[lxc-devel] [PATCH v2 on top of Rework init scripts] fixups to init script rework
Stéphane Graber
stgraber at ubuntu.com
Mon Sep 29 16:15:28 UTC 2014
On Fri, Sep 26, 2014 at 03:21:51PM -0400, Dwight Engen wrote:
> - move action() from common to sysvinit wrapper since its only really
> applicable for sysvinit and not the other init systems
>
> - fix bug in action() fallback, need to shift away msg before executing action
>
> - make lxc-net 98 so it starts before lxc-container (99), otherwise the lxcbr0
> won't be available when containers are autostarted
>
> - make the default RUNTIME_PATH be /var/run instead of /run. On older
> distros (like ol6.5) /run doesn't exist. lxc-net will create this directory
> and attempt to create the dnsmasq.pid file in it, but this will fail when
> SELinux is enabled because the directory will have the default_t type.
> Newer systems have /var/run symlinked to /run so you get to the same place
> in that case.
>
> - add %postun to remove lxc-dnsmasq user when pkgs are removed
>
> - fix bug in lxc-oracle template that was creating /var/lock/subsys/lxc as
> a dir and interfering with the init scripts
>
> Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
> ---
> v2:
> - move action() from common to sysvinit wrapper
> - set runtime_path for distro's that don't have /run
> - add bridge-utils, libcgroup to Requires
>
> .gitignore | 7 ++++++-
> config/init/common/lxc-containers.in | 17 ++---------------
> config/init/sysvinit/Makefile.am | 4 ++--
> config/init/sysvinit/lxc-containers.in | 20 ++++++++++++++++++--
> config/init/sysvinit/lxc-net.in | 22 +++++++++++++++++++---
> lxc.spec.in | 19 +++++++++++++++++--
> templates/lxc-oracle.in | 2 +-
> 7 files changed, 65 insertions(+), 26 deletions(-)
>
> diff --git a/.gitignore b/.gitignore
> index 0b6ec69..bd96fa4 100644
> --- a/.gitignore
> +++ b/.gitignore
> @@ -113,10 +113,15 @@ config/missing
> config/libtool.m4
> config/lt*.m4
> config/bash/lxc
> +config/init/common/lxc-containers
> +config/init/common/lxc-net
> config/init/systemd/lxc-autostart-helper
> -config/init/systemd/lxc.service
> config/init/systemd/lxc-net.service
> +config/init/systemd/lxc.service
> config/init/sysvinit/lxc
> +config/init/sysvinit/lxc-containers
> +config/init/sysvinit/lxc-net
> +config/sysconfig/lxc
>
> doc/*.1
> doc/*.5
> diff --git a/config/init/common/lxc-containers.in b/config/init/common/lxc-containers.in
> index 9d1d604..31a2b87 100644
> --- a/config/init/common/lxc-containers.in
> +++ b/config/init/common/lxc-containers.in
> @@ -32,19 +32,6 @@ OPTIONS=
> # If you want to kill containers fast, use -k
> STOPOPTS="-a -A -s"
>
> -# Source function library.
> -test ! -r "$sysconfdir"/rc.d/init.d/functions ||
> - . "$sysconfdir"/rc.d/init.d/functions
> -
> -# provide action() fallback
> -if ! type action >/dev/null 2>&1; then
> - # Real basic fallback for sysvinit "action" verbage.
> - action() {
> - echo -n "$1 "
> - "$@" && echo "OK" || echo "Failed"
> - }
> -fi
> -
> if [ -d "$localstatedir"/lock/subsys ]
> then
> lockdir="$localstatedir"/lock/subsys
> @@ -106,7 +93,7 @@ case "$1" in
> wait_for_bridge
>
> # Start autoboot containers first then the NULL group "onboot,".
> - action $"Starting LXC autoboot containers: " "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
> + "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
> touch "$lockdir"/lxc
> ;;
>
> @@ -118,7 +105,7 @@ case "$1" in
> # The stop is serialized and can take excessive time. We need to avoid
> # delaying the system shutdown / reboot as much as we can since it's not
> # parallelized... Even 5 second timout may be too long.
> - action $"Stopping LXC containers: " "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
> + "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
> rm -f "$lockdir"/lxc
> ;;
>
> diff --git a/config/init/sysvinit/Makefile.am b/config/init/sysvinit/Makefile.am
> index d166400..e8b9f4f 100644
> --- a/config/init/sysvinit/Makefile.am
> +++ b/config/init/sysvinit/Makefile.am
> @@ -5,9 +5,9 @@ if INIT_SCRIPT_SYSV
> # directly to the rc directory under the appropriate name.
>
> if HAVE_DEBIAN
> - initdir = "init.d"
> +initdir = "init.d"
> else
> - initdir = "rc.d/init.d"
> +initdir = "rc.d/init.d"
> endif
>
> install-sysvinit: lxc-containers lxc-net
> diff --git a/config/init/sysvinit/lxc-containers.in b/config/init/sysvinit/lxc-containers.in
> index 9d92115..bc93322 100644
> --- a/config/init/sysvinit/lxc-containers.in
> +++ b/config/init/sysvinit/lxc-containers.in
> @@ -13,12 +13,28 @@
> # Description: Bring up/down LXC autostart containers
> ### END INIT INFO
>
> +sysconfdir="@SYSCONFDIR@"
> +
> +# Source function library.
> +test ! -r "$sysconfdir"/rc.d/init.d/functions ||
> + . "$sysconfdir"/rc.d/init.d/functions
> +
> +# provide action() fallback
> +if ! type action >/dev/null 2>&1; then
> + # Real basic fallback for sysvinit "action" verbage.
> + action() {
> + echo -n "$1 "
> + shift
> + "$@" && echo "OK" || echo "Failed"
> + }
> +fi
> +
> start() {
> - @LIBEXECDIR@/lxc/lxc-containers start
> + action $"Starting LXC autoboot containers: " @LIBEXECDIR@/lxc/lxc-containers start
> }
>
> stop() {
> - @LIBEXECDIR@/lxc/lxc-containers stop
> + action $"Stopping LXC containers: " @LIBEXECDIR@/lxc/lxc-containers stop
> }
>
> # See how we were called.
> diff --git a/config/init/sysvinit/lxc-net.in b/config/init/sysvinit/lxc-net.in
> index 6e22505..f6892c1 100644
> --- a/config/init/sysvinit/lxc-net.in
> +++ b/config/init/sysvinit/lxc-net.in
> @@ -2,7 +2,7 @@
> #
> # lxc-net Start/Stop LXC Networking
> #
> -# chkconfig: 345 99 01
> +# chkconfig: 345 98 01
> # description: Starts/Stops LXC Network Bridge
> #
> ### BEGIN INIT INFO
> @@ -13,12 +13,28 @@
> # Description: Bring up/down LXC Network Bridge
> ### END INIT INFO
>
> +sysconfdir="@SYSCONFDIR@"
> +
> +# Source function library.
> +test ! -r "$sysconfdir"/rc.d/init.d/functions ||
> + . "$sysconfdir"/rc.d/init.d/functions
> +
> +# provide action() fallback
> +if ! type action >/dev/null 2>&1; then
> + # Real basic fallback for sysvinit "action" verbage.
> + action() {
> + echo -n "$1 "
> + shift
> + "$@" && echo "OK" || echo "Failed"
> + }
> +fi
> +
> start() {
> - @LIBEXECDIR@/lxc/lxc-net start
> + action $"Starting LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net start
> }
>
> stop() {
> - @LIBEXECDIR@/lxc/lxc-net stop
> + action $"Stopping LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net stop
> }
>
> # See how we were called.
> diff --git a/lxc.spec.in b/lxc.spec.in
> index 52b6326..fbef674 100644
> --- a/lxc.spec.in
> +++ b/lxc.spec.in
> @@ -43,6 +43,12 @@ BuildRequires: systemd
> %define init_script sysvinit
> %endif
>
> +# Must use /var/run for runtime_path on older releases or dnsmasq in the
> +# lxc-net script will not be able to write its pid in /run (selinux denial)
> +%if 0%{?fedora} < 15 || 0%{?rhel} < 7
> +%define _with_runtime_path --with-runtime-path=/var/run
> +%endif
> +
> # RPM needs alpha/beta/rc in Release: not Version: to ensure smooth
> # package upgrades from alpha->beta->rc->release. For more info see:
> # http://fedoraproject.org/wiki/Packaging%3aNamingGuidelines#NonNumericRelease
> @@ -62,7 +68,12 @@ Summary: Linux Containers userspace tools
> Group: Applications/System
> License: LGPLv2+
> BuildRoot: %{_tmppath}/%{name}-%{version}-build
> -Requires: openssl rsync dnsmasq
> +Requires: openssl rsync dnsmasq bridge-utils
> +Requires(pre): /usr/sbin/useradd
> +Requires(postun): /usr/sbin/userdel
> +%if 0%{?fedora} < 15 || 0%{?rhel} < 7
> +Requires: libcgroup
> +%endif
> # Note for Suse. The "docbook2X" BuildRequires does properly
> # match docbook2x on Suse in a case insensitive manner
> BuildRequires: libcap libcap-devel docbook2X graphviz libxslt pkgconfig
> @@ -134,6 +145,7 @@ PATH=$PATH:/usr/sbin:/sbin %configure $args \
> %if "x%{_unitdir}" != "x"
> --with-systemdsystemunitdir=%{_unitdir} \
> %endif
> + %{?_with_runtime_path} \
> --disable-rpath \
> --with-init-script=%{init_script}
> make %{?_smp_mflags}
> @@ -147,7 +159,7 @@ find %{buildroot} -type f -name '*.la' -exec rm -f {} ';'
> rm -rf %{buildroot}
>
> %pre
> -# Ensure that lxcdnsmasq uid & gid gets correctly allocated
> +# Ensure that lxc-dnsmasq uid & gid gets correctly allocated
> if getent passwd lxc-dnsmasq >/dev/null 2>&1 ; then : ; else \
> /usr/sbin/useradd -M -r -s /sbin/nologin \
> -c "LXC Networking Service" -d %_localstatedir/%name lxc-dnsmasq 2> /dev/null \
> @@ -200,6 +212,9 @@ LXC_DHCP_MAX="253"
> EOF
> fi
>
> +%postun
> +/usr/sbin/userdel lxc-dnsmasq > /dev/null 2>&1 || :
> +
> %post libs -p /sbin/ldconfig
> %postun libs -p /sbin/ldconfig
>
> diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
> index 830ce5c..1f65d4c 100644
> --- a/templates/lxc-oracle.in
> +++ b/templates/lxc-oracle.in
> @@ -598,7 +598,7 @@ container_rootfs_create()
> fi
> done
>
> - mkdir -p @LOCALSTATEDIR@/lock/subsys/lxc
> + mkdir -p @LOCALSTATEDIR@/lock/subsys
> (
> flock -x 9
> if [ $? -ne 0 ]; then
> --
> 1.7.1
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140929/9ae95557/attachment.sig>
More information about the lxc-devel
mailing list