Quoting Dwight Engen (dwight.en...@oracle.com):
> Reported-by: Alvaro Miranda <miran...@redrock.net.nz>
self-contained, so
Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com>
but question and comment below.
> Signed-off-by: Dwight Engen <dwight.en...@oracle.com>
> ---
> templates/lxc-oracle.in | 63
> +++++++++++++++++++++++++++++++++++++------------
> 1 file changed, 48 insertions(+), 15 deletions(-)
>
> diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
> index 95c6275..e6bf489 100644
> --- a/templates/lxc-oracle.in
> +++ b/templates/lxc-oracle.in
> @@ -61,6 +61,7 @@ container_rootfs_configure()
> if [ -e $container_rootfs/etc/selinux/config ]; then
> sed -i 's|SELINUX=enforcing|SELINUX=disabled|'
> $container_rootfs/etc/selinux/config
> else
> + mkdir -p $container_rootfs/etc/selinux
> echo "SELINUX=disabled" >$container_rootfs/etc/selinux/config
> fi
> sed -i 's|session[ ]*required[ ]*pam_selinux.so[ ]*close|#session
> required pam_selinux.so close|' $container_rootfs/etc/pam.d/login
> @@ -97,8 +98,10 @@ EOF
> echo "127.0.0.1 localhost $name" > $container_rootfs/etc/hosts
>
> # disable ipv6
> - echo "blacklist ipv6" >>$container_rootfs/etc/modprobe.d/blacklist.conf
> - echo "blacklist net-pf-10"
> >>$container_rootfs/etc/modprobe.d/blacklist.conf
> + if [ -f $container_rootfs/etc/modprobe.d/blacklist.conf ]; then
Sorry, is this because if that file doesn't exist then it simply won't
be needed? (I would have expected you to create the file if it didn't
exist. modprobe.d isn't exactly a new feature)
...
> @@ -508,6 +530,13 @@ container_rootfs_create()
> echo "Rebuilding rpm database"
> rm -f $container_rootfs/var/lib/rpm/__db*
> chroot $container_rootfs rpm --rebuilddb >/dev/null 2>&1
> +
> + # doing the yum install with release 4 packages causes proc in the
> + # container to be mounted, which makes lxc-destroy fail.
> + if [ $container_release_major = "4" ]; then
> + umount $container_rootfs/proc
> + fi
Another, perhaps more future-proof, way of handling this would be to run
the yum_cmd under lxc-unshare -s MOUNT.
> +
> ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-oracle-$name
> }
>
> @@ -517,10 +546,14 @@ container_release_get()
> container_release_version=`cat $1/etc/oracle-release |awk '/^Oracle/
> {print $5}'`
> container_release_major=`echo $container_release_version |awk -F '.'
> '{print $1}'`
> container_release_minor=`echo $container_release_version |awk -F '.'
> '{print $2}'`
> - elif grep -q Nahant $1/etc/redhat-release; then
> + elif grep -q "Enterprise Linux AS" $1/etc/redhat-release; then
> container_release_major=`cat $1/etc/redhat-release |awk '{print $7}'`
> container_release_minor=`cat $1/etc/redhat-release |awk '{print
> $10}' |tr -d ")"`
>
> container_release_version="$container_release_major.$container_release_minor"
> + elif grep -q "Enterprise Linux Server" $1/etc/redhat-release; then
> + container_release_version=`cat $1/etc/redhat-release |awk '{print
> $7}'`
> + container_release_major=`echo $container_release_version |awk -F '.'
> '{print $1}'`
> + container_release_minor=`echo $container_release_version |awk -F '.'
> '{print $2}'`
> else
> echo "Unable to determine container release version"
> exit 1
> --
> 1.7.12.3
>
>
> ------------------------------------------------------------------------------
> Free Next-Gen Firewall Hardware Offer
> Buy your Sophos next-gen firewall before the end March 2013
> and get the hardware for free! Learn more.
> http://p.sf.net/sfu/sophos-d2d-feb
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
