[lxc-devel] [PATCHES] add "--mask-tmp" to lxc-fedora, plus some template script fixes
Michael Adam
obnox at samba.org
Sat Jan 10 12:12:06 UTC 2015
On 2015-01-10 at 13:08 +0100, Michael Adam wrote:
> On 2015-01-10 at 04:05 +0000, Serge Hallyn wrote:
>
> > The less controversial one is adding mask-tmp to the fedora template.
> > It looks fine to me, but that should go separately to mwarfield, our
> > fedora template maintainer :)
>
> I had notified mhw of my patches on irc, but apparently he is
> currently very busy.
>
> For a start, following is an update of the uncontroversial fix
> patches, i.e. the fix patche without the path ones, and without
> the mask-tmp patch.
And here comes the mask-tmp patch.
It needs to be applied onto the previous fix-patchset.
From 9589dca113535ed2f4faad89db2fab33bb8a9d7e Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox at samba.org>
Date: Thu, 8 Jan 2015 10:25:24 +0100
Subject: [PATCH] lxc-fedora: add a new option --mask-tmp
This will configure the container to prevent the standard
behaviour of over-mounting /tmp with tmpfs, which can be
undesirable in some cases.
My personal use case is vagrant-lxc in combination with
vagrant-cachier.
Signed-off-by: Michael Adam <obnox at samba.org>
---
templates/lxc-fedora.in | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
index 210f2e7..49e14eb 100644
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
@@ -372,6 +372,12 @@ configure_fedora_systemd()
chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# Make systemd honor SIGPWR
chroot ${rootfs_path} ln -s /usr/lib/systemd/system/halt.target /etc/systemd/system/sigpwr.target
+
+ # if desired, prevent systemd from over-mounting /tmp with tmpfs
+ if [ $masktmp -eq 1 ]; then
+ chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/tmp.mount
+ fi
+
#dependency on a device unit fails it specially that we disabled udev
# sed -i 's/After=dev-%i.device/After=/' ${rootfs_path}/lib/systemd/system/getty\@.service
#
@@ -1186,6 +1192,7 @@ usage:
$1 -n|--name=<container_name>
[-p|--path=<path>] [-c|--clean] [-R|--release=<Fedora_release>]
[--fqdn=<network name of container>] [-a|--arch=<arch of the container>]
+ [--mask-tmp]
[-h|--help]
Mandatory args:
-n,--name container name, used to as an identifier for that container
@@ -1198,18 +1205,21 @@ Optional args:
Defaults to host's release if the host is Fedora.
--fqdn fully qualified domain name (FQDN) for DNS and system naming
-a,--arch Define what arch the container will be [i686,x86_64]
+ --mask-tmp Prevent systemd from over-mounting /tmp with tmpfs.
-h,--help print this help
EOF
return 0
}
-options=$(getopt -o a:hp:n:cR: -l help,path:,rootfs:,name:,clean,release:,arch:,fqdn: -- "$@")
+options=$(getopt -o a:hp:n:cR: -l help,path:,rootfs:,name:,clean,release:,arch:,fqdn:,mask-tmp -- "$@")
if [ $? -ne 0 ]; then
usage $(basename $0)
exit 1
fi
arch=$(uname -m)
+masktmp=0
+
eval set -- "$options"
while true
do
@@ -1222,6 +1232,7 @@ do
-R|--release) release=$2; shift 2;;
-a|--arch) newarch=$2; shift 2;;
--fqdn) utsname=$2; shift 2;;
+ --mask-tmp) masktmp=1; shift 1;;
--) shift 1; break ;;
*) break ;;
esac
--
2.1.0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20150110/3b8f7ab0/attachment.sig>
More information about the lxc-devel
mailing list