[mirror_lxc.git] / templates / lxc-opensuse.in

#!/bin/bash

#
# template script for generating OpenSUSE container for LXC
#

#
# lxc: linux Container library

# Authors:
# Daniel Lezcano <daniel.lezcano@free.fr>
# Frederic Crozat <fcrozat@suse.com>
# Michael H. Warfield <mhw@WittsEnd.com>
# Johannes Kastl <mail@ojkastl.de>

# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.

# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.

# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

# Detect use under userns (unsupported)
for arg in "$@"; do
    [ "$arg" = "--" ] && break
    if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
        echo "This template can't be used for unprivileged containers." 1>&2
        echo "You may want to try the \"download\" template instead." 1>&2
        exit 1
    fi
done

# Make sure the usual locations are in PATH
export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin

if [ -x /usr/bin/obs-build ]; then
    BUILD=/usr/bin/obs-build
    export BUILD_DIR=/usr/lib/obs-build
else
    BUILD=/usr/bin/build
    export BUILD_DIR=/usr/lib/build
fi

configure_opensuse()
{
    rootfs=$1
    hostname=$2

   # set first network adapter as dhcp.  This is the most common config.
   cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
STARTMODE='auto'
BOOTPROTO='dhcp'
EOF

   # create empty fstab
   touch $rootfs/etc/fstab

    # set the hostname
    cat <<EOF > $rootfs/etc/HOSTNAME
$hostname
EOF
    # ensure /etc/hostname is available too
    ln -s -f HOSTNAME $rootfs/etc/hostname

    # do not use hostname from HOSTNAME variable
    cat <<EOF >> $rootfs/etc/sysconfig/cron
unset HOSTNAME
EOF

    # set minimal hosts
    cat <<EOF > $rootfs/etc/hosts
127.0.0.1 localhost $hostname
EOF

    # disable yast->bootloader in container
    cat <<EOF > $rootfs/etc/sysconfig/bootloader
LOADER_TYPE=none
LOADER_LOCATION=none
EOF

    # set /dev/console as securetty
    cat << EOF >> $rootfs/etc/securetty
console
EOF

    cat <<EOF >> $rootfs/etc/sysconfig/boot
# disable root fsck
ROOTFS_FSCK="0"
ROOTFS_BLKDEV="/dev/null"
EOF


    # remove pointless services in a container
    ln -s /dev/null $rootfs/etc/systemd/system/proc-sys-fs-binfmt_misc.automount
    ln -s /dev/null $rootfs/etc/systemd/system/console-shell.service
    ln -s /dev/null $rootfs/etc/systemd/system/systemd-vconsole-setup.service
    sed -e 's/ConditionPathExists=.*//' $rootfs/usr/lib/systemd/system/getty@.service > $rootfs/etc/systemd/system/getty@.service
    ln -s getty@.service $rootfs/etc/systemd/system/getty@tty1.service
    ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@console.service
    ln -s -f ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty1.service
    ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty2.service
    ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty3.service
    ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty4.service

    touch $rootfs/etc/sysconfig/kernel

    echo "Please change root-password !"

    return 0
}

download_opensuse()
{
    cache=$1
    arch=$2

    if [ ! -x ${BUILD} ]; then
       echo "Could not create openSUSE template :"
       echo "you need to install \"build\" package"
       return 1
    fi

    # check the mini opensuse was not already downloaded
    mkdir -p "$cache/partial-$arch"

    if [ $? -ne 0 ]; then
        echo "Failed to create '$cache/partial-$arch' directory"
        return 1
    fi

    # download a mini opensuse into a cache
    echo "Downloading opensuse minimal ..."
    mkdir -p "$cache/partial-$arch-packages"
    if [[ $DISTRO == "tumbleweed" ]]; then
        zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/$DISTRO/repo/oss/ repo-oss || return 1
    else
        zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss || return 1
    fi
    # Leap update repos were rearranged
    if [[ $DISTRO == "leap/4"* ]]; then
        zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/oss/ update || return 1
    else
        zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update || return 1
    fi
	zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update || return 1
    zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base bash iputils sed tar rsyslog || return 1
    cat > $cache/partial-$arch-packages/opensuse.conf << EOF
Preinstall: aaa_base bash coreutils diffutils
Preinstall: filesystem fillup glibc grep insserv-compat perl-base
Preinstall: libbz2-1 libncurses5 pam
Preinstall: permissions libreadline6 rpm sed tar libz1 libselinux1
Preinstall: liblzma5 libcap2 libacl1 libattr1
Preinstall: libpopt0 libelf1 liblua5_1
Preinstall: libpcre1

RunScripts: aaa_base

Support: zypper
Support: patterns-openSUSE-base
Support: lxc
Support: ncurses-utils
Support: iputils
Support: udev
Support: netcfg
Support: hwinfo insserv-compat module-init-tools openSUSE-release openssh
Support: pwdutils rpcbind sysconfig

Ignore: rpm:suse-build-key,build-key
Ignore: systemd:systemd-presets-branding
EOF

    if [ $DISTRO = "13.2" ]
    then
	echo "Support: python3-base" >> $cache/partial-$arch-packages/opensuse.conf
    fi

    # dhcpcd is not in the default repos since Leap 42.1
    if [[ $DISTRO != "leap/4"* ]]
    then
    echo "Support: dhcpcd" >> $cache/partial-$arch-packages/opensuse.conf
    fi

    # Leap doesn't seem to have iproute2 utils installed
    if [[ $DISTRO == "leap/4"* ]]
    then
    echo "Support: net-tools iproute2" >> $cache/partial-$arch-packages/opensuse.conf
    fi

    if [ "$arch" = "i686" ]; then
        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i586/*" ; do
            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
        done
        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686
        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/update/i586/*" ; do
            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686/
        done
    fi

    # openSUSE 13.2 has no noarch directory in update
    [ -d $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch ] || mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch

    CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" PATH="$PATH:$BUILD_DIR" $BUILD_DIR/init_buildsystem  --clean --configdir $BUILD_DIR/configs --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch || return 1
    chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss || return 1

    if [[ $DISTRO == "leap/4"* ]]; then
        chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/oss update || return 1
    else
        chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update || return 1
    fi

#   really clean the image
    rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
    rm -fr $cache/partial-$arch/dev
#    make sure we have a minimal /dev
    mkdir -p "$cache/partial-$arch/dev"
    mknod -m 666 $cache/partial-$arch/dev/null c 1 3
    mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
#   create mtab symlink
    rm -f $cache/partial-$arch/etc/mtab
    ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab

# ensure /var/run and /run are symlinked
    rm -fr $cache/partial-$arch/var/run
    ln -s -f ../run $cache/partial-$arch/var/run
    if [ $? -ne 0 ]; then
        echo "Failed to download the rootfs, aborting."
        return 1
    fi

    rm -fr "$cache/partial-$arch-packages"
    mv "$1/partial-$arch" "$1/rootfs-$arch"
    echo "Download complete."

    return 0
}

copy_opensuse()
{
    cache=$1
    arch=$2
    rootfs=$3

    # make a local copy of the mini opensuse
    echo "Copying rootfs to $rootfs ..."
    mkdir -p $rootfs
    rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1
    return 0
}

install_opensuse()
{
    # Allow the cache base to be set by environment variable
    cache="${LXC_CACHE_PATH:-@LOCALSTATEDIR@/cache/lxc/opensuse/$DISTRO}"
    rootfs=$1
    mkdir -p @LOCALSTATEDIR@/lock/subsys/
    (
        flock -x 9
        if [ $? -ne 0 ]; then
            echo "Cache repository is busy."
            return 1
        fi

        echo "Checking cache download in $cache/rootfs-$arch ... "
        if [ ! -e "$cache/rootfs-$arch" ]; then
            download_opensuse $cache $arch
            if [ $? -ne 0 ]; then
                echo "Failed to download 'opensuse base'"
                return 1
            fi
        fi

        echo "Copy $cache/rootfs-$arch to $rootfs ... "
        copy_opensuse $cache $arch $rootfs
        if [ $? -ne 0 ]; then
            echo "Failed to copy rootfs"
            return 1
        fi

        return 0
    ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse

    return $?
}

# Generate a random hardware (MAC) address composed of FE followed by
# 5 random bytes...
create_hwaddr()
{
    openssl rand -hex 5 | sed -e 's/\(..\)/:\1/g; s/^/fe/'
}

copy_configuration()
{
    path=$1
    rootfs=$2
    name=$3

    grep -q "^lxc.rootfs.path" $path/config 2>/dev/null || echo "
lxc.rootfs.path = $rootfs_path
" >> $path/config

    # The following code is to create static MAC addresses for each
    # interface in the container.  This code will work for multiple
    # interfaces in the default config.  It will also strip any
    # hwaddr stanzas out of the default config since we can not share
    # MAC addresses between containers.
    #
    # This code is largely mimiced from the Fedora Template.
    mv $path/config $path/config.def
    while read LINE
    do
        # This should catch variable expansions from the default config...
        if expr "${LINE}" : '.*\$' > /dev/null 2>&1
        then
                LINE=$(eval "echo \"${LINE}\"")
        fi

        # There is a tab and a space in the regex bracket below!
        # Seems that \s doesn't work in brackets.
        KEY=$(expr "${LINE}" : '\s*\([^	 ]*\)\s*=')

        if [[ "${KEY}" != "lxc.net.0.hwaddr" ]]
        then
            echo "${LINE}" >> $path/config

            if [[ "${KEY}" == "lxc.net.0.link" ]]
            then
                echo "lxc.net.0.hwaddr = $(create_hwaddr)" >> $path/config
            fi
        fi
    done < $path/config.def

    rm -f $path/config.def

    if [ -e "@LXCTEMPLATECONFIG@/opensuse.common.conf" ]; then
        echo "
# Include common configuration
lxc.include = @LXCTEMPLATECONFIG@/opensuse.common.conf
" >> $path/config
    fi

    # Append things which require expansion here...
    cat <<EOF >> $path/config
lxc.arch = $arch
lxc.uts.name = $name

lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed

# When using LXC with apparmor, uncomment the next line to run unconfined:
lxc.aa_profile = unconfined

# example simple networking setup, uncomment to enable
#lxc.net.0.type = $lxc_network_type
#lxc.net.0.flags = up
#lxc.net.0.link = $lxc_network_link
#lxc.net.0.name = eth0
# Additional example for veth network type
#    static MAC address,
#lxc.net.0.hwaddr = 00:16:3e:77:52:20
#    persistent veth device name on host side
#        Note: This may potentially collide with other containers of same name!
#lxc.net.0.veth.pair = v-$name-e0

EOF

    if [ $? -ne 0 ]; then
        echo "Failed to add configuration"
        return 1
    fi

    return 0
}

clean()
{
    cache="${LXC_CACHE_PATH:-@LOCALSTATEDIR@/cache/lxc/opensuse}"

    if [ ! -e $cache ]; then
        exit 0
    fi

    # lock, so we won't purge while someone is creating a repository
    (
        flock -x 9
        if [ $? != 0 ]; then
            echo "Cache repository is busy."
            exit 1
        fi

        echo -n "Purging the download cache..."
        rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
        exit 0
    ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse
}

usage()
{
    cat <<EOF
$1 -h|--help -p|--path=<path> -r|--release nn.n --clean
Please give the release as 13.1, 13.2 etc.
If no release is given, openSUSE Leap 42.2 is installed.
EOF
    return 0
}

# Make arch a global.  This may become configurable?
arch=$(uname -m)

options=$(getopt -o hp:n:r:c -l help,rootfs:,path:,name:,release:,clean -- "$@")
if [ $? -ne 0 ]; then
    usage $(basename $0)
    exit 1
fi
eval set -- "$options"

while true
do
    case "$1" in
        -h|--help)      usage $0 && exit 0;;
        -p|--path)      path=$2; shift 2;;
        --rootfs)       rootfs=$2; shift 2;;
        -n|--name)      name=$2; shift 2;;
        -r|--release)   DISTRO=$2; shift 2;;
        -c|--clean)     clean=1; shift 1;;
        --)             shift 1; break ;;
        *)              break ;;
    esac
done

if [ ! -z "$clean" -a -z "$path" ]; then
    clean || exit 1
    exit 0
fi

type zypper > /dev/null
if [ $? -ne 0 ]; then
    echo "'zypper' command is missing"
    exit 1
fi

if [ -z "$path" ]; then
    echo "'path' parameter is required"
    exit 1
fi

if grep -q Harlequin /etc/os-release || grep -q Tumbleweed /etc/os-release ; then
    BVER=`rpm -q --qf '%{version}\n' build`
    if [ $? -ne 0 -o "$BVER" -lt "20141120" ]; then
	echo "Building openSUSE containers with your version of the build package is broken. Please install the update to version 20141120 or newer."
	exit 1
    fi
fi

if [ -z "$DISTRO" ]; then
    echo ""
    echo "No release selected, using openSUSE Leap 42.2"
    DISTRO="leap/42.2"
else
    echo ""
    case "$DISTRO" in
	13.1)
	    echo "Selected openSUSE 13.1"
	    ;;

	13.2)
	    echo "Selected openSUSE 13.2"
	    ;;

	42.1|leap/42.1|leap)
	    echo "Selected openSUSE Leap 42.1"
	    DISTRO="leap/42.1"
	    ;;

        42.2|leap/42.2|422)
            echo "Selected openSUSE Leap 42.2"
            DISTRO="leap/42.2"
            ;; 
        tumbleweed|factory)
            echo "Selected openSUSE Leap Tumbleweed"
            DISTRO="tumbleweed"
            ;;

	*)
	    echo "You have chosen an invalid release, quitting..."
	    exit 1
	    ;;
    esac
fi


if [ "$(id -u)" != "0" ]; then
    echo "This script should be run as 'root'"
    exit 1
fi

# detect rootfs
config="$path/config"
if [ -z "$rootfs" ]; then
    if grep -q '^lxc.rootfs.path' $config 2>/dev/null ; then
        rootfs=$(awk -F= '/^lxc.rootfs.path =/{ print $2 }' $config)
    else
        rootfs=$path/rootfs
    fi
fi

install_opensuse $rootfs
if [ $? -ne 0 ]; then
    echo "failed to install opensuse"
    exit 1
fi

configure_opensuse $rootfs $name
if [ $? -ne 0 ]; then
    echo "failed to configure opensuse for a container"
    exit 1
fi

copy_configuration $path $rootfs $name
if [ $? -ne 0 ]; then
    echo "failed write configuration file"
    exit 1
fi

if [ ! -z "$clean" ]; then
    clean || exit 1
    exit 0
fi
Commit	Line	Data
c840b37d FC	1	#!/bin/bash
	2
	3	#
41cf1ac3	4	# template script for generating OpenSUSE container for LXC
c840b37d FC	5	#
	6
	7	#
	8	# lxc: linux Container library
	9
	10	# Authors:
	11	# Daniel Lezcano <daniel.lezcano@free.fr>
	12	# Frederic Crozat <fcrozat@suse.com>
41cf1ac3	13	# Michael H. Warfield <mhw@WittsEnd.com>
0ce75698	14	# Johannes Kastl <mail@ojkastl.de>
c840b37d FC	15
	16	# This library is free software; you can redistribute it and/or
	17	# modify it under the terms of the GNU Lesser General Public
	18	# License as published by the Free Software Foundation; either
	19	# version 2.1 of the License, or (at your option) any later version.
	20
	21	# This library is distributed in the hope that it will be useful,
	22	# but WITHOUT ANY WARRANTY; without even the implied warranty of
14d9c0f0	23	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
c840b37d FC	24	# Lesser General Public License for more details.
	25
	26	# You should have received a copy of the GNU Lesser General Public
	27	# License along with this library; if not, write to the Free Software
250b1eec	28	# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
c840b37d	29
8ec981fc	30	# Detect use under userns (unsupported)
c63c04fc	31	for arg in "$@"; do
96283b54 SG	32	[ "$arg" = "--" ] && break
96283b54 SG	33	if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
8ec981fc SG	34	echo "This template can't be used for unprivileged containers." 1>&2
	35	echo "You may want to try the \"download\" template instead." 1>&2
	36	exit 1
	37	fi
	38	done
	39
207bf0e4 SG	40	# Make sure the usual locations are in PATH
	41	export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
	42
f1fd15d6 EG	43	if [ -x /usr/bin/obs-build ]; then
	44	BUILD=/usr/bin/obs-build
	45	export BUILD_DIR=/usr/lib/obs-build
	46	else
	47	BUILD=/usr/bin/build
	48	export BUILD_DIR=/usr/lib/build
	49	fi
	50
c840b37d FC	51	configure_opensuse()
	52	{
	53	rootfs=$1
	54	hostname=$2
	55
41cf1ac3	56	# set first network adapter as dhcp. This is the most common config.
c840b37d	57	cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
a7273db9	58	STARTMODE='auto'
41cf1ac3	59	BOOTPROTO='dhcp'
c840b37d FC	60	EOF
c840b37d FC	61
c840b37d FC	62	# create empty fstab
	63	touch $rootfs/etc/fstab
	64
c840b37d FC	65	# set the hostname
	66	cat <<EOF > $rootfs/etc/HOSTNAME
	67	$hostname
	68	EOF
ba4c4259 FC	69	# ensure /etc/hostname is available too
ba4c4259 FC	70	ln -s -f HOSTNAME $rootfs/etc/hostname
c840b37d FC	71
	72	# do not use hostname from HOSTNAME variable
	73	cat <<EOF >> $rootfs/etc/sysconfig/cron
	74	unset HOSTNAME
	75	EOF
	76
	77	# set minimal hosts
	78	cat <<EOF > $rootfs/etc/hosts
	79	127.0.0.1 localhost $hostname
	80	EOF
	81
c840b37d FC	82	# disable yast->bootloader in container
	83	cat <<EOF > $rootfs/etc/sysconfig/bootloader
	84	LOADER_TYPE=none
	85	LOADER_LOCATION=none
c840b37d FC	86	EOF
c840b37d FC	87
44ee8a10 FC	88	# set /dev/console as securetty
	89	cat << EOF >> $rootfs/etc/securetty
	90	console
c840b37d	91	EOF
44ee8a10	92
c840b37d FC	93	cat <<EOF >> $rootfs/etc/sysconfig/boot
	94	# disable root fsck
	95	ROOTFS_FSCK="0"
	96	ROOTFS_BLKDEV="/dev/null"
	97	EOF
	98
	99
	100	# remove pointless services in a container
a7273db9 FC	101	ln -s /dev/null $rootfs/etc/systemd/system/proc-sys-fs-binfmt_misc.automount
	102	ln -s /dev/null $rootfs/etc/systemd/system/console-shell.service
	103	ln -s /dev/null $rootfs/etc/systemd/system/systemd-vconsole-setup.service
000f7f1c	104	sed -e 's/ConditionPathExists=.*//' $rootfs/usr/lib/systemd/system/getty@.service > $rootfs/etc/systemd/system/getty@.service
36368228 SH	105	ln -s getty@.service $rootfs/etc/systemd/system/getty@tty1.service
	106	ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@console.service
	107	ln -s -f ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty1.service
	108	ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty2.service
	109	ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty3.service
	110	ln -s ../getty@.service $rootfs/etc/systemd/system/getty.target.wants/getty@tty4.service
	111
a7273db9	112	touch $rootfs/etc/sysconfig/kernel
c840b37d FC	113
c840b37d FC	114	echo "Please change root-password !"
c840b37d FC	115
	116	return 0
	117	}
	118
	119	download_opensuse()
	120	{
	121	cache=$1
	122	arch=$2
	123
f1fd15d6	124	if [ ! -x ${BUILD} ]; then
44ee8a10 FC	125	echo "Could not create openSUSE template :"
	126	echo "you need to install \"build\" package"
	127	return 1
	128	fi
	129
c840b37d FC	130	# check the mini opensuse was not already downloaded
	131	mkdir -p "$cache/partial-$arch"
	132
	133	if [ $? -ne 0 ]; then
14d9c0f0 SG	134	echo "Failed to create '$cache/partial-$arch' directory"
14d9c0f0 SG	135	return 1
c840b37d FC	136	fi
	137
	138	# download a mini opensuse into a cache
	139	echo "Downloading opensuse minimal ..."
44ee8a10	140	mkdir -p "$cache/partial-$arch-packages"
5b8819a7 CB	141	if [[ $DISTRO == "tumbleweed" ]]; then
	142	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/$DISTRO/repo/oss/ repo-oss \|\| return 1
	143	else
	144	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss \|\| return 1
	145	fi
f2d63d7a	146	# Leap update repos were rearranged
76a86338	147	if [[ $DISTRO == "leap/4"* ]]; then
f2d63d7a TD	148	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/oss/ update \|\| return 1
	149	else
	150	zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update \|\| return 1
	151	fi
	152	zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update \|\| return 1
36368228	153	zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base bash iputils sed tar rsyslog \|\| return 1
44ee8a10 FC	154	cat > $cache/partial-$arch-packages/opensuse.conf << EOF
44ee8a10 FC	155	Preinstall: aaa_base bash coreutils diffutils
cc33e055	156	Preinstall: filesystem fillup glibc grep insserv-compat perl-base
e080c49a	157	Preinstall: libbz2-1 libncurses5 pam
36368228	158	Preinstall: permissions libreadline6 rpm sed tar libz1 libselinux1
a7273db9	159	Preinstall: liblzma5 libcap2 libacl1 libattr1
44ee8a10	160	Preinstall: libpopt0 libelf1 liblua5_1
a7273db9	161	Preinstall: libpcre1
44ee8a10 FC	162
	163	RunScripts: aaa_base
	164
	165	Support: zypper
	166	Support: patterns-openSUSE-base
	167	Support: lxc
a7273db9 FC	168	Support: ncurses-utils
	169	Support: iputils
	170	Support: udev
	171	Support: netcfg
f2d63d7a	172	Support: hwinfo insserv-compat module-init-tools openSUSE-release openssh
36368228	173	Support: pwdutils rpcbind sysconfig
a7273db9 FC	174
	175	Ignore: rpm:suse-build-key,build-key
	176	Ignore: systemd:systemd-presets-branding
44ee8a10	177	EOF
2e7a16a5 JK	178
	179	if [ $DISTRO = "13.2" ]
	180	then
	181	echo "Support: python3-base" >> $cache/partial-$arch-packages/opensuse.conf
	182	fi
	183
76a86338 TD	184	# dhcpcd is not in the default repos since Leap 42.1
76a86338 TD	185	if [[ $DISTRO != "leap/4"* ]]
f2d63d7a TD	186	then
	187	echo "Support: dhcpcd" >> $cache/partial-$arch-packages/opensuse.conf
	188	fi
	189
9a4fe12d	190	# Leap doesn't seem to have iproute2 utils installed
76a86338	191	if [[ $DISTRO == "leap/4"* ]]
9a4fe12d TD	192	then
	193	echo "Support: net-tools iproute2" >> $cache/partial-$arch-packages/opensuse.conf
	194	fi
	195
17abf278	196	if [ "$arch" = "i686" ]; then
a7273db9 FC	197	mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
	198	for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i586/*" ; do
	199	ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
	200	done
	201	mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686
	202	for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/update/i586/*" ; do
	203	ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686/
41cf1ac3	204	done
a7273db9	205	fi
44ee8a10	206
2e7a16a5 JK	207	# openSUSE 13.2 has no noarch directory in update
	208	[ -d $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch ] \|\| mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
	209
f1fd15d6	210	CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" PATH="$PATH:$BUILD_DIR" $BUILD_DIR/init_buildsystem --clean --configdir $BUILD_DIR/configs --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch \|\| return 1
f4936bf1	211	chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss \|\| return 1
76a86338 TD	212
76a86338 TD	213	if [[ $DISTRO == "leap/4"* ]]; then
6441f6ba TD	214	chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/oss update \|\| return 1
	215	else
	216	chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update \|\| return 1
	217	fi
76a86338	218
44ee8a10 FC	219	# really clean the image
	220	rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
	221	rm -fr $cache/partial-$arch/dev
	222	# make sure we have a minimal /dev
c840b37d FC	223	mkdir -p "$cache/partial-$arch/dev"
	224	mknod -m 666 $cache/partial-$arch/dev/null c 1 3
	225	mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
44ee8a10 FC	226	# create mtab symlink
	227	rm -f $cache/partial-$arch/etc/mtab
	228	ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab
d696d21c FC	229
	230	# ensure /var/run and /run are symlinked
	231	rm -fr $cache/partial-$arch/var/run
	232	ln -s -f ../run $cache/partial-$arch/var/run
c840b37d	233	if [ $? -ne 0 ]; then
14d9c0f0 SG	234	echo "Failed to download the rootfs, aborting."
14d9c0f0 SG	235	return 1
c840b37d FC	236	fi
c840b37d FC	237
44ee8a10	238	rm -fr "$cache/partial-$arch-packages"
c840b37d FC	239	mv "$1/partial-$arch" "$1/rootfs-$arch"
	240	echo "Download complete."
	241
	242	return 0
	243	}
	244
	245	copy_opensuse()
	246	{
	247	cache=$1
	248	arch=$2
	249	rootfs=$3
	250
	251	# make a local copy of the mini opensuse
285ee6b8	252	echo "Copying rootfs to $rootfs ..."
6d8ac56b	253	mkdir -p $rootfs
44d39789	254	rsync -Ha $cache/rootfs-$arch/ $rootfs/ \|\| return 1
c840b37d FC	255	return 0
	256	}
	257
	258	install_opensuse()
	259	{
6dc6f80b KC	260	# Allow the cache base to be set by environment variable
6dc6f80b KC	261	cache="${LXC_CACHE_PATH:-@LOCALSTATEDIR@/cache/lxc/opensuse/$DISTRO}"
c840b37d	262	rootfs=$1
e29bf450	263	mkdir -p @LOCALSTATEDIR@/lock/subsys/
c840b37d	264	(
17abf278	265	flock -x 9
14d9c0f0 SG	266	if [ $? -ne 0 ]; then
	267	echo "Cache repository is busy."
	268	return 1
	269	fi
	270
14d9c0f0 SG	271	echo "Checking cache download in $cache/rootfs-$arch ... "
	272	if [ ! -e "$cache/rootfs-$arch" ]; then
	273	download_opensuse $cache $arch
	274	if [ $? -ne 0 ]; then
	275	echo "Failed to download 'opensuse base'"
	276	return 1
	277	fi
	278	fi
	279
	280	echo "Copy $cache/rootfs-$arch to $rootfs ... "
	281	copy_opensuse $cache $arch $rootfs
	282	if [ $? -ne 0 ]; then
	283	echo "Failed to copy rootfs"
	284	return 1
	285	fi
	286
	287	return 0
17abf278	288	) 9>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse
c840b37d FC	289
	290	return $?
	291	}
	292
41cf1ac3 MW	293	# Generate a random hardware (MAC) address composed of FE followed by
	294	# 5 random bytes...
	295	create_hwaddr()
	296	{
	297	openssl rand -hex 5 \| sed -e 's/\(..\)/:\1/g; s/^/fe/'
	298	}
	299
c840b37d FC	300	copy_configuration()
	301	{
	302	path=$1
	303	rootfs=$2
	304	name=$3
	305
7a96a068 CB	306	grep -q "^lxc.rootfs.path" $path/config 2>/dev/null \|\| echo "
7a96a068 CB	307	lxc.rootfs.path = $rootfs_path
41cf1ac3 MW	308	" >> $path/config
	309
	310	# The following code is to create static MAC addresses for each
	311	# interface in the container. This code will work for multiple
	312	# interfaces in the default config. It will also strip any
	313	# hwaddr stanzas out of the default config since we can not share
	314	# MAC addresses between containers.
	315	#
	316	# This code is largely mimiced from the Fedora Template.
	317	mv $path/config $path/config.def
	318	while read LINE
	319	do
	320	# This should catch variable expansions from the default config...
	321	if expr "${LINE}" : '.*\$' > /dev/null 2>&1
	322	then
	323	LINE=$(eval "echo \"${LINE}\"")
c01c25fc	324	fi
41cf1ac3 MW	325
	326	# There is a tab and a space in the regex bracket below!
	327	# Seems that \s doesn't work in brackets.
	328	KEY=$(expr "${LINE}" : '\s\([^ ]\)\s*=')
	329
7fa3f2e9	330	if [[ "${KEY}" != "lxc.net.0.hwaddr" ]]
41cf1ac3 MW	331	then
	332	echo "${LINE}" >> $path/config
	333
7fa3f2e9	334	if [[ "${KEY}" == "lxc.net.0.link" ]]
41cf1ac3	335	then
7fa3f2e9	336	echo "lxc.net.0.hwaddr = $(create_hwaddr)" >> $path/config
41cf1ac3	337	fi
c01c25fc	338	fi
41cf1ac3 MW	339	done < $path/config.def
	340
	341	rm -f $path/config.def
	342
	343	if [ -e "@LXCTEMPLATECONFIG@/opensuse.common.conf" ]; then
	344	echo "
	345	# Include common configuration
	346	lxc.include = @LXCTEMPLATECONFIG@/opensuse.common.conf
	347	" >> $path/config
a7273db9	348	fi
ba4c4259	349
41cf1ac3	350	# Append things which require expansion here...
c840b37d	351	cat <<EOF >> $path/config
41cf1ac3	352	lxc.arch = $arch
b67771bc	353	lxc.uts.name = $name
41cf1ac3	354
f24a52d5	355	lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
c840b37d	356
f02ce27d	357	# When using LXC with apparmor, uncomment the next line to run unconfined:
3ddfde2a	358	lxc.aa_profile = unconfined
f02ce27d	359
41cf1ac3	360	# example simple networking setup, uncomment to enable
7fa3f2e9	361	#lxc.net.0.type = $lxc_network_type
	362	#lxc.net.0.flags = up
	363	#lxc.net.0.link = $lxc_network_link
	364	#lxc.net.0.name = eth0
41cf1ac3 MW	365	# Additional example for veth network type
41cf1ac3 MW	366	# static MAC address,
7fa3f2e9	367	#lxc.net.0.hwaddr = 00:16:3e:77:52:20
41cf1ac3 MW	368	# persistent veth device name on host side
41cf1ac3 MW	369	# Note: This may potentially collide with other containers of same name!
7fa3f2e9	370	#lxc.net.0.veth.pair = v-$name-e0
41cf1ac3	371
c840b37d FC	372	EOF
	373
	374	if [ $? -ne 0 ]; then
14d9c0f0 SG	375	echo "Failed to add configuration"
14d9c0f0 SG	376	return 1
c840b37d FC	377	fi
	378
	379	return 0
	380	}
	381
	382	clean()
	383	{
6dc6f80b	384	cache="${LXC_CACHE_PATH:-@LOCALSTATEDIR@/cache/lxc/opensuse}"
c840b37d FC	385
c840b37d FC	386	if [ ! -e $cache ]; then
14d9c0f0	387	exit 0
c840b37d FC	388	fi
	389
	390	# lock, so we won't purge while someone is creating a repository
	391	(
17abf278	392	flock -x 9
14d9c0f0 SG	393	if [ $? != 0 ]; then
	394	echo "Cache repository is busy."
	395	exit 1
	396	fi
	397
	398	echo -n "Purging the download cache..."
	399	rm --preserve-root --one-file-system -rf $cache && echo "Done." \|\| exit 1
	400	exit 0
17abf278	401	) 9>@LOCALSTATEDIR@/lock/subsys/lxc-opensuse
c840b37d FC	402	}
	403
	404	usage()
	405	{
	406	cat <<EOF
0ce75698	407	$1 -h\|--help -p\|--path=<path> -r\|--release nn.n --clean
8f3a3cd8	408	Please give the release as 13.1, 13.2 etc.
e783e4bd	409	If no release is given, openSUSE Leap 42.2 is installed.
c840b37d FC	410	EOF
	411	return 0
	412	}
	413
41cf1ac3 MW	414	# Make arch a global. This may become configurable?
	415	arch=$(uname -m)
	416
2e7a16a5	417	options=$(getopt -o hp:n:r:c -l help,rootfs:,path:,name:,release:,clean -- "$@")
c840b37d FC	418	if [ $? -ne 0 ]; then
	419	usage $(basename $0)
	420	exit 1
	421	fi
	422	eval set -- "$options"
	423
	424	while true
	425	do
	426	case "$1" in
14d9c0f0 SG	427	-h\|--help) usage $0 && exit 0;;
14d9c0f0 SG	428	-p\|--path) path=$2; shift 2;;
1897e3bc	429	--rootfs) rootfs=$2; shift 2;;
14d9c0f0	430	-n\|--name) name=$2; shift 2;;
11116742	431	-r\|--release) DISTRO=$2; shift 2;;
eb4cd296	432	-c\|--clean) clean=1; shift 1;;
14d9c0f0 SG	433	--) shift 1; break ;;
14d9c0f0 SG	434	*) break ;;
c840b37d FC	435	esac
	436	done
	437
	438	if [ ! -z "$clean" -a -z "$path" ]; then
	439	clean \|\| exit 1
	440	exit 0
	441	fi
	442
	443	type zypper > /dev/null
	444	if [ $? -ne 0 ]; then
	445	echo "'zypper' command is missing"
	446	exit 1
	447	fi
	448
	449	if [ -z "$path" ]; then
	450	echo "'path' parameter is required"
	451	exit 1
	452	fi
	453
de548c60	454	if grep -q Harlequin /etc/os-release \|\| grep -q Tumbleweed /etc/os-release ; then
fe89217a JS	455	BVER=`rpm -q --qf '%{version}\n' build`
fe89217a JS	456	if [ $? -ne 0 -o "$BVER" -lt "20141120" ]; then
d3eccbbf JK	457	echo "Building openSUSE containers with your version of the build package is broken. Please install the update to version 20141120 or newer."
	458	exit 1
	459	fi
f38788b4 JK	460	fi
f38788b4 JK	461
2e7a16a5	462	if [ -z "$DISTRO" ]; then
3e892287	463	echo ""
e783e4bd	464	echo "No release selected, using openSUSE Leap 42.2"
04e30e9d	465	DISTRO="leap/42.2"
3e892287 JK	466	else
	467	echo ""
	468	case "$DISTRO" in
3e892287 JK	469	13.1)
	470	echo "Selected openSUSE 13.1"
	471	;;
	472
	473	13.2)
	474	echo "Selected openSUSE 13.2"
	475	;;
	476
f2d63d7a TD	477	42.1\|leap/42.1\|leap)
	478	echo "Selected openSUSE Leap 42.1"
	479	DISTRO="leap/42.1"
	480	;;
	481
76a86338 TD	482	42.2\|leap/42.2\|422)
	483	echo "Selected openSUSE Leap 42.2"
	484	DISTRO="leap/42.2"
	485	;;
5b8819a7 CB	486	tumbleweed\|factory)
	487	echo "Selected openSUSE Leap Tumbleweed"
	488	DISTRO="tumbleweed"
	489	;;
76a86338	490
3e892287 JK	491	*)
	492	echo "You have chosen an invalid release, quitting..."
	493	exit 1
	494	;;
	495	esac
2e7a16a5 JK	496	fi
	497
	498
c840b37d FC	499	if [ "$(id -u)" != "0" ]; then
	500	echo "This script should be run as 'root'"
	501	exit 1
	502	fi
	503
1881820a SH	504	# detect rootfs
1881820a SH	505	config="$path/config"
1897e3bc	506	if [ -z "$rootfs" ]; then
7a96a068 CB	507	if grep -q '^lxc.rootfs.path' $config 2>/dev/null ; then
7a96a068 CB	508	rootfs=$(awk -F= '/^lxc.rootfs.path =/{ print $2 }' $config)
1897e3bc SH	509	else
	510	rootfs=$path/rootfs
	511	fi
1881820a	512	fi
c840b37d FC	513
	514	install_opensuse $rootfs
	515	if [ $? -ne 0 ]; then
	516	echo "failed to install opensuse"
	517	exit 1
	518	fi
	519
	520	configure_opensuse $rootfs $name
	521	if [ $? -ne 0 ]; then
	522	echo "failed to configure opensuse for a container"
	523	exit 1
	524	fi
	525
	526	copy_configuration $path $rootfs $name
	527	if [ $? -ne 0 ]; then
	528	echo "failed write configuration file"
	529	exit 1
	530	fi
	531
b5a285ea	532	if [ ! -z "$clean" ]; then
c840b37d FC	533	clean \|\| exit 1
	534	exit 0
	535	fi