]>
Commit | Line | Data |
---|---|---|
eb960fea DL |
1 | #!/bin/bash |
2 | ||
3 | # | |
4 | # lxc: linux Container library | |
5 | ||
6 | # Authors: | |
7 | # Daniel Lezcano <daniel.lezcano@free.fr> | |
8 | ||
9 | # This library is free software; you can redistribute it and/or | |
10 | # modify it under the terms of the GNU Lesser General Public | |
11 | # License as published by the Free Software Foundation; either | |
12 | # version 2.1 of the License, or (at your option) any later version. | |
13 | ||
14 | # This library is distributed in the hope that it will be useful, | |
15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
17 | # Lesser General Public License for more details. | |
18 | ||
19 | # You should have received a copy of the GNU Lesser General Public | |
20 | # License along with this library; if not, write to the Free Software | |
21 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
22 | ||
23 | install_busybox() | |
24 | { | |
25 | rootfs=$1 | |
26 | name=$2 | |
27 | res=0 | |
28 | tree="\ | |
32b37181 | 29 | $rootfs/selinux \ |
eb960fea DL |
30 | $rootfs/dev \ |
31 | $rootfs/home \ | |
32 | $rootfs/root \ | |
33 | $rootfs/etc \ | |
34 | $rootfs/etc/init.d \ | |
35 | $rootfs/bin \ | |
36 | $rootfs/sbin \ | |
37 | $rootfs/proc \ | |
38 | $rootfs/mnt \ | |
39 | $rootfs/tmp \ | |
40 | $rootfs/var/log \ | |
41 | $rootfs/usr/share/udhcpc \ | |
10e657e5 | 42 | $rootfs/dev/pts \ |
bf6cc736 DL |
43 | $rootfs/dev/shm \ |
44 | $rootfs/lib \ | |
45 | $rootfs/usr/lib \ | |
46 | $rootfs/lib64 \ | |
47 | $rootfs/usr/lib64" | |
eb960fea DL |
48 | |
49 | mkdir -p $tree || return 1 | |
50 | chmod 755 $tree || return 1 | |
51 | ||
52 | pushd $rootfs/dev > /dev/null || return 1 | |
53 | ||
54 | # minimal devices needed for busybox | |
55 | mknod tty c 5 0 || res=1 | |
56 | mknod console c 5 1 || res=1 | |
57 | chmod 666 tty console || res=1 | |
58 | mknod tty0 c 4 0 || res=1 | |
59 | mknod tty1 c 4 0 || res=1 | |
60 | mknod tty5 c 4 0 || res=1 | |
61 | chmod 666 tty0 || res=1 | |
62 | mknod ram0 b 1 0 || res=1 | |
63 | chmod 600 ram0 || res=1 | |
64 | mknod null c 1 3 || res=1 | |
65 | chmod 666 null || res=1 | |
66 | ||
67 | popd > /dev/null | |
68 | ||
69 | # root user defined | |
70 | cat <<EOF >> $rootfs/etc/passwd | |
71 | root:x:0:0:root:/root:/bin/sh | |
72 | EOF | |
73 | ||
74 | cat <<EOF >> $rootfs/etc/group | |
75 | root:x:0:root | |
76 | EOF | |
77 | ||
eb960fea DL |
78 | # mount everything |
79 | cat <<EOF >> $rootfs/etc/init.d/rcS | |
80 | #!/bin/sh | |
81 | syslogd | |
82 | mount -a | |
83 | udhcpc | |
84 | EOF | |
85 | ||
86 | # executable | |
87 | chmod 744 $rootfs/etc/init.d/rcS || return 1 | |
88 | ||
89 | # mount points | |
90 | cat <<EOF >> $rootfs/etc/fstab | |
91 | proc /proc proc defaults 0 0 | |
92 | shm /dev/shm tmpfs defaults 0 0 | |
93 | EOF | |
94 | ||
95 | # writable and readable for other | |
96 | chmod 644 $rootfs/etc/fstab || return 1 | |
97 | ||
98 | # launch rcS first then make a console available | |
99 | # and propose a shell on the tty, the last one is | |
100 | # not needed | |
101 | cat <<EOF >> $rootfs/etc/inittab | |
102 | ::sysinit:/etc/init.d/rcS | |
0016af97 DL |
103 | tty1::respawn:/bin/getty -L tty1 115200 vt100 |
104 | console::askfirst:/bin/sh | |
eb960fea DL |
105 | EOF |
106 | # writable and readable for other | |
107 | chmod 644 $rootfs/etc/inittab || return 1 | |
108 | ||
109 | cat <<EOF >> $rootfs/usr/share/udhcpc/default.script | |
110 | #!/bin/sh | |
111 | ||
112 | case "\$1" in | |
113 | deconfig) | |
114 | ip addr flush dev \$interface | |
115 | ;; | |
116 | ||
117 | renew|bound) | |
118 | ||
119 | # flush all the routes | |
120 | if [ -n "\$router" ]; then | |
121 | ip route del default 2> /dev/null | |
122 | fi | |
123 | ||
124 | # check broadcast | |
125 | if [ -n "\$broadcast" ]; then | |
126 | broadcast="broadcast \$broadcast" | |
127 | fi | |
128 | ||
129 | # add a new ip address | |
130 | ip addr add \$ip/\$mask \$broadcast dev \$interface | |
131 | ||
132 | if [ -n "\$router" ]; then | |
133 | ip route add default via \$router dev \$interface | |
134 | fi | |
135 | ||
136 | [ -n "\$domain" ] && echo search \$domain > /etc/resolv.conf | |
137 | for i in \$dns ; do | |
138 | echo nameserver \$i >> /etc/resolv.conf | |
139 | done | |
140 | ;; | |
141 | esac | |
142 | exit 0 | |
143 | EOF | |
144 | ||
145 | chmod 744 $rootfs/usr/share/udhcpc/default.script | |
146 | ||
147 | return $res | |
148 | } | |
149 | ||
150 | configure_busybox() | |
151 | { | |
152 | rootfs=$1 | |
153 | ||
154 | functions="\ | |
3bc15639 MN |
155 | [ [[ addgroup adduser adjtimex ar arp arping ash awk basename \ |
156 | brctl bunzip2 bzcat bzip2 cal cat catv chattr chgrp chmod \ | |
157 | chown chpasswd chpst chroot chrt chvt cksum clear cmp comm \ | |
158 | cp cpio crond crontab cryptpw cut date dc dd deallocvt \ | |
159 | delgroup deluser df dhcprelay diff dirname dmesg dnsd dos2unix \ | |
160 | du dumpkmap dumpleases echo ed egrep eject env envdir envuidgid \ | |
161 | ether-wake expand expr fakeidentd false fbset fdformat fdisk \ | |
162 | fetchmail fgrep find findfs fold free freeramdisk fsck \ | |
163 | fsck.minix ftpget ftpput fuser getopt getty grep gunzip gzip \ | |
164 | halt hdparm head hexdump hostid hostname httpd hwclock id \ | |
165 | ifconfig ifdown ifenslave ifup inetd init insmod install ip \ | |
166 | ipaddr ipcalc ipcrm ipcs iplink iproute iprule iptunnel \ | |
167 | kbd_mode kill killall killall5 klogd last length less linux32 \ | |
168 | linux64 linuxrc ln loadfont loadkmap logger login logname \ | |
169 | logread losetup lpd lpq lpr ls lsattr lsmod lzmacat makedevs \ | |
170 | md5sum mdev mesg microcom mkdir mkfifo mkfs.minix mknod mkswap \ | |
171 | mktemp modprobe more mount mountpoint msh mt mv nameif nc \ | |
172 | netstat nice nmeter nohup nslookup od openvt passwd patch \ | |
173 | pgrep pidof ping ping6 pipe_progress pivot_root pkill poweroff \ | |
174 | printenv printf ps pscan pwd raidautorun rdate readahead \ | |
175 | readlink readprofile realpath reboot renice reset resize rm \ | |
176 | rmdir rmmod route rpm rpm2cpio run-parts runlevel runsv \ | |
177 | runsvdir rx script sed sendmail seq setarch setconsole \ | |
178 | setkeycodes setlogcons setsid setuidgid sh sha1sum slattach \ | |
179 | sleep softlimit sort split start-stop-daemon stat strings \ | |
180 | stty su sulogin sum sv svlogd swapoff swapon switch_root \ | |
181 | sync sysctl syslogd tac tail tar taskset tcpsvd tee telnet \ | |
182 | telnetd test tftp tftpd time top touch tr traceroute \ | |
183 | true tty ttysize udhcpc udhcpd udpsvd umount uname uncompress \ | |
184 | unexpand uniq unix2dos unlzma unzip uptime usleep uudecode \ | |
185 | uuencode vconfig vi vlock watch watchdog wc wget which \ | |
186 | who whoami xargs yes zcat zcip" | |
187 | ||
188 | type busybox >/dev/null | |
7674618c | 189 | |
eb960fea DL |
190 | if [ $? -ne 0 ]; then |
191 | echo "busybox executable is not accessible" | |
192 | return 1 | |
193 | fi | |
194 | ||
32b37181 DL |
195 | file $(which busybox) | grep -q "statically linked" |
196 | if [ $? -ne 0 ]; then | |
197 | echo "warning : busybox is not statically linked." | |
198 | echo "warning : The template script may not correctly" | |
199 | echo "warning : setup the container environment." | |
200 | fi | |
201 | ||
eb960fea DL |
202 | # copy busybox in the rootfs |
203 | cp $(which busybox) $rootfs/bin | |
204 | if [ $? -ne 0 ]; then | |
205 | echo "failed to copy busybox in the rootfs" | |
206 | return 1 | |
207 | fi | |
208 | ||
209 | # do hardlink to busybox for the different commands | |
210 | for i in $functions; do ln $rootfs/bin/busybox $rootfs/bin/$i; done | |
211 | ||
212 | # relink /sbin/init | |
213 | ln $rootfs/bin/busybox $rootfs/sbin/init | |
214 | ||
215 | # passwd exec must be setuid | |
216 | chmod +s $rootfs/bin/passwd | |
32b37181 DL |
217 | touch $rootfs/etc/shadow |
218 | chroot $rootfs /bin/passwd -d root | |
eb960fea | 219 | |
32b37181 | 220 | echo "No password for 'root', please change !" |
19d618b1 | 221 | |
eb960fea DL |
222 | return 0 |
223 | } | |
224 | ||
225 | copy_configuration() | |
226 | { | |
227 | path=$1 | |
228 | rootfs=$2 | |
229 | name=$3 | |
230 | ||
231 | cat <<EOF >> $path/config | |
232 | lxc.utsname = $name | |
233 | lxc.tty = 1 | |
32b37181 | 234 | lxc.pts = 1 |
eb960fea | 235 | lxc.rootfs = $rootfs |
eb960fea | 236 | EOF |
bf6cc736 DL |
237 | |
238 | if [ -d "$rootfs/lib" ]; then | |
239 | cat <<EOF >> $path/config | |
240 | lxc.mount.entry=/lib $rootfs/lib none ro,bind 0 0 | |
241 | lxc.mount.entry=/usr/lib $rootfs/usr/lib none ro,bind 0 0 | |
242 | EOF | |
243 | fi | |
244 | ||
245 | if [ -d "$rootfs/lib64" ]; then | |
246 | cat <<EOF >> $path/config | |
247 | lxc.mount.entry=/lib64 $rootfs/lib64 none ro,bind 0 0 | |
248 | lxc.mount.entry=/usr/lib64 $rootfs/usr/lib64 none ro,bind 0 0 | |
249 | EOF | |
250 | fi | |
eb960fea DL |
251 | } |
252 | ||
253 | usage() | |
254 | { | |
255 | cat <<EOF | |
256 | $1 -h|--help -p|--path=<path> | |
257 | EOF | |
258 | return 0 | |
259 | } | |
260 | ||
261 | options=$(getopt -o hp:n: -l help,path:,name: -- "$@") | |
262 | if [ $? -ne 0 ]; then | |
263 | usage $(basename $0) | |
264 | exit 1 | |
265 | fi | |
266 | eval set -- "$options" | |
267 | ||
268 | while true | |
269 | do | |
270 | case "$1" in | |
271 | -h|--help) usage $0 && exit 0;; | |
272 | -p|--path) path=$2; shift 2;; | |
273 | -n|--name) name=$2; shift 2;; | |
274 | --) shift 1; break ;; | |
275 | *) break ;; | |
276 | esac | |
277 | done | |
278 | ||
279 | if [ "$(id -u)" != "0" ]; then | |
280 | echo "This script should be run as 'root'" | |
281 | exit 1 | |
282 | fi | |
283 | ||
284 | if [ -z "$path" ]; then | |
285 | echo "'path' parameter is required" | |
286 | exit 1 | |
287 | fi | |
288 | ||
289 | rootfs=$path/rootfs | |
290 | ||
291 | install_busybox $rootfs $name | |
292 | if [ $? -ne 0 ]; then | |
293 | echo "failed to install busybox's rootfs" | |
294 | exit 1 | |
295 | fi | |
296 | ||
297 | configure_busybox $rootfs | |
298 | if [ $? -ne 0 ]; then | |
299 | echo "failed to configure busybox template" | |
300 | exit 1 | |
301 | fi | |
302 | ||
303 | copy_configuration $path $rootfs $name | |
304 | if [ $? -ne 0 ]; then | |
305 | echo "failed to write configuration file" | |
306 | exit 1 | |
307 | fi |