]>
Commit | Line | Data |
---|---|---|
17abf278 | 1 | #!/bin/sh |
708f4a80 SH |
2 | # |
3 | # Template script for generating Oracle Enterprise Linux container for LXC | |
4 | # based on lxc-fedora, lxc-ubuntu | |
5 | # | |
8cd80b50 SG |
6 | # Copyright © 2011 Wim Coekaerts <wim.coekaerts@oracle.com> |
7 | # Copyright © 2012 Dwight Engen <dwight.engen@oracle.com> | |
708f4a80 SH |
8 | # |
9 | # Modified for Oracle Linux 5 | |
10 | # Wim Coekaerts <wim.coekaerts@oracle.com> | |
11 | # | |
da139233 | 12 | # Modified for Oracle Linux 6, combined OL4,5,6 into one template script |
708f4a80 SH |
13 | # Dwight Engen <dwight.engen@oracle.com> |
14 | # | |
15 | # This library is free software; you can redistribute it and/or | |
16 | # modify it under the terms of the GNU Lesser General Public | |
17 | # License as published by the Free Software Foundation; either | |
18 | # version 2.1 of the License, or (at your option) any later version. | |
19 | # | |
20 | # This library is distributed in the hope that it will be useful, | |
21 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
22 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
23 | # Lesser General Public License for more details. | |
24 | # | |
25 | # You should have received a copy of the GNU Lesser General Public | |
26 | # License along with this library; if not, write to the Free Software | |
250b1eec | 27 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
708f4a80 SH |
28 | # |
29 | ||
8ec981fc | 30 | # Detect use under userns (unsupported) |
c63c04fc | 31 | for arg in "$@"; do |
96283b54 SG |
32 | [ "$arg" = "--" ] && break |
33 | if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then | |
8ec981fc SG |
34 | echo "This template can't be used for unprivileged containers." 1>&2 |
35 | echo "You may want to try the \"download\" template instead." 1>&2 | |
36 | exit 1 | |
37 | fi | |
38 | done | |
39 | ||
207bf0e4 SG |
40 | # Make sure the usual locations are in PATH |
41 | export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin | |
42 | ||
708f4a80 SH |
43 | # use virbr0 that is setup by default by libvirtd |
44 | lxc_network_type=veth | |
45 | lxc_network_link=virbr0 | |
46 | ||
47 | die() | |
48 | { | |
49 | echo "failed: $1" | |
50 | exit 1 | |
51 | } | |
52 | ||
53 | is_btrfs_subvolume() | |
54 | { | |
55 | if which btrfs >/dev/null 2>&1 && \ | |
56 | btrfs subvolume list "$1" >/dev/null 2>&1; then | |
14d9c0f0 | 57 | return 0 |
708f4a80 SH |
58 | fi |
59 | return 1 | |
60 | } | |
61 | ||
341c9718 DE |
62 | can_chcon() |
63 | { | |
64 | if which chcon >/dev/null 2>&1; then | |
65 | selinuxenabled >/dev/null 2>&1 | |
66 | return $? | |
67 | fi | |
68 | return 1 | |
69 | } | |
70 | ||
708f4a80 | 71 | # fix up the container_rootfs |
7ceebfd1 | 72 | container_rootfs_patch() |
708f4a80 | 73 | { |
7ceebfd1 DE |
74 | echo "Patching container rootfs $container_rootfs for Oracle Linux $container_release_major.$container_release_minor" |
75 | ||
76 | # copy ourself into the container to be used to --patch the rootfs when | |
77 | # yum update on certain packages is done. we do this here instead of in | |
78 | # container_rootfs_configure() in case the patching done in this function | |
79 | # is updated in the future, we can inject the updated version of ourself | |
80 | # into older containers. | |
81 | if [ $container_rootfs != "/" ]; then | |
82 | cp -f `readlink -f $0` $container_rootfs/usr/bin/lxc-patch | |
83 | if [ $container_release_major -lt "6" ]; then | |
84 | mkdir -p $container_rootfs/usr/lib/yum-plugins | |
85 | cp @DATADIR@/lxc/lxc-patch.py $container_rootfs/usr/lib/yum-plugins | |
86 | fi | |
87 | if [ $container_release_major = "6" ]; then | |
88 | mkdir -p $container_rootfs/usr/share/yum-plugins | |
89 | cp @DATADIR@/lxc/lxc-patch.py $container_rootfs/usr/share/yum-plugins | |
90 | fi | |
91 | mkdir -p $container_rootfs/etc/yum/pluginconf.d | |
92 | cat <<EOF > $container_rootfs/etc/yum/pluginconf.d/lxc-patch.conf | |
93 | [main] | |
94 | enabled=1 | |
95 | packages=initscripts,iptables,selinux-policy,readahead,udev,util-linux-ng | |
96 | EOF | |
97 | fi | |
98 | ||
99 | if [ $container_release_major = "4" ]; then | |
100 | # yum plugin type of TYPE_INTERFACE works in all releases but gives a | |
101 | # deprecation warning on major > 4, so we default to TYPE_INTERACTIVE | |
102 | # and fix it up here | |
103 | sed -i 's|TYPE_INTERACTIVE|TYPE_INTERFACE|' $container_rootfs/usr/lib/yum-plugins/lxc-patch.py | |
104 | if [ -f $container_rootfs/etc/yum.repos.d/ULN-Base.repo ]; then | |
105 | mv $container_rootfs/etc/yum.repos.d/ULN-Base.repo \ | |
106 | $container_rootfs/etc/yum.repos.d/ULN-Base.repo.lxc-disabled | |
107 | fi | |
108 | echo "plugins = 1" >>$container_rootfs/etc/yum.conf | |
109 | fi | |
708f4a80 | 110 | |
31f38b17 DE |
111 | # "disable" selinux in the guest. The policy in the container isn't |
112 | # likely to match the hosts (unless host == guest exactly) and the | |
113 | # kernel can only be enforcing one policy. | |
114 | # | |
115 | # The OL 5 init honors /etc/selinux/config, but note that | |
708f4a80 SH |
116 | # this doesnt actually disable it if it's enabled in the host, since |
117 | # libselinux::is_selinux_enabled() in the guest will check | |
118 | # /proc/filesystems and see selinuxfs, thus reporting that it is on | |
31f38b17 DE |
119 | # (ie. check the output of sestatus in the guest). We also replace |
120 | # /usr/sbin/selinuxenabled with a symlink to /bin/false so that init | |
121 | # scripts (ie. mcstransd) that call that think selinux is disabled. | |
708f4a80 SH |
122 | mkdir -p $container_rootfs/selinux |
123 | echo 0 > $container_rootfs/selinux/enforce | |
124 | if [ -e $container_rootfs/etc/selinux/config ]; then | |
14d9c0f0 | 125 | sed -i 's|SELINUX=enforcing|SELINUX=disabled|' $container_rootfs/etc/selinux/config |
708f4a80 | 126 | else |
c01c25fc | 127 | mkdir -p $container_rootfs/etc/selinux |
14d9c0f0 | 128 | echo "SELINUX=disabled" >$container_rootfs/etc/selinux/config |
708f4a80 | 129 | fi |
da139233 DE |
130 | sed -i 's|session[ \t]*required[ \t]*pam_selinux.so[ \t]*close|#session required pam_selinux.so close|' $container_rootfs/etc/pam.d/login |
131 | sed -i 's|session[ \t]*required[ \t]*pam_selinux.so[ \t]*open|#session required pam_selinux.so open|' $container_rootfs/etc/pam.d/login | |
eff9177f DE |
132 | |
133 | # setting /proc/$$/loginuid doesn't work under user namespace, which | |
134 | # prevents logins from working | |
135 | sed -i 's|session[ \t]*required[ \t]*pam_loginuid.so|#session required pam_loginuid.so|' $container_rootfs/etc/pam.d/sshd | |
da139233 | 136 | sed -i 's|session[ \t]*required[ \t]*pam_loginuid.so|#session required pam_loginuid.so|' $container_rootfs/etc/pam.d/login |
000559b5 | 137 | |
31f38b17 DE |
138 | if [ -f $container_rootfs/usr/sbin/selinuxenabled ]; then |
139 | mv $container_rootfs/usr/sbin/selinuxenabled $container_rootfs/usr/sbin/selinuxenabled.lxcorig | |
140 | ln -s /bin/false $container_rootfs/usr/sbin/selinuxenabled | |
141 | fi | |
142 | ||
da139233 DE |
143 | # silence error in checking for selinux |
144 | sed -i 's|cat /proc/self/attr/current|cat /proc/self/attr/current 2>/dev/null|' $container_rootfs/etc/rc.sysinit | |
145 | sed -i 's|cat /proc/self/attr/current|cat /proc/self/attr/current 2>/dev/null|' $container_rootfs/etc/rc.d/rc.sysinit | |
708f4a80 | 146 | |
eff9177f DE |
147 | # on ol4 pam_limits prevents logins when using user namespaces |
148 | if [ $container_release_major = "4" ]; then | |
149 | sed -i 's|session[ \t]*required[ \t]*/lib/security/\$ISA/pam_limits.so|#session required /lib/security/$ISA/pam_limits.so|' $container_rootfs/etc/pam.d/system-auth | |
150 | fi | |
151 | ||
da139233 DE |
152 | # avoid error in ol5 attempting to copy non-existent resolv.conf |
153 | if [ $container_release_major = "5" ]; then | |
154 | sed -i 's|resolv.conf.predhclient|resolv.conf.predhclient 2>/dev/null|' $container_rootfs/sbin/dhclient-script | |
155 | fi | |
156 | ||
e35cb41b DE |
157 | # disable interactive ovmd asking questions |
158 | if [ -f $container_rootfs/etc/sysconfig/ovmd ]; then | |
159 | sed -i 's|INITIAL_CONFIG=yes|INITIAL_CONFIG=no|' $container_rootfs/etc/sysconfig/ovmd | |
160 | fi | |
161 | ||
7ceebfd1 DE |
162 | # disable disabling of ipv4 forwarding and defrag on shutdown since |
163 | # we mount /proc/sys ro | |
164 | if [ $container_release_major = "5" ]; then | |
165 | sed -i 's|-f /proc/sys/net/ipv4/ip_forward|-w /proc/sys/net/ipv4/ip_forward|' $container_rootfs/etc/rc.d/init.d/network | |
166 | sed -i 's|-f /proc/sys/net/ipv4/ip_always_defrag|-w /proc/sys/net/ipv4/ip_always_defrag|' $container_rootfs/etc/rc.d/init.d/network | |
167 | fi | |
708f4a80 | 168 | |
da139233 | 169 | # disable ipv6 on ol6 |
7060353a | 170 | rm -f $container_rootfs/etc/sysconfig/network-scripts/init.ipv6-global |
708f4a80 | 171 | |
708f4a80 SH |
172 | # remove module stuff for iptables it just shows errors that are not |
173 | # relevant in a container | |
174 | if [ -f "$container_rootfs/etc/sysconfig/iptables-config" ]; then | |
14d9c0f0 SG |
175 | sed -i 's|IPTABLES_MODULES=".*|IPTABLES_MODULES=""|' $container_rootfs/etc/sysconfig/iptables-config |
176 | sed -i 's|IPTABLES_MODULES_UNLOAD=".*|IPTABLES_MODULES_UNLOAD="no"|' $container_rootfs/etc/sysconfig/iptables-config | |
708f4a80 SH |
177 | fi |
178 | ||
179 | # disable readahead in the container | |
180 | if [ $container_release_major = "6" -a -e $container_rootfs/etc/sysconfig/readahead ]; then | |
14d9c0f0 SG |
181 | rm -f $container_rootfs/etc/init/readahead-collector.conf |
182 | rm -f $container_rootfs/etc/init/readahead-disable-services.conf | |
183 | sed -i 's|READAHEAD="yes"|READAHEAD="no"|' $container_rootfs/etc/sysconfig/readahead | |
708f4a80 SH |
184 | fi |
185 | ||
e35cb41b DE |
186 | if [ $container_release_major = "4" ]; then |
187 | # enable fastboot always | |
188 | sed -i 's|\[ -f /fastboot \]|/bin/true|' $container_rootfs/etc/rc.sysinit | |
189 | sed -i 's|\[ -f /fastboot \]|/bin/true|' $container_rootfs/etc/rc.d/rc.sysinit | |
190 | ||
191 | # dont attempt to set kernel parameters | |
192 | sed -i 's|action $"Configuring kernel parameters|# LXC action $"Configuring kernel parameters|' $container_rootfs/etc/rc.sysinit | |
193 | sed -i 's|action $"Configuring kernel parameters|# LXC action $"Configuring kernel parameters|' $container_rootfs/etc/rc.d/rc.sysinit | |
839af5b3 DE |
194 | sed -i 's|action $"Setting network parameters|# LXC action $"Setting network parameters|' $container_rootfs/etc/init.d/network 2>/dev/null |
195 | sed -i 's|action $"Setting network parameters|# LXC action $"Setting network parameters|' $container_rootfs/etc/init.d/NetworkManager 2>/dev/null | |
e35cb41b DE |
196 | fi |
197 | ||
da139233 DE |
198 | # no need to attempt to mount / |
199 | sed -i 's|mount -f /$|# LXC mount -f /|' $container_rootfs/etc/rc.sysinit | |
200 | sed -i 's|mount -f /$|# LXC mount -f /|' $container_rootfs/etc/rc.d/rc.sysinit | |
201 | sed -i 's|action \$"Remounting root filesystem|/bin/true # LXC action $"Remounting root filesystem|' $container_rootfs/etc/rc.sysinit | |
202 | sed -i 's|action \$"Remounting root filesystem|/bin/true # LXC action $"Remounting root filesystem|' $container_rootfs/etc/rc.d/rc.sysinit | |
203 | ||
708f4a80 | 204 | # disable udev in the container |
e35cb41b DE |
205 | if [ $container_release_major = "4" ]; then |
206 | sed -i 's|\[ -x /sbin/start_udev \]|# LXC no udev|' $container_rootfs/etc/rc.sysinit | |
207 | sed -i 's|\[ -x /sbin/start_udev \]|# LXC no udev|' $container_rootfs/etc/rc.d/rc.sysinit | |
208 | else | |
209 | sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.sysinit | |
210 | sed -i 's|.sbin.start_udev||' $container_rootfs/etc/rc.d/rc.sysinit | |
211 | fi | |
708f4a80 SH |
212 | |
213 | # disable nash raidautorun in the container since no /dev/md* | |
e35cb41b | 214 | if [ $container_release_major = "4" -o $container_release_major = "5" ]; then |
14d9c0f0 SG |
215 | sed -i 's|echo "raidautorun /dev/md0"|echo ""|' $container_rootfs/etc/rc.sysinit |
216 | sed -i 's|echo "raidautorun /dev/md0"|echo ""|' $container_rootfs/etc/rc.d/rc.sysinit | |
708f4a80 SH |
217 | fi |
218 | ||
219 | # prevent rc.sysinit from attempting to loadkeys | |
e35cb41b | 220 | if [ \( $container_release_major = "4" -o $container_release_major = "5" \) -a -e $container_rootfs/etc/sysconfig/keyboard ]; then |
14d9c0f0 | 221 | rm $container_rootfs/etc/sysconfig/keyboard |
708f4a80 SH |
222 | fi |
223 | ||
e35cb41b DE |
224 | # dont use the hwclock, it messes up the host's time |
225 | if [ $container_release_major = "4" ]; then | |
226 | sed -i 's|runcmd $"Syncing hardware clock|# LXC no hwclock runcmd $"Syncing hardware clock|' $container_rootfs/etc/rc.d/init.d/halt | |
227 | else | |
228 | sed -i 's|\[ -x /sbin/hwclock|\[ 0 -eq 1|' $container_rootfs/etc/rc.d/init.d/halt | |
229 | fi | |
da139233 DE |
230 | sed -i 's|^\[ -x /sbin/hwclock|\[ 0 -eq 1|' $container_rootfs/etc/rc.sysinit |
231 | sed -i 's|^\[ -x /sbin/hwclock|\[ 0 -eq 1|' $container_rootfs/etc/rc.d/rc.sysinit | |
232 | sed -i 's|^/sbin/hwclock|# LXC /sbin/nohwclock|' $container_rootfs/etc/rc.sysinit | |
233 | sed -i 's|^/sbin/hwclock|# LXC /sbin/nohwclock|' $container_rootfs/etc/rc.d/rc.sysinit | |
708f4a80 SH |
234 | |
235 | # dont start lvm | |
7ceebfd1 DE |
236 | if [ $container_release_major -lt "6" -a -f $container_rootfs/sbin/lvm.static ]; then |
237 | mv $container_rootfs/sbin/lvm.static $container_rootfs/sbin/lvm.static.lxc-disabled | |
238 | fi | |
239 | if [ $container_release_major = "6" ]; then | |
240 | touch $container_rootfs/.nolvm | |
241 | fi | |
708f4a80 SH |
242 | |
243 | # fix assumptions that plymouth is available | |
244 | sed -i 's|\[ "$PROMPT" != no \] && plymouth|[ "$PROMPT" != no ] \&\& [ -n "$PLYMOUTH" ] \&\& plymouth|' $container_rootfs/etc/rc.sysinit | |
245 | sed -i 's|\[ "$PROMPT" != no \] && plymouth|[ "$PROMPT" != no ] \&\& [ -n "$PLYMOUTH" ] \&\& plymouth|' $container_rootfs/etc/rc.d/rc.sysinit | |
7060353a DE |
246 | rm -f $container_rootfs/etc/init/plymouth-shutdown.conf |
247 | rm -f $container_rootfs/etc/init/quit-plymouth.conf | |
248 | rm -f $container_rootfs/etc/init/splash-manager.conf | |
708f4a80 | 249 | |
7ceebfd1 DE |
250 | # dont try to unmount /dev/lxc devices |
251 | sed -i 's|&& $1 !~ /^\\/dev\\/ram/|\&\& $2 !~ /^\\/dev\\/lxc/ \&\& $1 !~ /^\\/dev\\/ram/|' $container_rootfs/etc/init.d/halt | |
252 | ||
253 | # don't try to unmount swap | |
254 | sed -i 's|\[ -f /proc/swaps \]|# LXC [ -f /proc/swaps ]|' $container_rootfs/etc/init.d/halt | |
255 | ||
256 | # there might be other services that are useless but the below set is a good start | |
257 | # some of these might not exist in the image, so we silence chkconfig complaining | |
258 | # about the service file not being found | |
259 | for service in \ | |
260 | acpid apmd auditd autofs cpuspeed dund gpm haldaemon hidd \ | |
261 | ip6tables irqbalance iscsi iscsid isdn kdump kudzu \ | |
262 | lm_sensors lvm2-monitor mdmonitor microcode_ctl \ | |
263 | ntpd pcmcia postfix sendmail udev-post xfs ; | |
264 | do | |
265 | chroot $container_rootfs chkconfig 2>/dev/null $service off | |
266 | done | |
267 | ||
268 | for service in rsyslog ; | |
269 | do | |
270 | chroot $container_rootfs chkconfig 2>/dev/null $service on | |
271 | done | |
272 | ||
273 | # ensure /dev/ptmx refers to the newinstance devpts of the container, or | |
274 | # pty's will get crossed up with the hosts (https://lkml.org/lkml/2012/1/23/512) | |
275 | rm -f $container_rootfs/dev/ptmx | |
276 | ln -s pts/ptmx $container_rootfs/dev/ptmx | |
277 | } | |
278 | ||
279 | container_rootfs_configure() | |
280 | { | |
281 | container_rootfs_patch | |
282 | echo "Configuring container for Oracle Linux $container_release_major.$container_release_minor" | |
283 | ||
284 | # configure the network to use dhcp. we set DHCP_HOSTNAME so the guest | |
285 | # will report its name and be resolv'able by the hosts dnsmasq | |
286 | cat <<EOF > $container_rootfs/etc/sysconfig/network-scripts/ifcfg-eth0 | |
287 | DEVICE=eth0 | |
288 | BOOTPROTO=dhcp | |
289 | ONBOOT=yes | |
290 | HOSTNAME=$name | |
291 | DHCP_HOSTNAME=$name | |
292 | NM_CONTROLLED=no | |
293 | TYPE=Ethernet | |
294 | EOF | |
295 | ||
296 | # set the hostname | |
297 | cat <<EOF > $container_rootfs/etc/sysconfig/network | |
298 | NETWORKING=yes | |
299 | NETWORKING_IPV6=no | |
300 | HOSTNAME=$name | |
301 | EOF | |
302 | ||
303 | # set minimal hosts | |
304 | echo "127.0.0.1 localhost $name" > $container_rootfs/etc/hosts | |
305 | ||
306 | # this file has to exist for libvirt/Virtual machine monitor to boot the container | |
307 | touch $container_rootfs/etc/mtab | |
308 | ||
309 | # don't put devpts,proc, nor sysfs in here, it will already be mounted for us by lxc/libvirt | |
310 | cat <<EOF > $container_rootfs/etc/fstab | |
311 | EOF | |
312 | ||
313 | # sem_open(3) checks that /dev/shm is SHMFS_SUPER_MAGIC, so make sure to mount /dev/shm (normally done by dracut initrd) as tmpfs | |
314 | if [ $container_release_major = "4" -o $container_release_major = "5" ]; then | |
315 | echo "mount -t tmpfs tmpfs /dev/shm" >>$container_rootfs/etc/rc.sysinit | |
316 | echo "mount -t tmpfs tmpfs /dev/shm" >>$container_rootfs/etc/rc.d/rc.sysinit | |
317 | fi | |
318 | ||
319 | if [ $container_release_major = "6" ]; then | |
320 | sed -i 's|mount -n -o remount /dev/shm >/dev/null 2>&1$|mount -t tmpfs tmpfs /dev/shm # LXC|' $container_rootfs/etc/rc.sysinit | |
321 | sed -i 's|mount -n -o remount /dev/shm >/dev/null 2>&1$|mount -t tmpfs tmpfs /dev/shm # LXC|' $container_rootfs/etc/rc.d/rc.sysinit | |
322 | fi | |
323 | ||
708f4a80 SH |
324 | # setup console and tty[1-4] for login. note that /dev/console and |
325 | # /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and | |
326 | # /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks. | |
327 | # lxc will maintain these links and bind mount ptys over /dev/lxc/* | |
328 | # since lxc.devttydir is specified in the config. | |
329 | ||
000559b5 | 330 | # allow root login on console, tty[1-4], and pts/0 for libvirt |
708f4a80 SH |
331 | echo "# LXC (Linux Containers)" >>$container_rootfs/etc/securetty |
332 | echo "lxc/console" >>$container_rootfs/etc/securetty | |
333 | echo "lxc/tty1" >>$container_rootfs/etc/securetty | |
334 | echo "lxc/tty2" >>$container_rootfs/etc/securetty | |
335 | echo "lxc/tty3" >>$container_rootfs/etc/securetty | |
336 | echo "lxc/tty4" >>$container_rootfs/etc/securetty | |
000559b5 DE |
337 | echo "# For libvirt/Virtual Machine Monitor" >>$container_rootfs/etc/securetty |
338 | echo "pts/0" >>$container_rootfs/etc/securetty | |
708f4a80 | 339 | |
2e83f720 | 340 | # prevent mingetty from calling vhangup(2) since it fails with userns |
91bcb2dd DE |
341 | if [ -f $container_rootfs/etc/init/tty.conf ]; then |
342 | sed -i 's|mingetty|mingetty --nohangup|' $container_rootfs/etc/init/tty.conf | |
343 | fi | |
2e83f720 | 344 | |
708f4a80 | 345 | # start a getty on /dev/console, /dev/tty[1-4] |
e35cb41b | 346 | if [ $container_release_major = "4" -o $container_release_major = "5" ]; then |
2e83f720 | 347 | sed -i 's|mingetty|mingetty --nohangup|' $container_rootfs/etc/inittab |
88927db9 | 348 | sed -i '/1:2345:respawn/i cns:2345:respawn:/sbin/mingetty --nohangup --noclear console' $container_rootfs/etc/inittab |
14d9c0f0 SG |
349 | sed -i '/5:2345:respawn/d' $container_rootfs/etc/inittab |
350 | sed -i '/6:2345:respawn/d' $container_rootfs/etc/inittab | |
708f4a80 SH |
351 | fi |
352 | ||
353 | if [ $container_release_major = "6" ]; then | |
14d9c0f0 | 354 | cat <<EOF > $container_rootfs/etc/init/console.conf |
708f4a80 SH |
355 | # console - getty |
356 | # | |
357 | # This service maintains a getty on the console from the point the system is | |
358 | # started until it is shut down again. | |
359 | ||
360 | start on stopped rc RUNLEVEL=[2345] | |
361 | stop on runlevel [!2345] | |
362 | ||
363 | respawn | |
88927db9 | 364 | exec /sbin/mingetty --nohangup --noclear /dev/console |
708f4a80 SH |
365 | EOF |
366 | fi | |
367 | ||
ed34a67d DE |
368 | # lxc-shutdown sends SIGPWR to init, OL4 and OL5 have SysVInit, just |
369 | # make it do shutdown now instead of delaying 2 minutes. OL6 uses | |
370 | # upstart, so we create an upstart job to handle SIGPWR to shut down | |
371 | # cleanly. We use "init 0" instead of shutdown -h now to avoid SELinux | |
372 | # permission denied when upstart's shutdown tries to connect to the | |
373 | # /com/ubuntu/upstart socket. | |
374 | if [ $container_release_major = "4" -o $container_release_major = "5" ]; then | |
375 | sed -i 's|pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; |pf::powerfail:/sbin/shutdown -f -h now "|' $container_rootfs/etc/inittab | |
376 | else | |
377 | cat <<EOF > $container_rootfs/etc/init/power-status-changed.conf | |
378 | # power-status-changed - used to cleanly shut down the container | |
379 | # | |
380 | # This task is run whenever init receives SIGPWR | |
381 | # Used to shut down the machine. | |
382 | ||
383 | start on power-status-changed | |
384 | ||
385 | exec init 0 | |
386 | EOF | |
387 | fi | |
388 | ||
000559b5 DE |
389 | # create required devices. note that /dev/console will be created by lxc |
390 | # or libvirt itself to be a symlink to the right pty. | |
708f4a80 SH |
391 | # take care to not nuke /dev in case $container_rootfs isn't set |
392 | dev_path="$container_rootfs/dev" | |
393 | if [ $container_rootfs != "/" -a -d $dev_path ]; then | |
14d9c0f0 SG |
394 | rm -rf $dev_path |
395 | mkdir -p $dev_path | |
341c9718 | 396 | if can_chcon; then |
c944b920 DE |
397 | # ensure symlinks created in /dev have the right context |
398 | chcon -t device_t $dev_path | |
399 | fi | |
708f4a80 SH |
400 | fi |
401 | mknod -m 666 $dev_path/null c 1 3 | |
402 | mknod -m 666 $dev_path/zero c 1 5 | |
403 | mknod -m 666 $dev_path/random c 1 8 | |
404 | mknod -m 666 $dev_path/urandom c 1 9 | |
405 | mkdir -m 755 $dev_path/pts | |
406 | mkdir -m 1777 $dev_path/shm | |
407 | mknod -m 666 $dev_path/tty c 5 0 | |
408 | mknod -m 666 $dev_path/tty0 c 4 0 | |
409 | mknod -m 666 $dev_path/tty1 c 4 1 | |
410 | mknod -m 666 $dev_path/tty2 c 4 2 | |
411 | mknod -m 666 $dev_path/tty3 c 4 3 | |
412 | mknod -m 666 $dev_path/tty4 c 4 4 | |
708f4a80 SH |
413 | mknod -m 666 $dev_path/full c 1 7 |
414 | mknod -m 600 $dev_path/initctl p | |
415 | ||
da139233 | 416 | # set selinux labels same as host |
341c9718 | 417 | if can_chcon; then |
da139233 DE |
418 | for node in null zero random urandom pts shm \ |
419 | tty tty0 tty1 tty2 tty3 tty4 full ; | |
420 | do | |
421 | chcon --reference /dev/$node $dev_path/$node 2>/dev/null | |
422 | done | |
423 | fi | |
424 | ||
708f4a80 SH |
425 | # start with a clean /var/log/messages |
426 | rm -f $container_rootfs/var/log/messages | |
427 | ||
428 | # add oracle user, set root password | |
e35cb41b | 429 | chroot $container_rootfs useradd -m -s /bin/bash oracle |
708f4a80 SH |
430 | echo "oracle:oracle" | chroot $container_rootfs chpasswd |
431 | echo "root:root" | chroot $container_rootfs chpasswd | |
17abf278 ER |
432 | printf "Added container user:\033[1moracle\033[0m password:\033[1moracle\033[0m\n" |
433 | printf "Added container user:\033[1mroot\033[0m password:\033[1mroot\033[0m\n" | |
708f4a80 SH |
434 | } |
435 | ||
436 | # create the container's lxc config file | |
437 | container_config_create() | |
438 | { | |
439 | echo "Create configuration file $cfg_dir/config" | |
9e69977f DE |
440 | mkdir -p $cfg_dir || die "unable to create config dir $cfg_dir" |
441 | ||
442 | echo "# Common configuration" >> $cfg_dir/config | |
443 | if [ -e "@LXCTEMPLATECONFIG@/oracle.common.conf" ]; then | |
444 | echo "lxc.include = @LXCTEMPLATECONFIG@/oracle.common.conf" >> $cfg_dir/config | |
445 | fi | |
446 | ||
708f4a80 SH |
447 | # generate a hwaddr for the container with a high mac address |
448 | # see http://sourceforge.net/tracker/?func=detail&aid=3411497&group_id=163076&atid=826303 | |
449 | local hwaddr="fe:`dd if=/dev/urandom bs=8 count=1 2>/dev/null |od -t x8 | \ | |
1d1774b1 | 450 | head -n 1 |awk '{print $2}' | cut -c1-10 |\ |
14d9c0f0 | 451 | sed 's/\(..\)/\1:/g; s/.$//'`" |
708f4a80 | 452 | cat <<EOF >> $cfg_dir/config || die "unable to create $cfg_dir/config" |
e35cb41b | 453 | # Container configuration for Oracle Linux $container_release_major.$container_release_minor |
708f4a80 SH |
454 | lxc.arch = $arch |
455 | lxc.utsname = $name | |
b1dc05fd | 456 | EOF |
1897e3bc | 457 | grep -q "^lxc.rootfs" $cfg_dir/config 2>/dev/null || echo "lxc.rootfs = $container_rootfs" >> $cfg_dir/config |
b1dc05fd | 458 | |
d378aebe DE |
459 | if [ $container_release_major != "4" ]; then |
460 | echo "lxc.cap.drop = sys_resource" >>$cfg_dir/config | |
461 | fi | |
462 | ||
463 | echo "# Networking" >>$cfg_dir/config | |
b1dc05fd DE |
464 | # see if the network settings were already specified |
465 | lxc_network_type=`grep '^lxc.network.type' $cfg_dir/config | awk -F'[= \t]+' '{ print $2 }'` | |
466 | if [ -z "$lxc_network_type" -a \ | |
483d21ff SG |
467 | \( $host_distribution = "OracleServer" -o \ |
468 | $host_distribution = "Fedora" \) ]; then | |
14d9c0f0 SG |
469 | echo "lxc.network.type = veth" >>$cfg_dir/config |
470 | echo "lxc.network.flags = up" >>$cfg_dir/config | |
471 | echo "lxc.network.link = virbr0" >>$cfg_dir/config | |
b1dc05fd DE |
472 | fi |
473 | ||
474 | cat <<EOF >> $cfg_dir/config || die "unable to create $cfg_dir/config" | |
708f4a80 SH |
475 | lxc.network.name = eth0 |
476 | lxc.network.mtu = 1500 | |
477 | lxc.network.hwaddr = $hwaddr | |
708f4a80 SH |
478 | EOF |
479 | } | |
480 | ||
481 | container_rootfs_clone() | |
482 | { | |
483 | if is_btrfs_subvolume $template_rootfs; then | |
14d9c0f0 SG |
484 | # lxc-create already made $container_rootfs a btrfs subvolume, but |
485 | # in this case we want to snapshot the original subvolume so we we | |
486 | # have to delete the one that lxc-create made | |
487 | btrfs subvolume delete $container_rootfs | |
488 | btrfs subvolume snapshot $template_rootfs $container_rootfs || die "btrfs clone template" | |
708f4a80 | 489 | else |
da139233 DE |
490 | echo "Copying rootfs ..." |
491 | cp -axT $template_rootfs $container_rootfs || die "copy template" | |
708f4a80 SH |
492 | fi |
493 | } | |
494 | ||
495 | container_rootfs_create() | |
496 | { | |
497 | cmds="rpm wget yum" | |
839af5b3 | 498 | if [ $container_release_major -lt "6" ]; then |
da139233 | 499 | if [ $host_distribution = "Ubuntu" -o $host_distribution = "Debian" ]; then |
14d9c0f0 SG |
500 | db_dump_cmd="db5.1_dump" |
501 | db_load_cmd="db4.3_load" | |
502 | fi | |
503 | if [ $host_distribution = "OracleServer" -o \ | |
504 | $host_distribution = "Fedora" ]; then | |
505 | db_dump_cmd="db_dump" | |
506 | db_load_cmd="db43_load" | |
507 | fi | |
508 | ||
509 | cmds="$cmds $db_dump_cmd $db_load_cmd file" | |
708f4a80 SH |
510 | fi |
511 | for cmd in $cmds; do | |
14d9c0f0 SG |
512 | which $cmd >/dev/null 2>&1 |
513 | if [ $? -ne 0 ]; then | |
514 | die "The $cmd command is required, please install it" | |
515 | fi | |
708f4a80 SH |
516 | done |
517 | ||
fe253caa | 518 | mkdir -p @LOCALSTATEDIR@/lock/subsys/lxc |
708f4a80 | 519 | ( |
17abf278 | 520 | flock -x 9 |
14d9c0f0 SG |
521 | if [ $? -ne 0 ]; then |
522 | die "The template is busy." | |
523 | fi | |
524 | ||
e35cb41b | 525 | echo "Downloading release $container_release_major.$container_release_minor for $basearch" |
14d9c0f0 SG |
526 | |
527 | # get yum repo file | |
c5b908a2 DE |
528 | if [ -n "$repourl" ]; then |
529 | yum_url=$repourl | |
530 | else | |
531 | yum_url=http://public-yum.oracle.com | |
532 | fi | |
839af5b3 DE |
533 | if [ $container_release_major = "4" ]; then |
534 | repofile=public-yum-el4.repo | |
535 | elif [ $container_release_major = "5" ]; then | |
14d9c0f0 | 536 | repofile=public-yum-el5.repo |
e35cb41b | 537 | elif [ $container_release_major = "6" ]; then |
14d9c0f0 SG |
538 | repofile=public-yum-ol6.repo |
539 | else | |
e35cb41b | 540 | die "Unsupported release $container_release_major" |
14d9c0f0 SG |
541 | fi |
542 | mkdir -p $container_rootfs/etc/yum.repos.d | |
c5b908a2 | 543 | wget -q $yum_url/$repofile -O $container_rootfs/etc/yum.repos.d/$repofile |
14d9c0f0 | 544 | if [ $? -ne 0 ]; then |
c5b908a2 | 545 | die "Failed to download repo file $yum_url/$repofile" |
14d9c0f0 SG |
546 | fi |
547 | ||
548 | # yum will take $basearch from host, so force the arch we want | |
549 | sed -i "s|\$basearch|$basearch|" $container_rootfs/etc/yum.repos.d/$repofile | |
550 | ||
551 | # replace url if they specified one | |
552 | if [ -n "$repourl" ]; then | |
553 | sed -i "s|baseurl=http://public-yum.oracle.com/repo|baseurl=$repourl/repo|" $container_rootfs/etc/yum.repos.d/$repofile | |
554 | sed -i "s|gpgkey=http://public-yum.oracle.com|gpgkey=$repourl|" $container_rootfs/etc/yum.repos.d/$repofile | |
555 | fi | |
556 | ||
557 | # disable all repos, then enable the repo for the version we are installing. | |
e35cb41b | 558 | if [ $container_release_minor = "latest" ]; then |
839af5b3 DE |
559 | if [ $container_release_major = "4" -o $container_release_major = "5" ]; then |
560 | repo="el"$container_release_major"_"$container_release_minor | |
14d9c0f0 | 561 | else |
e35cb41b | 562 | repo="ol"$container_release_major"_"$container_release_minor |
14d9c0f0 | 563 | fi |
839af5b3 | 564 | elif [ $container_release_major = "6" ]; then |
da139233 DE |
565 | if [ $container_release_minor = "0" ]; then |
566 | repo="ol"$container_release_major"_ga_base" | |
567 | else | |
568 | repo="ol"$container_release_major"_u"$container_release_minor"_base" | |
569 | fi | |
839af5b3 | 570 | elif [ $container_release_major = "5" ]; then |
da139233 DE |
571 | if [ $container_release_minor = "0" ]; then |
572 | repo="el"$container_release_major"_ga_base" | |
573 | elif [ $container_release_minor -lt "6" ]; then | |
839af5b3 DE |
574 | repo="el"$container_release_major"_u"$container_release_minor"_base" |
575 | else | |
576 | repo="ol"$container_release_major"_u"$container_release_minor"_base" | |
577 | fi | |
578 | elif [ $container_release_major = "4" -a $container_release_minor -gt "5" ]; then | |
579 | repo="el"$container_release_major"_u"$container_release_minor"_base" | |
580 | else | |
581 | die "Unsupported release $container_release_major.$container_release_minor" | |
14d9c0f0 SG |
582 | fi |
583 | sed -i "s|enabled=1|enabled=0|" $container_rootfs/etc/yum.repos.d/$repofile | |
584 | sed -i "/\[$repo\]/,/\[/ s/enabled=0/enabled=1/" $container_rootfs/etc/yum.repos.d/$repofile | |
585 | ||
586 | # create rpm db, download and yum install minimal packages | |
587 | mkdir -p $container_rootfs/var/lib/rpm | |
588 | rpm --root $container_rootfs --initdb | |
da139233 | 589 | yum_args="--installroot $container_rootfs --disablerepo=* --enablerepo=$repo -y --nogpgcheck" |
5e00ff01 | 590 | min_pkgs="yum initscripts passwd rsyslog vim-minimal openssh-server openssh-clients dhclient chkconfig rootfiles policycoreutils oraclelinux-release" |
14d9c0f0 | 591 | |
da139233 DE |
592 | # we unshare the mount namespace because yum installing the ol4 |
593 | # packages causes $rootfs/proc to be mounted on | |
9eee2f77 | 594 | lxc-unshare -s MOUNT yum -- $yum_args install $min_pkgs $user_pkgs |
14d9c0f0 SG |
595 | if [ $? -ne 0 ]; then |
596 | die "Failed to download and install the rootfs, aborting." | |
597 | fi | |
598 | ||
599 | # rsyslog and pam depend on coreutils for some common commands in | |
600 | # their POSTIN scriptlets, but coreutils wasn't installed yet. now | |
601 | # that coreutils is installed, reinstall the packages so their POSTIN | |
602 | # runs right. similarly, libutempter depends on libselinux.so.1 when | |
603 | # it runs /usr/sbin/groupadd, so reinstall it too | |
da139233 | 604 | redo_pkgs="" |
e35cb41b | 605 | if [ $container_release_major = "5" ]; then |
da139233 DE |
606 | if [ $container_release_minor = "latest" ]; then |
607 | redo_pkgs="pam rsyslog libutempter" | |
608 | elif [ $container_release_minor -lt 2 ]; then | |
609 | redo_pkgs="pam" | |
610 | elif [ $container_release_minor -lt 6 ]; then | |
611 | redo_pkgs="pam rsyslog" | |
612 | elif [ $container_release_minor -gt 5 ]; then | |
613 | redo_pkgs="pam rsyslog libutempter" | |
839af5b3 | 614 | fi |
da139233 DE |
615 | fi |
616 | # shadow utils fails on ol4 and ol6.1 | |
617 | if [ $container_release_major = "4" -o \ | |
618 | $container_release_major = "6" -a $container_release_minor = "1" ]; then | |
619 | redo_pkgs="shadow-utils" | |
620 | fi | |
621 | if [ x"$redo_pkgs" != x ]; then | |
839af5b3 | 622 | rpm --root $container_rootfs --nodeps -e $redo_pkgs |
da139233 | 623 | yum $yum_args install $redo_pkgs |
14d9c0f0 SG |
624 | if [ $? -ne 0 ]; then |
625 | die "Unable to reinstall packages" | |
626 | fi | |
627 | fi | |
628 | ||
629 | # these distributions put the rpm database in a place the guest is | |
630 | # not expecting it, so move it | |
da139233 | 631 | if [ $host_distribution = "Ubuntu" -o $host_distribution = "Debian" ]; then |
1ff8a460 | 632 | mv $container_rootfs/$HOME/.rpmdb/* $container_rootfs/var/lib/rpm |
14d9c0f0 SG |
633 | fi |
634 | ||
635 | # if the native rpm created the db with Hash version 9, we need to | |
636 | # downgrade it to Hash version 8 for use with OL5.x | |
637 | db_version=`file $container_rootfs/var/lib/rpm/Packages | \ | |
638 | grep -o 'version [0-9]*' |awk '{print $2}'` | |
839af5b3 | 639 | if [ $container_release_major -lt "6" -a $db_version != "8" ]; then |
14d9c0f0 SG |
640 | echo "Fixing (downgrading) rpm database from version $db_version" |
641 | rm -f $container_rootfs/var/lib/rpm/__db* | |
642 | for db in $container_rootfs/var/lib/rpm/* ; do | |
643 | $db_dump_cmd $db |$db_load_cmd $db.new | |
644 | mv $db.new $db | |
645 | done | |
646 | fi | |
647 | ||
648 | # the host rpm may not be the same as the guest, rebuild the db with | |
649 | # the guest rpm version | |
650 | echo "Rebuilding rpm database" | |
651 | rm -f $container_rootfs/var/lib/rpm/__db* | |
652 | chroot $container_rootfs rpm --rebuilddb >/dev/null 2>&1 | |
839af5b3 | 653 | |
17abf278 | 654 | ) 9>@LOCALSTATEDIR@/lock/subsys/lxc-oracle-$name |
708f4a80 SH |
655 | } |
656 | ||
e35cb41b DE |
657 | container_release_get() |
658 | { | |
659 | if [ -f $1/etc/oracle-release ]; then | |
660 | container_release_version=`cat $1/etc/oracle-release |awk '/^Oracle/ {print $5}'` | |
661 | container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'` | |
662 | container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'` | |
839af5b3 | 663 | elif grep -q "Enterprise Linux AS" $1/etc/redhat-release; then |
e35cb41b DE |
664 | container_release_major=`cat $1/etc/redhat-release |awk '{print $7}'` |
665 | container_release_minor=`cat $1/etc/redhat-release |awk '{print $10}' |tr -d ")"` | |
666 | container_release_version="$container_release_major.$container_release_minor" | |
839af5b3 DE |
667 | elif grep -q "Enterprise Linux Server" $1/etc/redhat-release; then |
668 | container_release_version=`cat $1/etc/redhat-release |awk '{print $7}'` | |
669 | container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'` | |
670 | container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'` | |
e35cb41b DE |
671 | else |
672 | echo "Unable to determine container release version" | |
673 | exit 1 | |
674 | fi | |
675 | } | |
676 | ||
708f4a80 SH |
677 | usage() |
678 | { | |
679 | cat <<EOF | |
483d21ff | 680 | -a|--arch=<arch> architecture (ie. i386, x86_64) |
708f4a80 | 681 | -R|--release=<release> release to download for the new container |
1897e3bc | 682 | --rootfs=<path> rootfs path |
9eee2f77 | 683 | -r|--rpms=<rpm name> additional rpms to install into container |
708f4a80 SH |
684 | -u|--url=<url> replace yum repo url (ie. local yum mirror) |
685 | -t|--templatefs=<path> copy/clone rootfs at path instead of downloading | |
7ceebfd1 | 686 | -P|--patch=<path> only patch the rootfs at path for use as a container |
708f4a80 SH |
687 | -h|--help |
688 | ||
689 | Release is of the format "major.minor", for example "5.8", "6.3", or "6.latest" | |
690 | EOF | |
691 | return 0 | |
692 | } | |
693 | ||
7ceebfd1 | 694 | options=$(getopt -o hp:n:a:R:r:u:t: -l help,rootfs:,path:,name:,arch:,release:,rpms:,url:,templatefs:,patch: -- "$@") |
708f4a80 SH |
695 | if [ $? -ne 0 ]; then |
696 | usage $(basename $0) | |
697 | exit 1 | |
698 | fi | |
699 | ||
ed4616b1 | 700 | arch=$(uname -m) |
708f4a80 SH |
701 | eval set -- "$options" |
702 | while true | |
703 | do | |
704 | case "$1" in | |
14d9c0f0 SG |
705 | -h|--help) usage $0 && exit 0;; |
706 | -p|--path) cfg_dir=$2; shift 2;; | |
1897e3bc | 707 | --rootfs) container_rootfs=$2; shift 2;; |
14d9c0f0 SG |
708 | -n|--name) name=$2; shift 2;; |
709 | -a|--arch) arch=$2; shift 2;; | |
e35cb41b | 710 | -R|--release) container_release_version=$2; shift 2;; |
9eee2f77 DE |
711 | -r|--rpms) user_pkgs=$2; shift 2;; |
712 | -u|--url) repourl=$2; shift 2;; | |
14d9c0f0 | 713 | -t|--templatefs) template_rootfs=$2; shift 2;; |
7ceebfd1 | 714 | --patch) patch_rootfs=$2; shift 2;; |
14d9c0f0 | 715 | --) shift 1; break ;; |
708f4a80 SH |
716 | *) break ;; |
717 | esac | |
718 | done | |
719 | ||
720 | # make sure mandatory args are given and valid | |
721 | if [ "$(id -u)" != "0" ]; then | |
722 | echo "This script should be run as 'root'" | |
723 | exit 1 | |
724 | fi | |
725 | ||
7ceebfd1 DE |
726 | if [ -n "$patch_rootfs" ]; then |
727 | container_rootfs="$patch_rootfs" | |
728 | container_release_get $container_rootfs | |
729 | container_rootfs_patch | |
730 | exit 0 | |
731 | fi | |
732 | ||
708f4a80 SH |
733 | if [ -z $name ]; then |
734 | echo "Container name must be given" | |
735 | usage | |
736 | exit 1 | |
737 | fi | |
738 | ||
739 | if [ -z $cfg_dir ]; then | |
740 | echo "Configuration directory must be given, check lxc-create" | |
741 | usage | |
742 | exit 1 | |
743 | fi | |
744 | ||
745 | basearch=$arch | |
746 | if [ "$arch" = "i686" ]; then | |
747 | basearch="i386" | |
748 | fi | |
749 | ||
483d21ff SG |
750 | if [ "$arch" != "i386" -a "$arch" != "x86_64" ]; then |
751 | echo "Bad architecture given, check lxc-create" | |
752 | usage | |
753 | exit 1 | |
754 | fi | |
755 | ||
b90270a5 DE |
756 | if which lsb_release >/dev/null 2>&1; then |
757 | host_distribution=`lsb_release --id |awk '{print $3}'` | |
758 | host_release_version=`lsb_release --release |awk '{print $2}'` | |
759 | host_release_major=`echo $host_release_version |awk -F '.' '{print $1}'` | |
760 | host_release_minor=`echo $host_release_version |awk -F '.' '{print $2}'` | |
761 | else | |
483d21ff SG |
762 | if [ -f /etc/fedora-release ]; then |
763 | host_distribution="Fedora" | |
764 | host_release_version=`cat /etc/fedora-release |awk '{print $3}'` | |
765 | host_release_major=$host_release_version | |
766 | host_release_minor=0 | |
767 | elif [ -f /etc/oracle-release ]; then | |
768 | host_distribution="OracleServer" | |
769 | host_release_version=`cat /etc/oracle-release |awk '{print $5}'` | |
770 | host_release_major=`echo $host_release_version |awk -F '.' '{print $1}'` | |
771 | host_release_minor=`echo $host_release_version |awk -F '.' '{print $2}'` | |
772 | else | |
773 | echo "Unable to determine host distribution, ensure lsb_release is installed" | |
774 | exit 1 | |
775 | fi | |
b90270a5 DE |
776 | fi |
777 | echo "Host is $host_distribution $host_release_version" | |
708f4a80 | 778 | |
1897e3bc SH |
779 | if [ -z "$container_rootfs" ]; then |
780 | container_rootfs="$cfg_dir/rootfs" | |
781 | fi | |
da139233 DE |
782 | |
783 | if [ -n "$template_rootfs" ]; then | |
784 | container_release_get $template_rootfs | |
785 | else | |
786 | if [ -z "$container_release_version" ]; then | |
787 | if [ $host_distribution = "OracleServer" ]; then | |
788 | container_release_version=$host_release_version | |
789 | else | |
56347672 DE |
790 | echo "No release specified with -R, defaulting to 6.5" |
791 | container_release_version="6.5" | |
da139233 DE |
792 | fi |
793 | fi | |
794 | container_release_major=`echo $container_release_version |awk -F '.' '{print $1}'` | |
795 | container_release_minor=`echo $container_release_version |awk -F '.' '{print $2}'` | |
796 | fi | |
708f4a80 SH |
797 | |
798 | container_config_create | |
799 | if [ -n "$template_rootfs" ]; then | |
800 | container_rootfs_clone | |
801 | else | |
802 | container_rootfs_create | |
803 | fi | |
804 | ||
e35cb41b | 805 | container_release_get $container_rootfs |
708f4a80 SH |
806 | |
807 | container_rootfs_configure | |
808 | ||
809 | echo "Container : $container_rootfs" | |
810 | echo "Config : $cfg_dir/config" | |
811 | echo "Network : eth0 ($lxc_network_type) on $lxc_network_link" |