On Mon, Jun 23, 2014 at 09:34:19AM -0400, Dwight Engen wrote: > On Fri, 20 Jun 2014 17:30:33 -0400 > Stéphane Graber <[email protected]> wrote: > > > This is a rather massive cleanup of config/templates/* > > > > As new templates were added, I've noticed that we pretty much all > > share the tty/pts configs, some capabilities being dropped and most > > of the cgroup configuration. All the userns configs were also almost > > identical. > > > > As a result, this change introduces two new files: > > - common.conf.in > > - userns.conf.in > > > > Each is included by the relevant <template>.<type>.conf.in templates, > > this means that the individual per-template configs are now overlays > > on top of the default config. > > > > Once we see a specific key becoming popular, we ought to check whether > > it should also be applied to the other templates and if more than 50% > > of the templates have it set to the same value, that value ought to be > > moved to the master config file and then overriden for the templates > > that do not use it. > > > > This change while pretty big and scary, shouldn't be very visible > > from a user point of view, the actual changes can be summarized as: > > - Extend clonehostname to work with Debian based distros and use it > > for all containers. > > - lxc.pivotdir is now set to lxc_putold for all templates, this means > > that instead of using /mnt in the container, lxc will create and > > use /lxc_putold instead. The reason for this is to avoid failures > > when the user bind-mounts something else on top of /mnt. > > - Some minor cgroup limit changes, the main one I remember is > > /dev/console now being writable by all of the redhat based > > containers. The rest of the set should be identical with additions in > > the per-distro ones. > > - Drop binfmtmisc and efivars bind-mounts for non-mountall based > > unpriivileged containers as I assumed they got those from > > copy/paste from Ubuntu and not because they actually need those > > entries. (If I'm wrong, we probably should move those to userns.conf > > then). > > > > Additional investigation and changes to reduce the config delta > > between distros would be appreciated. In practice, I only expect > > lxc.cap.drop and lxc.mount.entry to really vary between distros > > (depending on the init system, the rest should be mostly common. > > > > I'm marking this as RFC because I haven't done any testing on this yet > > and I've got to work on something else right now. I'd appreciate the > > input from the affected template maintainers! > > Hi Stéphane, I looked through this and it looks good to me (one minor > comment below). Thanks. > > > Signed-off-by: Stéphane Graber <[email protected]> > > --- > > [...] > > > diff --git a/hooks/clonehostname b/hooks/clonehostname > > index 8865c2d..e5676af 100755 > > --- a/hooks/clonehostname > > +++ b/hooks/clonehostname > > @@ -20,7 +20,9 @@ > > # Note that /etc/hostname is updated by lxc itself > > for file in \ > > $LXC_ROOTFS_PATH/etc/sysconfig/network \ > > - $LXC_ROOTFS_PATH/etc/sysconfig/network-scripts/ifcfg-* ; > > + $LXC_ROOTFS_PATH/etc/sysconfig/network-scripts/ifcfg-* \ > > + $LXC_ROOTFS_PATH/etc/hostname \ > > + $LXC_ROOTFS_PATH/etc/hosts ; > > do > > if [ -f $file ]; then > > sed -i "s|$LXC_SRC_NAME|$LXC_NAME|" $file > > As I put in the comment above, I didn't put /etc/hostname into the list > in the hook since clone_update_rootfs() already does it, and if we > put it here it will override the LXC_CLONE_KEEPNAME flag.
Doh, I should have read the comment, I'll drop it from the list then :) > _______________________________________________ > lxc-devel mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-devel -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: Digital signature
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
