setup: more general approach to tty paths

Unprivileged containers always use an empty lxc.devttydir
option (iow. don't use the /dev/lxc/ subdirectory).
Alpine and Gentoo don't support it in general.

Define a devttydir() sub in Setup::Base which by default
returns "lxc/" or an empty string depending on whether it is
an unprivileged container. Gentoo and Alpine override it
with one which always returns an empty string.

diff --git a/src/PVE/LXC/Setup/Alpine.pm b/src/PVE/LXC/Setup/Alpine.pm
index d69a0dfaafe4947c0bb0a23c7a64b2eb42bbfb53..e7b8e67c9b0ce8b6f40b44d64b96c762452efeb1 100644 (file)
--- a/src/PVE/LXC/Setup/Alpine.pm
+++ b/src/PVE/LXC/Setup/Alpine.pm
@@ -22,6 +22,11 @@ sub new {
     return bless $self, $class;
 }
 
+# Alpine doesn't support the /dev/lxc/ subdirectory.
+sub devttydir {
+    return '';
+}
+
 sub template_fixup {
     my ($self, $conf) = @_;
 
@@ -39,7 +44,7 @@ sub template_fixup {
     $self->ct_symlink('/etc/init.d/savecache',
                       '/etc/runlevels/shutdown/savecache');
 
-    $self->setup_securetty($conf, qw(lxc/console lxc/tty1 lxc/tty2 lxc/tty3 lxc/tty4));
+    $self->setup_securetty($conf);
 }
 
 sub setup_init {

diff --git a/src/PVE/LXC/Setup/ArchLinux.pm b/src/PVE/LXC/Setup/ArchLinux.pm
index e93293f2abf2eee1fbe99b74ff0c6c868a3e3abc..60118ef385cc0c3113f501e7042fd7de4d52dfd7 100644 (file)
--- a/src/PVE/LXC/Setup/ArchLinux.pm
+++ b/src/PVE/LXC/Setup/ArchLinux.pm
@@ -39,12 +39,12 @@ sub template_fixup {
                       '/etc/systemd/system/socket.target.wants/systemd-networkd.socket');
 
     # edit /etc/securetty (enable login on console)
-    $self->setup_securetty($conf, qw(console tty1 tty2 tty3 tty4));
+    $self->setup_securetty($conf);
 }
 
 sub setup_init {
     my ($self, $conf) = @_;
-    $self->setup_container_getty_service(1);
+    $self->setup_container_getty_service($conf);
 }
 
 sub setup_network {

diff --git a/src/PVE/LXC/Setup/Base.pm b/src/PVE/LXC/Setup/Base.pm
index 32c14916d9d2ef587c1a6503b70708dd0656cc90..7bf66ca81d62de49c0b0dd06723dfc3a2ba7479b 100644 (file)
--- a/src/PVE/LXC/Setup/Base.pm
+++ b/src/PVE/LXC/Setup/Base.pm
@@ -198,13 +198,21 @@ sub setup_systemd_console {
     }
 }
 
+# A few distros as well as unprivileged containers cannot deal with the
+# /dev/lxc/ tty subdirectory.
+sub devttydir {
+    my ($self, $conf) = @_;
+    return $conf->{unprivileged} ? '' : 'lxc/';
+}
+
 sub setup_container_getty_service {
-    my ($self, $nosubdir) = @_;
+    my ($self, $conf) = @_;
+
     my $systemd_dir_rel = $self->ct_is_executable("/lib/systemd/systemd") ?
        "/lib/systemd/system" : "/usr/lib/systemd/system";
     my $servicefile = "$systemd_dir_rel/container-getty\@.service";
     my $raw = $self->ct_file_get_contents($servicefile);
-    my $ttyname = ($nosubdir ? '' : 'lxc/') . 'tty%I';
+    my $ttyname = $self->devttydir($conf) . 'tty%I';
     if ($raw =~ s@pts/%I|lxc/tty%I@$ttyname@g) {
        $self->ct_file_set_contents($servicefile, $raw);
     }
@@ -281,6 +289,13 @@ sub setup_securetty {
     # root login is already allowed on every device if no securetty present
     return if !$self->ct_file_exists($filename);
 
+    if (!scalar(@add)) {
+       @add = qw(console tty1 tty2 tty3 tty4);
+       if (my $dir = $self->devttydir($conf)) {
+           @add = map { "${dir}$_" } @add;
+       }
+    }
+
     my $data = $self->ct_file_get_contents($filename);
     chomp $data; $data .= "\n";
     foreach my $dev (@add) {

diff --git a/src/PVE/LXC/Setup/CentOS.pm b/src/PVE/LXC/Setup/CentOS.pm
index 2becc35a6bfd619ce74a1ed530c2aae9af6b3873..94121ed6d80e30c4aee9a833431a2d4a9120527c 100644 (file)
--- a/src/PVE/LXC/Setup/CentOS.pm
+++ b/src/PVE/LXC/Setup/CentOS.pm
@@ -106,7 +106,7 @@ sub template_fixup {
        $self->ct_file_set_contents($filename, $data);
        
        # edit /etc/securetty (enable login on console)
-       $self->setup_securetty($conf, qw(lxc/console lxc/tty1 lxc/tty2 lxc/tty3 lxc/tty4));
+       $self->setup_securetty($conf);
     }
 }
 

diff --git a/src/PVE/LXC/Setup/Debian.pm b/src/PVE/LXC/Setup/Debian.pm
index 1cca4944b398c578e513dbe1bbb8059102074832..9c7ba9a325b5eea73a1102341fc8bc4b0a6884e2 100644 (file)
--- a/src/PVE/LXC/Setup/Debian.pm
+++ b/src/PVE/LXC/Setup/Debian.pm
@@ -42,7 +42,7 @@ sub setup_init {
 
     my $systemd = $self->ct_readlink('/sbin/init');
     if (defined($systemd) && $systemd =~ m@/systemd$@) {
-       $self->setup_container_getty_service(1);
+       $self->setup_container_getty_service($conf);
     }
 
     my $filename = "/etc/inittab";

diff --git a/src/PVE/LXC/Setup/Gentoo.pm b/src/PVE/LXC/Setup/Gentoo.pm
index c1810bbcf5a9dd3ac51275e999b9a4fcdc418f73..6dc8e9fb489bb5c00e1cb02d4ee886e9123c01b6 100644 (file)
--- a/src/PVE/LXC/Setup/Gentoo.pm
+++ b/src/PVE/LXC/Setup/Gentoo.pm
@@ -27,9 +27,14 @@ sub new {
     return bless $self, $class;
 }
 
+# Gentoo doesn't support the /dev/lxc/ subdirectory
+sub devttydir {
+    return '';
+}
+
 sub template_fixup {
     my ($self, $conf) = @_;
-    $self->setup_securetty($conf, qw(lxc/console lxc/tty1 lxc/tty2 lxc/tty3 lxc/tty4));
+    $self->setup_securetty($conf);
 }
 
 sub setup_init {

diff --git a/src/PVE/LXC/Setup/SUSE.pm b/src/PVE/LXC/Setup/SUSE.pm
index c511ab6f36d29f728844a5edcaae359a58419b5b..b7753780b0d2d8facb997239a45639ab55a59d07 100644 (file)
--- a/src/PVE/LXC/Setup/SUSE.pm
+++ b/src/PVE/LXC/Setup/SUSE.pm
@@ -38,14 +38,14 @@ sub new {
 sub template_fixup {
     my ($self, $conf) = @_;
 
-    $self->setup_securetty($conf, qw(lxc/console lxc/tty1 lxc/tty2 lxc/tty3 lxc/tty4));
+    $self->setup_securetty($conf);
 }
 
 sub setup_init {
     my ($self, $conf) = @_;
 
     if ($self->{version} >= 13.2) {
-       $self->setup_container_getty_service();
+       $self->setup_container_getty_service($conf);
     }
     $self->setup_systemd_console($conf);
 }

diff --git a/src/PVE/LXC/Setup/Ubuntu.pm b/src/PVE/LXC/Setup/Ubuntu.pm
index be785dd8f18cc83d9b495f9dd1fa4d9d1112ccb8..28eb1182fe9f48fea5194d3c18a2c7b5ba0906ae 100644 (file)
--- a/src/PVE/LXC/Setup/Ubuntu.pm
+++ b/src/PVE/LXC/Setup/Ubuntu.pm
@@ -70,7 +70,7 @@ sub setup_init {
     my $version = $self->{version};
 
     if ($version eq '16.10') {
-        $self->setup_container_getty_service(0);
+        $self->setup_container_getty_service($conf);
     }
     
     if ($version eq '12.04' || $version eq '14.04') {