lxc-oci: write /etc/hostname

[mirror_lxc.git] / templates / lxc-sabayon.in

diff --git a/templates/lxc-sabayon.in b/templates/lxc-sabayon.in
index 2acd22c91ec7da2b59e58e1fa5e05c98f62902e1..fb9e62f582c8dd1f9ad911b290648815ff462906 100644 (file)
--- a/templates/lxc-sabayon.in
+++ b/templates/lxc-sabayon.in
@@ -39,13 +39,11 @@ readonly LXC_TEMPLATE_CONFIG='@LXCTEMPLATECONFIG@'
 readonly MIRRORS_LIST="
 http://mirror.it.sabayon.org/
 http://dl.sabayon.org/
-http://ftp.kddilabs.jp/Linux/packages/sabayonlinux/
 ftp://ftp.klid.dk/sabayonlinux/
 http://ftp.fsn.hu/pub/linux/distributions/sabayon/
 http://ftp.cc.uoc.gr/mirrors/linux/SabayonLinux/
 http://ftp.rnl.ist.utl.pt/pub/sabayon/
 ftp://ftp.nluug.nl/pub/os/Linux/distr/sabayonlinux/
-http://ftp.surfnet.nl/pub/os/Linux/distr/sabayonlinux/
 http://mirror.internode.on.net/pub/sabayon/
 http://mirror.yandex.ru/sabayon/
 http://sabayon.c3sl.ufpr.br/
@@ -66,6 +64,7 @@ rootfs=
 unprivileged=false
 mapped_uid=
 mapped_gid=
+flush_owner=false
 
 #========================  Helper Functions  ========================#
 
@@ -81,12 +80,15 @@ Template options:
     -d, --debug            Run this script in a debug mode (set -x and wget w/o -q).
     -m URL --mirror=URL    The Sabayon mirror to use; defaults to random mirror.
     -u, --unprivileged     Tuning of rootfs for unprivileged containers.
-                           Are needed --mapped-gid and --mapped-uid options.
     -r, --release          Identify release to use. Default is DAILY.
     --mapped-gid           Group Id to use on unprivileged container
                            (based of value present on file /etc/subgid).
     --mapped-uid           User Id to use on unprivileged container
                            (based of value present on file /etc/subuid)
+    --flush-owner          Only for directly creation of unprivileged containers
+                           through lxc-create command. Execute fuidshift command.
+                           Require --mapped-gid,--mapped-uid and --unprivileged
+                           options.
 
 Environment variables:
     RELEASE                Release version of Sabayon. Default is ${RELEASE}.
@@ -281,13 +283,23 @@ configure_container() {
     local unprivileged_options=""
 
     if [[ $unprivileged && $unprivileged == true ]] ; then
+        if [[ $flush_owner == true ]] ; then
+            unprivileged_options="
+lxc.idmap = u 0 ${mapped_uid} 65536
+lxc.idmap = g 0 ${mapped_gid} 65536
+"
+        fi
+
         unprivileged_options="
-lxc.id_map = u 0 ${mapped_uid} 65536
-lxc.id_map = g 0 ${mapped_gid} 65536
+$unprivileged_options
+
+# Force use of cgroup v1. Currently systemd doesn't support
+# correctly cgroup v2. See: https://github.com/lxc/lxc/issues/1669
+# about discussion of default-hierarchy option.
+lxc.init.cmd = /sbin/init systemd.legacy_systemd_cgroup_controller=yes
 
 # Include common configuration.
 lxc.include = $LXC_TEMPLATE_CONFIG/sabayon.userns.conf
-
 "
 
     else
@@ -315,7 +327,7 @@ lxc.cgroup.devices.allow = c 10:229 rwm
 lxc.arch = $arch
 
 # Set hostname.
-lxc.utsname = $hostname
+lxc.uts.name = $hostname
 
 # Include common configuration.
 lxc.include = $LXC_TEMPLATE_CONFIG/sabayon.common.conf
@@ -332,7 +344,7 @@ parse_cmdline() {
 
     # Parse command options.
     local short_options="a:dm:n:p:r:hu"
-    local long_options="arch:,debug,mirror:,name:,path:,release:,rootfs:,mapped-uid:,mapped-gid:,help"
+    local long_options="arch:,debug,mirror:,name:,path:,release:,rootfs:,mapped-uid:,mapped-gid:,flush-owner,help"
 
     options=$(getopt -u -q -a -o "$short_options" -l "$long_options" -- "$@")
 
@@ -383,6 +395,9 @@ parse_cmdline() {
                 mapped_gid=$2
                 shift
                 ;;
+            --flush-owner)
+                flush_owner=true
+                ;;
             --)
                 break
                 ;;
@@ -415,12 +430,15 @@ parse_cmdline() {
     arch=$(parse_arch "$arch") \
         || die 1 "Unsupported architecture: $arch"
 
-    [[ $unprivileged && $unprivileged == true && -z "$mapped_uid" ]] && \
+    [[ $unprivileged == true && $flush_owner == true &&-z "$mapped_uid" ]] && \
         die 1 'Missing required option --mapped-uid with --unprivileged option'
 
-    [[ $unprivileged && $unprivileged == true && -z "$mapped_gid" ]] && \
+    [[ $unprivileged == true && $flush_owner == true && -z "$mapped_gid" ]] && \
         die 1 'Missing required option --mapped-gid with --unprivileged option'
 
+    [[ $flush_owner == true && $unprivileged == false ]] && \
+        die 1 'flush-owner require --unprivileged option'
+
     return 0
 }
 
@@ -441,7 +459,7 @@ main () {
     DEBUG="$debug"
     MIRROR_URL="${mirror_url:-$(random_mirror_url)}"
 
-    einfo "Use arch = $arch, mirror_url = $MIRROR_URL, path = $path, name = $name, release = $release, unprivileged = $unprivileged, rootfs = $rootfs, mapped_uid = $mapped_uid, mapped_gid = $mapped_gid"
+    einfo "Use arch = $arch, mirror_url = $MIRROR_URL, path = $path, name = $name, release = $release, unprivileged = $unprivileged, rootfs = $rootfs, mapped_uid = $mapped_uid, mapped_gid = $mapped_gid, flush_owner = $flush_owner"
 
     [ "$debug" = 'yes' ] && set -x
 
@@ -463,9 +481,11 @@ main () {
     systemd_container_tuning
 
     # Fix container for unprivileged mode.
-    if [[ $unprivileged && $unprivileged == true ]] ; then
+    if [[ $unprivileged == true ]] ; then
         unprivileged_rootfs
-        unprivileged_shift_owner
+        if [[ $flush_owner == true ]] ; then
+            unprivileged_shift_owner
+        fi
     fi
 
     return 0