[lxc-devel] [PATCH] lxc-plamo: change redirection of fd and improve option parsing
TAMUKI Shoichi
tamuki at linet.gr.jp
Wed Feb 5 08:31:01 UTC 2014
Signed-off-by: TAMUKI Shoichi <tamuki at linet.gr.jp>
---
templates/lxc-plamo.in | 71 +++++++++++++++++++++++++++++++-------------------
1 file changed, 44 insertions(+), 27 deletions(-)
diff --git a/templates/lxc-plamo.in b/templates/lxc-plamo.in
index e9f681e..311067f 100644
--- a/templates/lxc-plamo.in
+++ b/templates/lxc-plamo.in
@@ -28,15 +28,6 @@
# ref. https://github.com/Ponce/lxc-slackware/blob/master/lxc-slackware
# lxc-ubuntu script
-# Detect use under userns (unsupported)
-for arg in $*; do
- if [ "$arg" == "--mapped-uid" ]; then
- echo "This template can't be used for unprivileged containers." 1>&2
- echo "You may want to try the \"download\" template instead." 1>&2
- exit 1
- fi
-done
-
[ -r /etc/default/lxc ] && . /etc/default/lxc
DLSCHEME=${DLSCHEME:-"http"}
@@ -108,7 +99,7 @@ copy_plamo() {
install_plamo() {
mkdir -p @LOCALSTATEDIR@/lock/subsys
(
- if ! flock -n 200 ; then
+ if ! flock -n 9 ; then
echo "Cache repository is busy."
return 1
fi
@@ -139,7 +130,7 @@ install_plamo() {
return 1
fi
return 0
- ) 200> @LOCALSTATEDIR@/lock/subsys/lxc-plamo
+ ) 9> @LOCALSTATEDIR@/lock/subsys/lxc-plamo
}
configure_plamo() {
@@ -281,7 +272,7 @@ cleanup() {
[ -d $dlcache -a -d $rtcache ] || return 0
# lock, so we won't purge while someone is creating a repository
(
- if ! flock -n 200 ; then
+ if ! flock -n 9 ; then
echo "Cache repository is busy."
return 1
fi
@@ -289,17 +280,17 @@ cleanup() {
rm -rf --one-file-system $dlcache $rtcache || return 1
echo "Done."
return 0
- ) 200> @LOCALSTATEDIR@/lock/subsys/lxc-plamo
+ ) 9> @LOCALSTATEDIR@/lock/subsys/lxc-plamo
}
usage() {
cat <<- EOF
$prog [-h|--help] -p|--path=<path> -n|--name=<name> --rootfs=<rootfs>
- [--clean] [-r|--release=<release>] [-b|--bindhome=<user>]
- [-a|--arch=<arch>]
+ [--clean] [-r|--release=<release>] [-a|--arch=<arch>]
+ [-b|--bindhome=<user>]
release: $release
- bindhome: bind <user>'s home into the container
arch: x86 or x86_64: defaults to host arch
+ bindhome: bind <user>'s home into the container
EOF
}
@@ -307,10 +298,12 @@ prog=`basename $0`
path="" ; name="" ; rootfs=""
clean=0
release=${release:-5.x}
-bindhome=""
arch=`uname -m | sed 's/i.86/x86/'` ; hostarch=$arch
-sopts=hp:n:cr:b:a:
-lopts=help,path:,name:,rootfs:,clean,release:,bindhome:,arch:
+mapped_uid=-1 ; mapped_gid=-1
+bindhome=""
+sopts=hp:n:cr:a:b:
+lopts=help,path:,name:,rootfs:,clean,release:,arch:,mapped-uid:,mapped-gid:
+lopts=$lopts,bindhome:
if ! options=`getopt -o $sopts -l $lopts -- "$@"` ; then
usage
exit 1
@@ -318,14 +311,26 @@ fi
eval set -- "$options"
while true ; do
case "$1" in
- -h|--help) usage && exit 0 ;;
- -p|--path) path=$2 ; shift 2 ;;
- -n|--name) name=$2 ; shift 2 ;;
- --rootfs) rootfs=$2 ; shift 2 ;;
- -c|--clean) clean=1 ; shift 1 ;;
- -r|--release) release=$2 ; shift 2 ;;
- -b|--bindhome) bindhome=$2 ; shift 2 ;;
- -a|--arch) arch=$2 ; shift 2 ;;
+ # --help
+ -h|--h*) usage && exit 0 ;;
+ # --path
+ -p|--p*) path=$2 ; shift 2 ;;
+ # --name
+ -n|--n*) name=$2 ; shift 2 ;;
+ # --rootfs
+ --ro*) rootfs=$2 ; shift 2 ;;
+ # --clean
+ -c|--c*) clean=1 ; shift 1 ;;
+ # --release
+ -r|--re*) release=$2 ; shift 2 ;;
+ # --arch
+ -a|--a*) arch=$2 ; shift 2 ;;
+ # --mapped-uid
+ --mapped-u*) mapped_uid=$2 ; shift 2 ;;
+ # --mapped-gid
+ --mapped-g*) mapped_gid=$2 ; shift 2 ;;
+ # --bindhome
+ -b|--b*) bindhome=$2 ; shift 2 ;;
--) shift 1 ; break ;;
*) break ;;
esac
@@ -346,6 +351,18 @@ if [ -z "$name" ] ; then
echo "'name' parameter is required."
exit 1
fi
+# detect use under userns (unsupported)
+if [ $mapped_uid -ne -1 ] ; then
+ echo "This template can't be used for unprivileged containers."
+ echo "You may want to try the 'download' template instead."
+ exit 1
+fi
+# detect use under userns (unsupported)
+if [ $mapped_gid -ne -1 ] ; then
+ echo "This template can't be used for unprivileged containers."
+ echo "You may want to try the 'download' template instead."
+ exit 1
+fi
if [ `id -u` -ne 0 ] ; then
echo "This script should be run as 'root'."
exit 1
--
1.8.4.4
More information about the lxc-devel
mailing list