[lxc-devel] [obnox at samba.org: Re: [PATCHES] add "--mask-tmp" to lxc-fedora, plus some template script fixes]
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Jan 21 18:19:58 UTC 2015
Quoting Michael Adam (obnox at samba.org):
> Hi Michael,
>
> do you have any concerns with the attached patch to
> the fedora template that adds an option --mask-tmp
> that prevents fedora/systemd from over-mounting
> /tmp with tmpfs, which is useful in some cases?
>
> Thanks - Michael
>
> ----- Forwarded message from Michael Adam <obnox at samba.org> -----
>
> Date: Sat, 10 Jan 2015 13:12:06 +0100
> From: Michael Adam <obnox at samba.org>
> To: LXC development mailing-list <lxc-devel at lists.linuxcontainers.org>
> Subject: Re: [lxc-devel] [PATCHES] add "--mask-tmp" to lxc-fedora, plus some
> template script fixes
> User-Agent: Mutt/1.5.23 (2014-03-12)
>
> On 2015-01-10 at 13:08 +0100, Michael Adam wrote:
> > On 2015-01-10 at 04:05 +0000, Serge Hallyn wrote:
> >
> > > The less controversial one is adding mask-tmp to the fedora template.
> > > It looks fine to me, but that should go separately to mwarfield, our
> > > fedora template maintainer :)
> >
> > I had notified mhw of my patches on irc, but apparently he is
> > currently very busy.
> >
> > For a start, following is an update of the uncontroversial fix
> > patches, i.e. the fix patche without the path ones, and without
> > the mask-tmp patch.
>
> And here comes the mask-tmp patch.
> It needs to be applied onto the previous fix-patchset.
>
>
> From 9589dca113535ed2f4faad89db2fab33bb8a9d7e Mon Sep 17 00:00:00 2001
> From: Michael Adam <obnox at samba.org>
> Date: Thu, 8 Jan 2015 10:25:24 +0100
> Subject: [PATCH] lxc-fedora: add a new option --mask-tmp
>
> This will configure the container to prevent the standard
> behaviour of over-mounting /tmp with tmpfs, which can be
> undesirable in some cases.
>
> My personal use case is vagrant-lxc in combination with
> vagrant-cachier.
>
> Signed-off-by: Michael Adam <obnox at samba.org>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> templates/lxc-fedora.in | 13 ++++++++++++-
> 1 file changed, 12 insertions(+), 1 deletion(-)
>
> diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
> index 210f2e7..49e14eb 100644
> --- a/templates/lxc-fedora.in
> +++ b/templates/lxc-fedora.in
> @@ -372,6 +372,12 @@ configure_fedora_systemd()
> chroot ${rootfs_path} ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
> # Make systemd honor SIGPWR
> chroot ${rootfs_path} ln -s /usr/lib/systemd/system/halt.target /etc/systemd/system/sigpwr.target
> +
> + # if desired, prevent systemd from over-mounting /tmp with tmpfs
> + if [ $masktmp -eq 1 ]; then
> + chroot ${rootfs_path} ln -s /dev/null /etc/systemd/system/tmp.mount
> + fi
> +
> #dependency on a device unit fails it specially that we disabled udev
> # sed -i 's/After=dev-%i.device/After=/' ${rootfs_path}/lib/systemd/system/getty\@.service
> #
> @@ -1186,6 +1192,7 @@ usage:
> $1 -n|--name=<container_name>
> [-p|--path=<path>] [-c|--clean] [-R|--release=<Fedora_release>]
> [--fqdn=<network name of container>] [-a|--arch=<arch of the container>]
> + [--mask-tmp]
> [-h|--help]
> Mandatory args:
> -n,--name container name, used to as an identifier for that container
> @@ -1198,18 +1205,21 @@ Optional args:
> Defaults to host's release if the host is Fedora.
> --fqdn fully qualified domain name (FQDN) for DNS and system naming
> -a,--arch Define what arch the container will be [i686,x86_64]
> + --mask-tmp Prevent systemd from over-mounting /tmp with tmpfs.
> -h,--help print this help
> EOF
> return 0
> }
>
> -options=$(getopt -o a:hp:n:cR: -l help,path:,rootfs:,name:,clean,release:,arch:,fqdn: -- "$@")
> +options=$(getopt -o a:hp:n:cR: -l help,path:,rootfs:,name:,clean,release:,arch:,fqdn:,mask-tmp -- "$@")
> if [ $? -ne 0 ]; then
> usage $(basename $0)
> exit 1
> fi
>
> arch=$(uname -m)
> +masktmp=0
> +
> eval set -- "$options"
> while true
> do
> @@ -1222,6 +1232,7 @@ do
> -R|--release) release=$2; shift 2;;
> -a|--arch) newarch=$2; shift 2;;
> --fqdn) utsname=$2; shift 2;;
> + --mask-tmp) masktmp=1; shift 1;;
> --) shift 1; break ;;
> *) break ;;
> esac
> --
> 2.1.0
>
>
>
>
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
>
>
> ----- End forwarded message -----
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list