl delbr ${LXC_BRIDGE}
> - fi
> - rm -f ${varrun}/network_up
> -}
> -
> -if [ "$1" = start ]; then
> - start
> -elif [ "$1" = stop ]; then
> - stop
> -else
> - echo "Usage: $0 start|stop" >&2
> - exit 1
> -fi
> -
> diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
> index 145a35d..7a87503 100644
> --- a/src/lxc/lxc_user_nic.c
> +++ b/src/lxc/lxc_user_nic.c
> @@ -475,7 +475,7 @@ again:
> static int rename_in_ns(int pid, char *oldname, char **newnamep)
> {
> char nspath[MAXPATHLEN];
> - int fd = -1, ofd = -1, ret, ifindex;
> + int fd = -1, ofd = -1, ret, ifindex = 0;
> bool grab_newname = false;
>
> ret = snprintf(nspath, MAXPATHLEN, "/proc/%d/ns/net", getpid());
> --
> 1.9.3
>
>
> --
> Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140825/1f34a06d/attachment.sig>
More information about the lxc-devel
mailing list