[lxc-devel] [PATCH] [backport to stable] lxc-oracle: fix warnings/errors from some rpm scriptlets
Stéphane Graber
stgraber at ubuntu.com
Thu May 1 14:39:42 UTC 2014
On Thu, May 01, 2014 at 10:33:48AM -0400, Dwight Engen wrote:
> - Some scriptlets expect fstab to exist so create it before doing the
> yum install
>
> - Set the rootfs selinux label same as the hosts or else the PREIN script
> from initscripts will fail when running groupadd utmp, which prevents
> creation of OL4.x containers on hosts > OL6.x.
>
> - Move creation of devices into a separate function
>
> Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Thanks, pushed!
> ---
> templates/lxc-oracle.in | 87 ++++++++++++++++++++++++++-----------------------
> 1 file changed, 47 insertions(+), 40 deletions(-)
>
> diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
> index e88309e..37bb7ac 100644
> --- a/templates/lxc-oracle.in
> +++ b/templates/lxc-oracle.in
> @@ -306,10 +306,6 @@ EOF
> # this file has to exist for libvirt/Virtual machine monitor to boot the container
> touch $container_rootfs/etc/mtab
>
> - # don't put devpts,proc, nor sysfs in here, it will already be mounted for us by lxc/libvirt
> - cat <<EOF > $container_rootfs/etc/fstab
> -EOF
> -
> # sem_open(3) checks that /dev/shm is SHMFS_SUPER_MAGIC, so make sure to mount /dev/shm (normally done by dracut initrd) as tmpfs
> if [ $container_release_major = "4" -o $container_release_major = "5" ]; then
> echo "mount -t tmpfs tmpfs /dev/shm" >>$container_rootfs/etc/rc.sysinit
> @@ -386,42 +382,6 @@ exec init 0
> EOF
> fi
>
> - # create required devices. note that /dev/console will be created by lxc
> - # or libvirt itself to be a symlink to the right pty.
> - # take care to not nuke /dev in case $container_rootfs isn't set
> - dev_path="$container_rootfs/dev"
> - if [ $container_rootfs != "/" -a -d $dev_path ]; then
> - rm -rf $dev_path
> - mkdir -p $dev_path
> - if can_chcon; then
> - # ensure symlinks created in /dev have the right context
> - chcon -t device_t $dev_path
> - fi
> - fi
> - mknod -m 666 $dev_path/null c 1 3
> - mknod -m 666 $dev_path/zero c 1 5
> - mknod -m 666 $dev_path/random c 1 8
> - mknod -m 666 $dev_path/urandom c 1 9
> - mkdir -m 755 $dev_path/pts
> - mkdir -m 1777 $dev_path/shm
> - mknod -m 666 $dev_path/tty c 5 0
> - mknod -m 666 $dev_path/tty0 c 4 0
> - mknod -m 666 $dev_path/tty1 c 4 1
> - mknod -m 666 $dev_path/tty2 c 4 2
> - mknod -m 666 $dev_path/tty3 c 4 3
> - mknod -m 666 $dev_path/tty4 c 4 4
> - mknod -m 666 $dev_path/full c 1 7
> - mknod -m 600 $dev_path/initctl p
> -
> - # set selinux labels same as host
> - if can_chcon; then
> - for node in null zero random urandom pts shm \
> - tty tty0 tty1 tty2 tty3 tty4 full ;
> - do
> - chcon --reference /dev/$node $dev_path/$node 2>/dev/null
> - done
> - fi
> -
> # start with a clean /var/log/messages
> rm -f $container_rootfs/var/log/messages
>
> @@ -492,8 +452,50 @@ container_rootfs_clone()
> fi
> }
>
> +container_rootfs_dev_create()
> +{
> + # create required devices. note that /dev/console will be created by lxc
> + # or libvirt itself to be a symlink to the right pty.
> + # take care to not nuke /dev in case $container_rootfs isn't set
> + dev_path="$container_rootfs/dev"
> + if [ $container_rootfs != "/" -a -d $dev_path ]; then
> + rm -rf $dev_path
> + fi
> + mkdir -p $dev_path
> + if can_chcon; then
> + # ensure symlinks created in /dev have the right context
> + chcon -t device_t $dev_path
> + fi
> + mknod -m 666 $dev_path/null c 1 3
> + mknod -m 666 $dev_path/zero c 1 5
> + mknod -m 666 $dev_path/random c 1 8
> + mknod -m 666 $dev_path/urandom c 1 9
> + mkdir -m 755 $dev_path/pts
> + mkdir -m 1777 $dev_path/shm
> + mknod -m 666 $dev_path/tty c 5 0
> + mknod -m 666 $dev_path/tty1 c 4 1
> + mknod -m 666 $dev_path/tty2 c 4 2
> + mknod -m 666 $dev_path/tty3 c 4 3
> + mknod -m 666 $dev_path/tty4 c 4 4
> + mknod -m 666 $dev_path/full c 1 7
> + mknod -m 600 $dev_path/initctl p
> +
> + # set selinux labels same as host
> + if can_chcon; then
> + for node in null zero random urandom pts shm \
> + tty tty0 tty1 tty2 tty3 tty4 full ;
> + do
> + chcon --reference /dev/$node $dev_path/$node 2>/dev/null
> + done
> + fi
> +}
> +
> container_rootfs_create()
> {
> + if can_chcon; then
> + chcon --reference / $container_rootfs 2>/dev/null
> + fi
> +
> cmds="rpm wget yum"
> if [ $container_release_major -lt "6" ]; then
> if [ $host_distribution = "Ubuntu" -o $host_distribution = "Debian" ]; then
> @@ -581,6 +583,11 @@ container_rootfs_create()
> sed -i "s|enabled=1|enabled=0|" $container_rootfs/etc/yum.repos.d/$repofile
> sed -i "/\[$repo\]/,/\[/ s/enabled=0/enabled=1/" $container_rootfs/etc/yum.repos.d/$repofile
>
> + container_rootfs_dev_create
> +
> + # don't put devpts,proc, nor sysfs in here, it will already be mounted for us by lxc/libvirt
> + echo "" >$container_rootfs/etc/fstab
> +
> # create rpm db, download and yum install minimal packages
> mkdir -p $container_rootfs/var/lib/rpm
> rpm --root $container_rootfs --initdb
> --
> 1.9.0
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140501/5517c2a1/attachment.sig>
More information about the lxc-devel
mailing list