]> git.proxmox.com Git - mirror_lxc.git/blob - templates/lxc-ubuntu.in
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update Ubuntu templates for quantal
[mirror_lxc.git] / templates / lxc-ubuntu.in
1 #!/bin/bash
2
3 #
4 # template script for generating ubuntu container for LXC
5 #
6 # This script consolidates and extends the existing lxc ubuntu scripts
7 #
8
9 # Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com>
10 # Copyright © 2010 Wilhelm Meier
11 # Author: Wilhelm Meier <wilhelm.meier@fh-kl.de>
12 #
13 # This program is free software; you can redistribute it and/or modify
14 # it under the terms of the GNU General Public License version 2, as
15 # published by the Free Software Foundation.
16
17 # This program is distributed in the hope that it will be useful,
18 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 # GNU General Public License for more details.
21
22 # You should have received a copy of the GNU General Public License along
23 # with this program; if not, write to the Free Software Foundation, Inc.,
24 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #
26
27 set -e
28
29 if [ -r /etc/default/lxc ]; then
30 . /etc/default/lxc
31 fi
32
33 configure_ubuntu()
34 {
35 rootfs=$1
36 hostname=$2
37 release=$3
38
39 # configure the network using the dhcp
40 cat <<EOF > $rootfs/etc/network/interfaces
41 auto lo
42 iface lo inet loopback
43
44 auto eth0
45 iface eth0 inet dhcp
46 EOF
47
48 # set the hostname
49 cat <<EOF > $rootfs/etc/hostname
50 $hostname
51 EOF
52 # set minimal hosts
53 cat <<EOF > $rootfs/etc/hosts
54 127.0.0.1 localhost $hostname
55 EOF
56
57 if [ "$release" != "precise" ] && [ "$release" != "quantal" ]; then
58 # suppress log level output for udev
59 sed -i "s/=\"err\"/=0/" $rootfs/etc/udev/udev.conf
60
61 # remove jobs for consoles 5 and 6 since we only create 4 consoles in
62 # this template
63 rm -f $rootfs/etc/init/tty{5,6}.conf
64 fi
65
66 if [ -z "$bindhome" ]; then
67 chroot $rootfs useradd --create-home -s /bin/bash ubuntu
68 echo "ubuntu:ubuntu" | chroot $rootfs chpasswd
69 fi
70
71 return 0
72 }
73
74 # finish setting up the user in the container by injecting ssh key and
75 # adding sudo group membership.
76 # passed-in user is either 'ubuntu' or the user to bind in from host.
77 finalize_user()
78 {
79 user=$1
80
81 if [ "$release" = "precise" ] || [ "$release" = "quantal" ]; then
82 groups="sudo"
83 else
84 groups="sudo admin"
85 fi
86
87 for group in $groups; do
88 chroot $rootfs groupadd --system $group >/dev/null 2>&1 || true
89 chroot $rootfs adduser ${user} $group >/dev/null 2>&1 || true
90 done
91
92 if [ -n "$auth_key" -a -f "$auth_key" ]; then
93 u_path="/home/${user}/.ssh"
94 root_u_path="$rootfs/$u_path"
95 mkdir -p $root_u_path
96 cp $auth_key "$root_u_path/authorized_keys"
97 chroot $rootfs chown -R ${user}: "$u_path"
98
99 echo "Inserted SSH public key from $auth_key into /home/${user}/.ssh/authorized_keys"
100 fi
101 return 0
102 }
103
104 write_sourceslist()
105 {
106 # $1 => path to the rootfs
107 # $2 => architecture we want to add
108 # $3 => whether to use the multi-arch syntax or not
109
110 case $2 in
111 amd64|i386)
112 MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu}
113 SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu}
114 ;;
115 sparc)
116 case $SUITE in
117 gutsy)
118 MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu}
119 SECURITY_MIRROR=${SECURITY_MIRRORMIRROR:-http://security.ubuntu.com/ubuntu}
120 ;;
121 *)
122 MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
123 SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
124 ;;
125 esac
126 ;;
127 *)
128 MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
129 SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports}
130 ;;
131 esac
132 if [ -n "$3" ]; then
133 cat >> "$1/etc/apt/sources.list" << EOF
134 deb [arch=$2] $MIRROR ${release} main restricted universe multiverse
135 deb [arch=$2] $MIRROR ${release}-updates main restricted universe multiverse
136 deb [arch=$2] $SECURITY_MIRROR ${release}-security main restricted universe multiverse
137 EOF
138 else
139 cat >> "$1/etc/apt/sources.list" << EOF
140 deb $MIRROR ${release} main restricted universe multiverse
141 deb $MIRROR ${release}-updates main restricted universe multiverse
142 deb $SECURITY_MIRROR ${release}-security main restricted universe multiverse
143 EOF
144 fi
145 }
146
147 download_ubuntu()
148 {
149 cache=$1
150 arch=$2
151 release=$3
152
153 if [ $release = "lucid" ]; then
154 packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg
155 elif [ $release = "maverick" ]; then
156 packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,dhcp3-client,ssh,lsb-release,gnupg,netbase
157 elif [ $release = "natty" ]; then
158 packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase
159 else
160 packages=dialog,apt,apt-utils,iproute,inetutils-ping,vim,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase,ubuntu-keyring
161 fi
162 echo "installing packages: $packages"
163
164 # check the mini ubuntu was not already downloaded
165 mkdir -p "$cache/partial-$arch"
166 if [ $? -ne 0 ]; then
167 echo "Failed to create '$cache/partial-$arch' directory"
168 return 1
169 fi
170
171 # download a mini ubuntu into a cache
172 echo "Downloading ubuntu $release minimal ..."
173 if [ -n "$(which qemu-debootstrap)" ]; then
174 qemu-debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR
175 else
176 debootstrap --verbose --components=main,universe --arch=$arch --include=$packages $release $cache/partial-$arch $MIRROR
177 fi
178
179 if [ $? -ne 0 ]; then
180 echo "Failed to download the rootfs, aborting."
181 return 1
182 fi
183
184 echo "Installing updates"
185 if [ -z "$MIRROR" ]; then
186 MIRROR="http://archive.ubuntu.com/ubuntu"
187 fi
188 cat >> "$1/partial-${arch}/etc/apt/sources.list" << EOF
189 deb $MIRROR ${release}-updates main universe
190 deb http://security.ubuntu.com/ubuntu ${release}-security main universe
191 EOF
192 chroot "$1/partial-${arch}" apt-get update
193 if [ $? -ne 0 ]; then
194 echo "Failed to update the apt cache"
195 return 1
196 fi
197 cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF
198 #!/bin/sh
199 exit 101
200 EOF
201 chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d
202
203 chroot "$1/partial-${arch}" apt-get dist-upgrade -y
204 ret=$?
205
206 rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d
207 if [ $ret -ne 0 ]; then
208 echo "Failed to upgrade the cache"
209 return 1
210 fi
211
212 # Serge isn't sure whether we should avoid doing this when
213 # $release == `distro-info -d`
214 echo "Installing updates"
215 > $cache/partial-$arch/etc/apt/sources.list
216 write_sourceslist $cache/partial-$arch/ $arch
217
218 chroot "$1/partial-${arch}" apt-get update
219 if [ $? -ne 0 ]; then
220 echo "Failed to update the apt cache"
221 return 1
222 fi
223 cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF
224 #!/bin/sh
225 exit 101
226 EOF
227 chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d
228
229 lxc-unshare -s MOUNT -- chroot "$1/partial-${arch}" apt-get dist-upgrade -y
230 ret=$?
231 rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d
232
233 if [ $ret -ne 0 ]; then
234 echo "Failed to upgrade the cache"
235 return 1
236 fi
237
238 mv "$1/partial-$arch" "$1/rootfs-$arch"
239 echo "Download complete"
240 return 0
241 }
242
243 copy_ubuntu()
244 {
245 cache=$1
246 arch=$2
247 rootfs=$3
248
249 # make a local copy of the miniubuntu
250 echo "Copying rootfs to $rootfs ..."
251 mkdir -p $rootfs
252 rsync -a $cache/rootfs-$arch/ $rootfs/ || return 1
253 return 0
254 }
255
256 install_ubuntu()
257 {
258 rootfs=$1
259 release=$2
260 flushcache=$3
261 cache="/var/cache/lxc/$release"
262 mkdir -p /var/lock/subsys/
263 (
264 flock -n -x 200
265 if [ $? -ne 0 ]; then
266 echo "Cache repository is busy."
267 return 1
268 fi
269
270
271 if [ $flushcache -eq 1 ]; then
272 echo "Flushing cache..."
273 rm -rf "$cache/partial-$arch"
274 rm -rf "$cache/rootfs-$arch"
275 fi
276
277 echo "Checking cache download in $cache/rootfs-$arch ... "
278 if [ ! -e "$cache/rootfs-$arch" ]; then
279 download_ubuntu $cache $arch $release
280 if [ $? -ne 0 ]; then
281 echo "Failed to download 'ubuntu $release base'"
282 return 1
283 fi
284 fi
285
286 echo "Copy $cache/rootfs-$arch to $rootfs ... "
287 copy_ubuntu $cache $arch $rootfs
288 if [ $? -ne 0 ]; then
289 echo "Failed to copy rootfs"
290 return 1
291 fi
292
293 return 0
294
295 ) 200>/var/lock/subsys/lxc
296
297 return $?
298 }
299
300 copy_configuration()
301 {
302 path=$1
303 rootfs=$2
304 name=$3
305 arch=$4
306 release=$5
307
308 if [ $arch = "i386" ]; then
309 arch="i686"
310 fi
311
312 ttydir=""
313 if [ $release = "precise" ] || [ $release = "quantal" ]; then
314 ttydir=" lxc"
315 fi
316
317 # if there is exactly one veth network entry, make sure it has an
318 # associated hwaddr.
319 nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
320 if [ $nics -eq 1 ]; then
321 grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
322 lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
323 EOF
324 fi
325
326 cat <<EOF >> $path/config
327 lxc.utsname = $name
328
329 lxc.devttydir =$ttydir
330 lxc.tty = 4
331 lxc.pts = 1024
332 lxc.rootfs = $rootfs
333 lxc.mount = $path/fstab
334 lxc.arch = $arch
335 lxc.cap.drop = sys_module mac_admin mac_override
336
337 lxc.cgroup.devices.deny = a
338 # Allow any mknod (but not using the node)
339 lxc.cgroup.devices.allow = c *:* m
340 lxc.cgroup.devices.allow = b *:* m
341 # /dev/null and zero
342 lxc.cgroup.devices.allow = c 1:3 rwm
343 lxc.cgroup.devices.allow = c 1:5 rwm
344 # consoles
345 lxc.cgroup.devices.allow = c 5:1 rwm
346 lxc.cgroup.devices.allow = c 5:0 rwm
347 #lxc.cgroup.devices.allow = c 4:0 rwm
348 #lxc.cgroup.devices.allow = c 4:1 rwm
349 # /dev/{,u}random
350 lxc.cgroup.devices.allow = c 1:9 rwm
351 lxc.cgroup.devices.allow = c 1:8 rwm
352 lxc.cgroup.devices.allow = c 136:* rwm
353 lxc.cgroup.devices.allow = c 5:2 rwm
354 # rtc
355 lxc.cgroup.devices.allow = c 254:0 rwm
356 #fuse
357 lxc.cgroup.devices.allow = c 10:229 rwm
358 #tun
359 lxc.cgroup.devices.allow = c 10:200 rwm
360 #full
361 lxc.cgroup.devices.allow = c 1:7 rwm
362 #hpet
363 lxc.cgroup.devices.allow = c 10:228 rwm
364 #kvm
365 lxc.cgroup.devices.allow = c 10:232 rwm
366 EOF
367
368 cat <<EOF > $path/fstab
369 proc proc proc nodev,noexec,nosuid 0 0
370 sysfs sys sysfs defaults 0 0
371 EOF
372
373 if [ $? -ne 0 ]; then
374 echo "Failed to add configuration"
375 return 1
376 fi
377
378 return 0
379 }
380
381 trim()
382 {
383 rootfs=$1
384 release=$2
385
386 # provide the lxc service
387 cat <<EOF > $rootfs/etc/init/lxc.conf
388 # fake some events needed for correct startup other services
389
390 description "Container Upstart"
391
392 start on startup
393
394 script
395 rm -rf /var/run/*.pid
396 rm -rf /var/run/network/*
397 /sbin/initctl emit stopped JOB=udevtrigger --no-wait
398 /sbin/initctl emit started JOB=udev --no-wait
399 end script
400 EOF
401
402 # fix buggus runlevel with sshd
403 cat <<EOF > $rootfs/etc/init/ssh.conf
404 # ssh - OpenBSD Secure Shell server
405 #
406 # The OpenSSH server provides secure shell access to the system.
407
408 description "OpenSSH server"
409
410 start on filesystem
411 stop on runlevel [!2345]
412
413 expect fork
414 respawn
415 respawn limit 10 5
416 umask 022
417 # replaces SSHD_OOM_ADJUST in /etc/default/ssh
418 oom never
419
420 pre-start script
421 test -x /usr/sbin/sshd || { stop; exit 0; }
422 test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
423 test -c /dev/null || { stop; exit 0; }
424
425 mkdir -p -m0755 /var/run/sshd
426 end script
427
428 # if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
429 # 'exec' line here instead
430 exec /usr/sbin/sshd
431 EOF
432
433 cat <<EOF > $rootfs/etc/init/console.conf
434 # console - getty
435 #
436 # This service maintains a console on tty1 from the point the system is
437 # started until it is shut down again.
438
439 start on stopped rc RUNLEVEL=[2345]
440 stop on runlevel [!2345]
441
442 respawn
443 exec /sbin/getty -8 38400 /dev/console
444 EOF
445
446 cat <<EOF > $rootfs/lib/init/fstab
447 # /lib/init/fstab: cleared out for bare-bones lxc
448 EOF
449
450 # reconfigure some services
451 if [ -z "$LANG" ]; then
452 chroot $rootfs locale-gen en_US.UTF-8
453 chroot $rootfs update-locale LANG=en_US.UTF-8
454 else
455 chroot $rootfs locale-gen $LANG
456 chroot $rootfs update-locale LANG=$LANG
457 fi
458
459 # remove pointless services in a container
460 chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
461
462 chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done'
463 chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done'
464 chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done'
465 chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done'
466 chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done'
467
468 # if this isn't lucid, then we need to twiddle the network upstart bits :(
469 if [ $release != "lucid" ]; then
470 sed -i 's/^.*emission handled.*$/echo Emitting lo/' $rootfs/etc/network/if-up.d/upstart
471 fi
472 }
473
474 post_process()
475 {
476 rootfs=$1
477 release=$2
478 trim_container=$3
479
480 if [ $trim_container -eq 1 ]; then
481 trim $rootfs $release
482 elif [ $release = "lucid" -o $release = "maverick" -o $release = "natty" \
483 -o $release = "oneiric" ]; then
484 # for lucid and maverick, if not trimming, then add the ubuntu-virt
485 # ppa and install lxcguest
486 if [ $release = "lucid" -o $release = "maverick" ]; then
487 chroot $rootfs apt-get install --force-yes -y python-software-properties
488 chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa
489 fi
490 cresolvonf="${rootfs}/etc/resolv.conf"
491 mv $cresolvonf ${cresolvonf}.lxcbak
492 cat /etc/resolv.conf > ${cresolvonf}
493 chroot $rootfs apt-get update
494 chroot $rootfs apt-get install --force-yes -y lxcguest
495 rm -f ${cresolvonf}
496 mv ${cresolvonf}.lxcbak ${cresolvonf}
497 fi
498
499 # If the container isn't running a native architecture, setup multiarch
500 if [ -x "$(ls -1 ${rootfs}/usr/bin/qemu-*-static 2>/dev/null)" ]; then
501 mkdir -p ${rootfs}/etc/dpkg/dpkg.cfg.d
502 echo "foreign-architecture ${hostarch}" > ${rootfs}/etc/dpkg/dpkg.cfg.d/lxc-multiarch
503
504 # Save existing value of MIRROR and SECURITY_MIRROR
505 DEFAULT_MIRROR=$MIRROR
506 DEFAULT_SECURITY_MIRROR=$SECURITY_MIRROR
507
508 # Write a new sources.list containing both native and multiarch entries
509 > ${rootfs}/etc/apt/sources.list
510 write_sourceslist $rootfs $arch "native"
511
512 MIRROR=$DEFAULT_MIRROR
513 SECURITY_MIRROR=$DEFAULT_SECURITY_MIRROR
514 write_sourceslist $rootfs $hostarch "multiarch"
515
516 # Finally update the lists and install upstart using the host architecture
517 chroot $rootfs apt-get update
518 chroot $rootfs apt-get install --force-yes -y --no-install-recommends upstart:${hostarch} mountall:amd64 iproute:amd64 isc-dhcp-client:amd64
519 fi
520
521 # rmdir /dev/shm in precise and quantal containers.
522 # I'm afraid of doing rm -rf $rootfs/dev/shm, in case it did
523 # get bind mounted to the host's /run/shm. So try to rmdir
524 # it, and in case that fails move it out of the way.
525 if [ $release = "precise" ] || [ $release = "quantal" ]; then
526 [ -d "$rootfs/dev/shm" ] && rmdir $rootfs/dev/shm
527 [ -e "$rootfs/dev/shm" ] && mv $rootfs/dev/shm $rootfs/dev/shm.bak
528 ln -s /run/shm $rootfs/dev/shm
529 fi
530 }
531
532 do_bindhome()
533 {
534 rootfs=$1
535 user=$2
536
537 # copy /etc/passwd, /etc/shadow, and /etc/group entries into container
538 pwd=`getent passwd $user` || { echo "Failed to copy password entry for $user"; false; }
539 echo $pwd >> $rootfs/etc/passwd
540
541 # make sure user's shell exists in the container
542 shell=`echo $pwd | cut -d: -f 7`
543 if [ ! -x $rootfs/$shell ]; then
544 echo "shell $shell for user $user was not found in the container."
545 pkg=`dpkg -S $(readlink -m $shell) | cut -d ':' -f1`
546 echo "Installing $pkg"
547 chroot $rootfs apt-get --force-yes -y install $pkg
548 fi
549
550 shad=`getent shadow $user`
551 echo "$shad" >> $rootfs/etc/shadow
552
553 # bind-mount the user's path into the container's /home
554 h=`getent passwd $user | cut -d: -f 6`
555 mkdir -p $rootfs/$h
556 # use relative path in container
557 h2=${h#/}
558 while [ ${h2:0:1} = "/" ]; do
559 h2=${h2#/}
560 done
561 echo "$h $h2 none bind 0 0" >> $path/fstab
562
563 # Make sure the group exists in container
564 grp=`echo $pwd | cut -d: -f 4` # group number for $user
565 grpe=`getent group $grp` || return 0 # if host doesn't define grp, ignore in container
566 chroot $rootfs getent group "$grpe" || echo "$grpe" >> $rootfs/etc/group
567 }
568
569 usage()
570 {
571 cat <<EOF
572 $1 -h|--help [-a|--arch] [-b|--bindhome <user>] [--trim] [-d|--debug]
573 [-F | --flush-cache] [-r|--release <release>] [ -S | --auth-key <keyfile>]
574 release: lucid | maverick | natty | oneiric | precise | quantal
575 trim: make a minimal (faster, but not upgrade-safe) container
576 bindhome: bind <user>'s home into the container
577 The ubuntu user will not be created, and <user> will have
578 sudo access.
579 arch: amd64 or i386: defaults to host arch
580 auth-key: SSH Public key file to inject into container
581 EOF
582 return 0
583 }
584
585 options=$(getopt -o a:b:hp:r:xn:FS:d -l arch:,bindhome:,help,path:,release:,trim,name:,flush-cache,auth-key:,debug -- "$@")
586 if [ $? -ne 0 ]; then
587 usage $(basename $0)
588 exit 1
589 fi
590 eval set -- "$options"
591
592 release=lucid
593 if [ -f /etc/lsb-release ]; then
594 . /etc/lsb-release
595 case "$DISTRIB_CODENAME" in
596 lucid|maverick|natty|oneiric|precise|quantal)
597 release=$DISTRIB_CODENAME
598 ;;
599 esac
600 fi
601
602 bindhome=
603 arch=$(arch)
604
605 # Code taken from debootstrap
606 if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
607 arch=`/usr/bin/dpkg --print-architecture`
608 elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
609 arch=`/usr/bin/udpkg --print-architecture`
610 else
611 arch=$(arch)
612 if [ "$arch" = "i686" ]; then
613 arch="i386"
614 elif [ "$arch" = "x86_64" ]; then
615 arch="amd64"
616 elif [ "$arch" = "armv7l" ]; then
617 arch="armel"
618 fi
619 fi
620
621 debug=0
622 trim_container=0
623 hostarch=$arch
624 flushcache=0
625 while true
626 do
627 case "$1" in
628 -h|--help) usage $0 && exit 0;;
629 -p|--path) path=$2; shift 2;;
630 -n|--name) name=$2; shift 2;;
631 -F|--flush-cache) flushcache=1; shift 1;;
632 -r|--release) release=$2; shift 2;;
633 -b|--bindhome) bindhome=$2; shift 2;;
634 -a|--arch) arch=$2; shift 2;;
635 -x|--trim) trim_container=1; shift 1;;
636 -S|--auth-key) auth_key=$2; shift 2;;
637 -d|--debug) debug=1; shift 1;;
638 --) shift 1; break ;;
639 *) break ;;
640 esac
641 done
642
643 if [ $debug -eq 1 ]; then
644 set -x
645 fi
646
647 if [ -n "$bindhome" ]; then
648 pwd=`getent passwd $bindhome`
649 if [ $? -ne 0 ]; then
650 echo "Error: no password entry found for $bindhome"
651 exit 1
652 fi
653 fi
654
655
656 if [ "$arch" == "i686" ]; then
657 arch=i386
658 fi
659
660 if [ $hostarch = "i386" -a $arch = "amd64" ]; then
661 echo "can't create amd64 container on i386"
662 exit 1
663 fi
664
665 type debootstrap
666 if [ $? -ne 0 ]; then
667 echo "'debootstrap' command is missing"
668 exit 1
669 fi
670
671 if [ -z "$path" ]; then
672 echo "'path' parameter is required"
673 exit 1
674 fi
675
676 if [ "$(id -u)" != "0" ]; then
677 echo "This script should be run as 'root'"
678 exit 1
679 fi
680
681 rootfs=$path/rootfs
682
683 install_ubuntu $rootfs $release $flushcache
684 if [ $? -ne 0 ]; then
685 echo "failed to install ubuntu $release"
686 exit 1
687 fi
688
689 configure_ubuntu $rootfs $name $release
690 if [ $? -ne 0 ]; then
691 echo "failed to configure ubuntu $release for a container"
692 exit 1
693 fi
694
695 copy_configuration $path $rootfs $name $arch $release
696 if [ $? -ne 0 ]; then
697 echo "failed write configuration file"
698 exit 1
699 fi
700
701 post_process $rootfs $release $trim_container
702
703 if [ -n "$bindhome" ]; then
704 do_bindhome $rootfs $bindhome
705 finalize_user $bindhome
706 else
707 finalize_user ubuntu
708 fi
709
710 echo ""
711 echo "##"
712 echo "# The default user is 'ubuntu' with password 'ubuntu'!"
713 echo "# Use the 'sudo' command to run tasks as root in the container."
714 echo "##"
715 echo ""
LXC mirror