%if 0%{?fedora} >= 14 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1210
%global with_systemd 1
%define init_script systemd
+#
+# BuildRequires systemd-units on fedora and rhel
+%if 0%{?fedora} >= 14 || 0%{?rhel} >= 7
BuildRequires: systemd-units
+#
+# BuildRequires systemd on openSUSE and SUSE
+%endif
+%if 0%{?suse_version} >= 1210
+BuildRequires: systemd
+%endif
%else
%global with_systemd 0
%define init_script sysvinit
Group: Applications/System
License: LGPLv2+
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Requires: openssl rsync
-BuildRequires: libcap libcap-devel docbook2X graphviz
+Requires: openssl rsync dnsmasq
+# Note for Suse. The "docbook2X" BuildRequires does properly
+# match docbook2x on Suse in a case insensitive manner
+BuildRequires: libcap libcap-devel docbook2X graphviz libxslt pkgconfig
+
+#
+# Additional packages for openSUSE and SUSE
+#
+%if 0%{?suse_version} >= 1210
+PreReq: permissions
+BuildRequires: libapparmor-devel linux-glibc-devel lsb-release docbook-utils
+
+#
+# libseccomp-devel only needed on i386/i586/i686 and X86_64
+#
+%ifarch %ix86 x86_64
+BuildRequires: libseccomp-devel
+%endif
+%endif
%if %{with_python}
Requires: python3
%endif
%if %{with_python}
--enable-python \
+%endif
+%if "x%{_unitdir}" != "x"
+ --with-systemdsystemunitdir=%{_unitdir} \
%endif
--disable-rpath \
--with-init-script=%{init_script}
%clean
rm -rf %{buildroot}
+%pre
+# Ensure that lxcdnsmasq uid & gid gets correctly allocated
+if getent passwd lxc-dnsmasq >/dev/null 2>&1 ; then : ; else \
+ /usr/sbin/useradd -M -r -s /sbin/nologin \
+ -c "LXC Networking Service" -d %_localstatedir/%name lxc-dnsmasq 2> /dev/null \
+ || exit 1
+fi
+
%post
+# This test should trigger a network configure on a new install.
+if [ ! -f %{_sysconfdir}/sysconfig/lxc-net ] || ! grep -q 'USE_LXC_BRIDGE=' %{_sysconfdir}/sysconfig/lxc-net
+then
+ # Grab a random 10net subnet. Need to add test logic...
+ while [ true ]
+ do
+ SUBNET=10.$(($RANDOM % 256)).$(($RANDOM % 256))
+ if ! ip -4 route ls | grep -q "^$SUBNET"
+ then
+ break
+ fi
+ done
+
+ cat > %{_sysconfdir}/sysconfig/lxc-net <<EOF
+# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your
+# containers. Set to "false" if you'll use virbr0 or another existing
+# bridge, or mavlan to your host's NIC.
+USE_LXC_BRIDGE="true"
+
+# If you change the LXC_BRIDGE to something other than lxcbr0, then
+# you will also need to update your /etc/lxc/default.conf as well as the
+# configuration (/var/lib/lxc/<container>/config) for any containers
+# already created using the default config to reflect the new bridge
+# name.
+# If you have the dnsmasq daemon installed, you'll also have to update
+# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon.
+LXC_BRIDGE="lxcbr0"
+LXC_ADDR="$SUBNET.1"
+LXC_NETMASK="255.255.255.0"
+LXC_NETWORK="$SUBNET.0/24"
+LXC_DHCP_RANGE="$SUBNET.2,$SUBNET.254"
+LXC_DHCP_MAX="253"
+# Uncomment the next line if you'd like to use a conf-file for the lxcbr0
+# dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have
+# container 'mail1' always get ip address 10.0.3.100.
+#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
+
+# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc
+# domain. You can then add "server=/lxc/10.0.3.1' (or your actual $LXC_ADDR)
+# to /etc/dnsmasq.conf, after which 'container1.lxc' will resolve on your
+# host.
+#LXC_DOMAIN="lxc"
+EOF
+fi
+
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%files
%defattr(-,root,root)
%{_bindir}/*
+# openSUSE/SUSE
+%if 0%{?suse_version} >= 1210
+%dir %{_sysconfdir}/apparmor.d
+%dir %{_sysconfdir}/apparmor.d/abstractions
+%dir %{_sysconfdir}/apparmor.d/abstractions/%{name}
+%config %{_sysconfdir}/apparmor.d/abstractions/%{name}/container-base
+%config %{_sysconfdir}/apparmor.d/abstractions/%{name}/start-container
+%config %{_sysconfdir}/apparmor.d/%{name}-containers
+%dir %{_sysconfdir}/apparmor.d/%{name}
+%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default
+%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default-with-mounting
+%config %{_sysconfdir}/apparmor.d/%{name}/%{name}-default-with-nesting
+%config %{_sysconfdir}/apparmor.d/usr.bin.%{name}-start
+%endif
%{_mandir}/man1/lxc*
%{_mandir}/man5/lxc*
%{_mandir}/man7/lxc*
+# not openSUSE/SUSE
+%if %{undefined suse_version}
%{_mandir}/ja/man1/lxc*
%{_mandir}/ja/man5/lxc*
%{_mandir}/ja/man7/lxc*
+%endif
%{_datadir}/doc/*
%{_datadir}/lxc/*
%{_sysconfdir}/bash_completion.d
+%{_sysconfdir}/sysconfig/*
%config(noreplace) %{_sysconfdir}/lxc/*
+%config(noreplace) %{_sysconfdir}/sysconfig/*
%if %{with_systemd}
+%{_unitdir}/lxc-net.service
%{_unitdir}/lxc.service
%else
%{_sysconfdir}/rc.d/init.d/lxc
+%{_sysconfdir}/rc.d/init.d/lxc-net
%endif
%files libs
%attr(4111,root,root) %{_libexecdir}/%{name}/lxc-user-nic
%if %{with_systemd}
%attr(555,root,root) %{_libexecdir}/%{name}/lxc-devsetup
-%attr(555,root,root) %{_libexecdir}/%{name}/lxc-autostart-helper
+%attr(555,root,root) %{_libexecdir}/%{name}/lxc-net
+%attr(555,root,root) %{_libexecdir}/%{name}/lxc-containers
%endif
%if %{with_python}