From: Dietmar Maurer Date: Sun, 30 Oct 2016 07:54:57 +0000 (+0100) Subject: pct.adoc: move "Guest Operating System Configuration" one level up X-Git-Url: https://git.proxmox.com/?p=pve-docs.git;a=commitdiff_plain;h=53e3cd6f30f6f1c59adce8b131a9ad0232624359 pct.adoc: move "Guest Operating System Configuration" one level up --- diff --git a/pct.adoc b/pct.adoc index 4414662..eb911e0 100644 --- a/pct.adoc +++ b/pct.adoc @@ -105,6 +105,74 @@ kernel security bug rather than an LXC issue. The LXC team thinks unprivileged containers are safe by design. +Guest Operating System Configuration +------------------------------------ + +We normally try to detect the operating system type inside the +container, and then modify some files inside the container to make +them work as expected. Here is a short list of things we do at +container startup: + +set /etc/hostname:: to set the container name + +modify /etc/hosts:: to allow lookup of the local hostname + +network setup:: pass the complete network setup to the container + +configure DNS:: pass information about DNS servers + +adapt the init system:: for example, fix the number of spawned getty processes + +set the root password:: when creating a new container + +rewrite ssh_host_keys:: so that each container has unique keys + +randomize crontab:: so that cron does not start at the same time on all containers + +Changes made by {PVE} are enclosed by comment markers: + +---- +# --- BEGIN PVE --- + +# --- END PVE --- +---- + +Those markers will be inserted at a reasonable location in the +file. If such a section already exists, it will be updated in place +and will not be moved. + +Modification of a file can be prevented by adding a `.pve-ignore.` +file for it. For instance, if the file `/etc/.pve-ignore.hosts` +exists then the `/etc/hosts` file will not be touched. This can be a +simple empty file creatd via: + + # touch /etc/.pve-ignore.hosts + +Most modifications are OS dependent, so they differ between different +distributions and versions. You can completely disable modifications +by manually setting the `ostype` to `unmanaged`. + +OS type detection is done by testing for certain files inside the +container: + +Ubuntu:: inspect /etc/lsb-release (`DISTRIB_ID=Ubuntu`) + +Debian:: test /etc/debian_version + +Fedora:: test /etc/fedora-release + +RedHat or CentOS:: test /etc/redhat-release + +ArchLinux:: test /etc/arch-release + +Alpine:: test /etc/alpine-release + +Gentoo:: test /etc/gentoo-release + +NOTE: Container start fails if the configured `ostype` differs from the auto +detected type. + + [[pct_configuration]] Configuration ------------- @@ -195,74 +263,6 @@ relationship between snapshots. `snaptime` is the snapshot creation time stamp (Unix epoch). -Guest Operating System Configuration -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -We normally try to detect the operating system type inside the -container, and then modify some files inside the container to make -them work as expected. Here is a short list of things we do at -container startup: - -set /etc/hostname:: to set the container name - -modify /etc/hosts:: to allow lookup of the local hostname - -network setup:: pass the complete network setup to the container - -configure DNS:: pass information about DNS servers - -adapt the init system:: for example, fix the number of spawned getty processes - -set the root password:: when creating a new container - -rewrite ssh_host_keys:: so that each container has unique keys - -randomize crontab:: so that cron does not start at the same time on all containers - -Changes made by {PVE} are enclosed by comment markers: - ----- -# --- BEGIN PVE --- - -# --- END PVE --- ----- - -Those markers will be inserted at a reasonable location in the -file. If such a section already exists, it will be updated in place -and will not be moved. - -Modification of a file can be prevented by adding a `.pve-ignore.` -file for it. For instance, if the file `/etc/.pve-ignore.hosts` -exists then the `/etc/hosts` file will not be touched. This can be a -simple empty file creatd via: - - # touch /etc/.pve-ignore.hosts - -Most modifications are OS dependent, so they differ between different -distributions and versions. You can completely disable modifications -by manually setting the `ostype` to `unmanaged`. - -OS type detection is done by testing for certain files inside the -container: - -Ubuntu:: inspect /etc/lsb-release (`DISTRIB_ID=Ubuntu`) - -Debian:: test /etc/debian_version - -Fedora:: test /etc/fedora-release - -RedHat or CentOS:: test /etc/redhat-release - -ArchLinux:: test /etc/arch-release - -Alpine:: test /etc/alpine-release - -Gentoo:: test /etc/gentoo-release - -NOTE: Container start fails if the configured `ostype` differs from the auto -detected type. - - [[pct_options]] Options ~~~~~~~