diff options
Diffstat (limited to 'templates/lxc-altlinux.in')
-rw-r--r-- | templates/lxc-altlinux.in | 113 |
1 files changed, 94 insertions, 19 deletions
diff --git a/templates/lxc-altlinux.in b/templates/lxc-altlinux.in index a64367f..3aba77b 100644 --- a/templates/lxc-altlinux.in +++ b/templates/lxc-altlinux.in @@ -27,7 +27,7 @@ #Configurations arch=$(arch) cache_base=/var/cache/lxc/altlinux/$arch -default_path=/var/lib/lxc +default_path=@LXCPATH@ default_profile=default profile_dir=/etc/lxc/profiles root_password=rooter @@ -44,15 +44,38 @@ configure_altlinux() mkdir -p $rootfs_path/selinux echo 0 > $rootfs_path/selinux/enforce - # configure the network using the dhcp - mkdir -p ${rootfs_path}/etc/net/ifaces/eth0 - cat <<EOF > ${rootfs_path}/etc/net/ifaces/eth0/options -BOOTPROTO=dhcp + mkdir -p ${rootfs_path}/etc/net/ifaces/veth0 + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/options +BOOTPROTO=${BOOTPROTO} ONBOOT=yes NM_CONTROLLED=no TYPE=eth EOF +if [ ${BOOTPROTO} != "dhcp" ]; then + # ip address + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv4address +${ipv4} +EOF + + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv4route +${gw} +EOF + + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/resolv.conf +nameserver ${dns} +EOF + + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv6address +${ipv6} +EOF + + cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv6route +${gw6} +EOF + +fi + # set the hostname cat <<EOF > ${rootfs_path}/etc/sysconfig/network NETWORKING=yes @@ -66,10 +89,11 @@ EOF 127.0.0.1 localhost.localdomain localhost $name EOF # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd. - sed -i 's/^.*loginuid.so.*$/\#&/' ${rootfs_path}/etc/pam.d/common-login +# sed -i 's/^.*loginuid.so.*$/\#&/' ${rootfs_path}/etc/pam.d/common-login # Allow root to login at virsh console echo "pts/0" >> ${rootfs_path}/etc/securetty + echo "console" >> ${rootfs_path}/etc/securetty chroot ${rootfs_path} chkconfig network on chroot ${rootfs_path} chkconfig syslogd on @@ -78,12 +102,17 @@ EOF chroot ${rootfs_path} chkconfig fbsetfont off # chroot ${rootfs_path} chkconfig keytable off - subst 's/^\([0-9]\+:[0-9]\+:respawn:\/sbin\/mingetty.*\)/#\1/' ${rootfs_path}/etc/inittab + subst 's/^\([3-9]\+:[0-9]\+:respawn:\/sbin\/mingetty.*\)/#\1/' ${rootfs_path}/etc/inittab + echo "c1:2345:respawn:/sbin/mingetty --noclear console" >> ${rootfs_path}/etc/inittab subst 's,\/dev\/tty12,/var/log/syslog/console,' ${rootfs_path}/etc/syslog.conf +# touch file for fastboot + touch ${rootfs_path}/fastboot + chattr +i ${rootfs_path}/fastboot + dev_path="${rootfs_path}/dev" - rm -rf $dev_path - mkdir -p $dev_path + rm -rf ${dev_path} + mkdir -p ${dev_path} mknod -m 666 ${dev_path}/null c 1 3 mknod -m 666 ${dev_path}/zero c 1 5 mknod -m 644 ${dev_path}/random c 1 8 @@ -91,15 +120,23 @@ EOF mkdir -m 755 ${dev_path}/pts mkdir -m 1777 ${dev_path}/shm mknod -m 666 ${dev_path}/tty c 5 0 - mknod -m 666 ${dev_path}/tty0 c 4 0 - mknod -m 666 ${dev_path}/tty1 c 4 1 - mknod -m 666 ${dev_path}/tty2 c 4 2 - mknod -m 666 ${dev_path}/tty3 c 4 3 - mknod -m 666 ${dev_path}/tty4 c 4 4 + chown root:tty ${dev_path}/tty + mknod -m 600 ${dev_path}/tty0 c 4 0 + mknod -m 600 ${dev_path}/tty1 c 4 1 + mknod -m 600 ${dev_path}/tty2 c 4 2 + mknod -m 600 ${dev_path}/tty3 c 4 3 + mknod -m 600 ${dev_path}/tty4 c 4 4 mknod -m 600 ${dev_path}/console c 5 1 mknod -m 666 ${dev_path}/full c 1 7 mknod -m 600 ${dev_path}/initctl p mknod -m 666 ${dev_path}/ptmx c 5 2 + chown root:tty ${dev_path}/ptmx + ln -s /proc/self/fd ${dev_path}/fd + ln -s /proc/kcore ${dev_path}/core + mkdir -m 755 ${dev_path}/mapper + mknod -m 600 ${dev_path}/mapper/control c 10 236 + mkdir -m 755 ${dev_path}/net + mknod -m 666 ${dev_path}/net/tun c 10 200 echo "setting root passwd to $root_password" echo "root:$root_password" | chroot $rootfs_path chpasswd @@ -212,8 +249,30 @@ lxc.mount = $config_path/fstab lxc.network.type = $lxc_network_type lxc.network.flags = up lxc.network.link = $lxc_network_link -lxc.network.name = eth0 +lxc.network.name = veth0 lxc.network.mtu = 1500 +EOF +if [ ! -z ${ipv4} ]; then + cat <<EOF >> $config_path/config +lxc.network.ipv4 = $ipv4 +EOF +fi +if [ ! -z ${gw} ]; then + cat <<EOF >> $config_path/config +lxc.network.ipv4.gateway = $gw +EOF +fi +if [ ! -z ${ipv6} ]; then + cat <<EOF >> $config_path/config +lxc.network.ipv6 = $ipv6 +EOF +fi +if [ ! -z ${gw6} ]; then + cat <<EOF >> $config_path/config +lxc.network.ipv6.gateway = $gw6 +EOF +fi + cat <<EOF >> $config_path/config #cgroups lxc.cgroup.devices.deny = a # /dev/null and zero @@ -230,12 +289,11 @@ lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc -lxc.cgroup.devices.allow = c 254:0 rwm +lxc.cgroup.devices.allow = c 10:135 rwm EOF cat <<EOF > $config_path/fstab proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0 -devpts $rootfs_path/dev/pts devpts defaults 0 0 sysfs $rootfs_path/sys sysfs defaults 0 0 EOF @@ -275,6 +333,8 @@ usage() usage: $1 -n|--name=<container_name> [-p|--path=<path>] [-c|--clean] [-R|--release=<ALTLinux_release>] + [-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>] + [-g|--gw=<gw address>] [-d|--dns=<dns address>] [-P|--profile=<name of the profile>] [-A|--arch=<arch of the container>] [-h|--help] @@ -284,6 +344,11 @@ Optional args: -p,--path path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in and case -c,--clean clean the cache -R,--release ALTLinux release for the new container. if the host is ALTLinux, then it will defaultto the host's release. + -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24 + -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64 + -g,--gw specify the default gw, eg. 192.168.1.1 + -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596 + -d,--dns specify the DNS server, eg. 192.168.1.2 -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache. -A,--arch NOT USED YET. Define what arch the container will be [i686,x86_64] -h,--help print this help @@ -291,7 +356,7 @@ EOF return 0 } -options=$(getopt -o hp:n:P:cR: -l help,path:,name:,profile:,clean,release: -- "$@") +options=$(getopt -o hp:n:P:cR:4:6:g:d: -l help,path:,name:,profile:,clean,release:ipv4:ipv6:gw:dns: -- "$@") if [ $? -ne 0 ]; then usage $(basename $0) exit 1 @@ -306,7 +371,11 @@ do -n|--name) name=$2; shift 2;; -P|--profile) profile=$2; shift 2;; -c|--clean) clean=$2; shift 2;; - -R|--release) release=$2; shift 2;; + -R|--release) release=$2; shift 2;; + -4|--ipv4) ipv4=$2; shift 2;; + -6|--ipv6) ipv6=$2; shift 2;; + -g|--gw) gw=$2; shift 2;; + -d|--dns) dns=$2; shift 2;; --) shift 1; break ;; *) break ;; esac @@ -340,6 +409,12 @@ if [ -z "$release" ]; then fi fi +if [ -z "$ipv4" -a -z "$ipv6" ]; then + BOOTPROTO="dhcp" +else + BOOTPROTO="static" +fi + if [ "$(id -u)" != "0" ]; then echo "This script should be run as 'root'" exit 1 |