[lxc-devel] [PATCH v2 on top of Rework init scripts] fixups to init script rework
Dwight Engen
dwight.engen at oracle.com
Fri Sep 26 19:21:51 UTC 2014
- move action() from common to sysvinit wrapper since its only really
applicable for sysvinit and not the other init systems
- fix bug in action() fallback, need to shift away msg before executing action
- make lxc-net 98 so it starts before lxc-container (99), otherwise the lxcbr0
won't be available when containers are autostarted
- make the default RUNTIME_PATH be /var/run instead of /run. On older
distros (like ol6.5) /run doesn't exist. lxc-net will create this directory
and attempt to create the dnsmasq.pid file in it, but this will fail when
SELinux is enabled because the directory will have the default_t type.
Newer systems have /var/run symlinked to /run so you get to the same place
in that case.
- add %postun to remove lxc-dnsmasq user when pkgs are removed
- fix bug in lxc-oracle template that was creating /var/lock/subsys/lxc as
a dir and interfering with the init scripts
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
---
v2:
- move action() from common to sysvinit wrapper
- set runtime_path for distro's that don't have /run
- add bridge-utils, libcgroup to Requires
.gitignore | 7 ++++++-
config/init/common/lxc-containers.in | 17 ++---------------
config/init/sysvinit/Makefile.am | 4 ++--
config/init/sysvinit/lxc-containers.in | 20 ++++++++++++++++++--
config/init/sysvinit/lxc-net.in | 22 +++++++++++++++++++---
lxc.spec.in | 19 +++++++++++++++++--
templates/lxc-oracle.in | 2 +-
7 files changed, 65 insertions(+), 26 deletions(-)
diff --git a/.gitignore b/.gitignore
index 0b6ec69..bd96fa4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -113,10 +113,15 @@ config/missing
config/libtool.m4
config/lt*.m4
config/bash/lxc
+config/init/common/lxc-containers
+config/init/common/lxc-net
config/init/systemd/lxc-autostart-helper
-config/init/systemd/lxc.service
config/init/systemd/lxc-net.service
+config/init/systemd/lxc.service
config/init/sysvinit/lxc
+config/init/sysvinit/lxc-containers
+config/init/sysvinit/lxc-net
+config/sysconfig/lxc
doc/*.1
doc/*.5
diff --git a/config/init/common/lxc-containers.in b/config/init/common/lxc-containers.in
index 9d1d604..31a2b87 100644
--- a/config/init/common/lxc-containers.in
+++ b/config/init/common/lxc-containers.in
@@ -32,19 +32,6 @@ OPTIONS=
# If you want to kill containers fast, use -k
STOPOPTS="-a -A -s"
-# Source function library.
-test ! -r "$sysconfdir"/rc.d/init.d/functions ||
- . "$sysconfdir"/rc.d/init.d/functions
-
-# provide action() fallback
-if ! type action >/dev/null 2>&1; then
- # Real basic fallback for sysvinit "action" verbage.
- action() {
- echo -n "$1 "
- "$@" && echo "OK" || echo "Failed"
- }
-fi
-
if [ -d "$localstatedir"/lock/subsys ]
then
lockdir="$localstatedir"/lock/subsys
@@ -106,7 +93,7 @@ case "$1" in
wait_for_bridge
# Start autoboot containers first then the NULL group "onboot,".
- action $"Starting LXC autoboot containers: " "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
+ "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
touch "$lockdir"/lxc
;;
@@ -118,7 +105,7 @@ case "$1" in
# The stop is serialized and can take excessive time. We need to avoid
# delaying the system shutdown / reboot as much as we can since it's not
# parallelized... Even 5 second timout may be too long.
- action $"Stopping LXC containers: " "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
+ "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
rm -f "$lockdir"/lxc
;;
diff --git a/config/init/sysvinit/Makefile.am b/config/init/sysvinit/Makefile.am
index d166400..e8b9f4f 100644
--- a/config/init/sysvinit/Makefile.am
+++ b/config/init/sysvinit/Makefile.am
@@ -5,9 +5,9 @@ if INIT_SCRIPT_SYSV
# directly to the rc directory under the appropriate name.
if HAVE_DEBIAN
- initdir = "init.d"
+initdir = "init.d"
else
- initdir = "rc.d/init.d"
+initdir = "rc.d/init.d"
endif
install-sysvinit: lxc-containers lxc-net
diff --git a/config/init/sysvinit/lxc-containers.in b/config/init/sysvinit/lxc-containers.in
index 9d92115..bc93322 100644
--- a/config/init/sysvinit/lxc-containers.in
+++ b/config/init/sysvinit/lxc-containers.in
@@ -13,12 +13,28 @@
# Description: Bring up/down LXC autostart containers
### END INIT INFO
+sysconfdir="@SYSCONFDIR@"
+
+# Source function library.
+test ! -r "$sysconfdir"/rc.d/init.d/functions ||
+ . "$sysconfdir"/rc.d/init.d/functions
+
+# provide action() fallback
+if ! type action >/dev/null 2>&1; then
+ # Real basic fallback for sysvinit "action" verbage.
+ action() {
+ echo -n "$1 "
+ shift
+ "$@" && echo "OK" || echo "Failed"
+ }
+fi
+
start() {
- @LIBEXECDIR@/lxc/lxc-containers start
+ action $"Starting LXC autoboot containers: " @LIBEXECDIR@/lxc/lxc-containers start
}
stop() {
- @LIBEXECDIR@/lxc/lxc-containers stop
+ action $"Stopping LXC containers: " @LIBEXECDIR@/lxc/lxc-containers stop
}
# See how we were called.
diff --git a/config/init/sysvinit/lxc-net.in b/config/init/sysvinit/lxc-net.in
index 6e22505..f6892c1 100644
--- a/config/init/sysvinit/lxc-net.in
+++ b/config/init/sysvinit/lxc-net.in
@@ -2,7 +2,7 @@
#
# lxc-net Start/Stop LXC Networking
#
-# chkconfig: 345 99 01
+# chkconfig: 345 98 01
# description: Starts/Stops LXC Network Bridge
#
### BEGIN INIT INFO
@@ -13,12 +13,28 @@
# Description: Bring up/down LXC Network Bridge
### END INIT INFO
+sysconfdir="@SYSCONFDIR@"
+
+# Source function library.
+test ! -r "$sysconfdir"/rc.d/init.d/functions ||
+ . "$sysconfdir"/rc.d/init.d/functions
+
+# provide action() fallback
+if ! type action >/dev/null 2>&1; then
+ # Real basic fallback for sysvinit "action" verbage.
+ action() {
+ echo -n "$1 "
+ shift
+ "$@" && echo "OK" || echo "Failed"
+ }
+fi
+
start() {
- @LIBEXECDIR@/lxc/lxc-net start
+ action $"Starting LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net start
}
stop() {
- @LIBEXECDIR@/lxc/lxc-net stop
+ action $"Stopping LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net stop
}
# See how we were called.
diff --git a/lxc.spec.in b/lxc.spec.in
index 52b6326..fbef674 100644
--- a/lxc.spec.in
+++ b/lxc.spec.in
@@ -43,6 +43,12 @@ BuildRequires: systemd
%define init_script sysvinit
%endif
+# Must use /var/run for runtime_path on older releases or dnsmasq in the
+# lxc-net script will not be able to write its pid in /run (selinux denial)
+%if 0%{?fedora} < 15 || 0%{?rhel} < 7
+%define _with_runtime_path --with-runtime-path=/var/run
+%endif
+
# RPM needs alpha/beta/rc in Release: not Version: to ensure smooth
# package upgrades from alpha->beta->rc->release. For more info see:
# http://fedoraproject.org/wiki/Packaging%3aNamingGuidelines#NonNumericRelease
@@ -62,7 +68,12 @@ Summary: Linux Containers userspace tools
Group: Applications/System
License: LGPLv2+
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Requires: openssl rsync dnsmasq
+Requires: openssl rsync dnsmasq bridge-utils
+Requires(pre): /usr/sbin/useradd
+Requires(postun): /usr/sbin/userdel
+%if 0%{?fedora} < 15 || 0%{?rhel} < 7
+Requires: libcgroup
+%endif
# Note for Suse. The "docbook2X" BuildRequires does properly
# match docbook2x on Suse in a case insensitive manner
BuildRequires: libcap libcap-devel docbook2X graphviz libxslt pkgconfig
@@ -134,6 +145,7 @@ PATH=$PATH:/usr/sbin:/sbin %configure $args \
%if "x%{_unitdir}" != "x"
--with-systemdsystemunitdir=%{_unitdir} \
%endif
+ %{?_with_runtime_path} \
--disable-rpath \
--with-init-script=%{init_script}
make %{?_smp_mflags}
@@ -147,7 +159,7 @@ find %{buildroot} -type f -name '*.la' -exec rm -f {} ';'
rm -rf %{buildroot}
%pre
-# Ensure that lxcdnsmasq uid & gid gets correctly allocated
+# Ensure that lxc-dnsmasq uid & gid gets correctly allocated
if getent passwd lxc-dnsmasq >/dev/null 2>&1 ; then : ; else \
/usr/sbin/useradd -M -r -s /sbin/nologin \
-c "LXC Networking Service" -d %_localstatedir/%name lxc-dnsmasq 2> /dev/null \
@@ -200,6 +212,9 @@ LXC_DHCP_MAX="253"
EOF
fi
+%postun
+/usr/sbin/userdel lxc-dnsmasq > /dev/null 2>&1 || :
+
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
index 830ce5c..1f65d4c 100644
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@@ -598,7 +598,7 @@ container_rootfs_create()
fi
done
- mkdir -p @LOCALSTATEDIR@/lock/subsys/lxc
+ mkdir -p @LOCALSTATEDIR@/lock/subsys
(
flock -x 9
if [ $? -ne 0 ]; then
--
1.7.1
More information about the lxc-devel
mailing list