Thanks Jim. I've merged this to master.
Bruce On Thu, Jul 9, 2015 at 9:58 AM, Jim Somerville <[email protected]> wrote: > This version has better support for unprivileged > containers. > > Two patches are deleted as they are now included. > One new patch is introduced to fix a file not found error at > the install build step. > > Signed-off-by: Jim Somerville <[email protected]> > --- > .../files/Generate-lxc-restore-net-properly.patch | 121 +++++++++++++++++ > .../lxc-helper-create-local-action-function.patch | 38 ------ > .../files/ppc-add-seccomp-support-for-lxc.patch | 111 ---------------- > recipes-containers/lxc/lxc_1.0.7.bb | 148 > --------------------- > recipes-containers/lxc/lxc_1.1.2.bb | 147 ++++++++++++++++++++ > 5 files changed, 268 insertions(+), 297 deletions(-) > create mode 100644 > recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch > delete mode 100644 > recipes-containers/lxc/files/lxc-helper-create-local-action-function.patch > delete mode 100644 > recipes-containers/lxc/files/ppc-add-seccomp-support-for-lxc.patch > delete mode 100644 recipes-containers/lxc/lxc_1.0.7.bb > create mode 100644 recipes-containers/lxc/lxc_1.1.2.bb > > diff --git > a/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch > b/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch > new file mode 100644 > index 0000000..5adb730 > --- /dev/null > +++ b/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch > @@ -0,0 +1,121 @@ > +From e08f3573b3561f1f0490624f7ca95b7ccd8157cb Mon Sep 17 00:00:00 2001 > +Message-Id: > <e08f3573b3561f1f0490624f7ca95b7ccd8157cb.1435177418.git.jim.somervi...@windriver.com> > +From: Jim Somerville <[email protected]> > +Date: Wed, 24 Jun 2015 16:16:38 -0400 > +Subject: [PATCH 1/1] Generate lxc-restore-net properly > + > +It's a script that should be run through the configure > +mechanism the same as the others. We simply rename it > +to have a .in extension and add it to configure.ac . > + > +Also, by generating the script from a .in file, it gets > +placed into the build directory. This plays nice with > +build systems that keep the src separate from the build > +directory. Without this change, the install step won't > +find the lxc-restore-net script as it still just resides > +in the src directory and not in the build directory. > + > +Upstream-Status: Not applicable. This script has already > +been rearchitected out of existence by > +cba98d127bf490b018a016b792ae05fd2d29c5ee: > +"c/r: use criu option instead of lxc-restore-net > + > +As of criu 1.5, the --veth-pair argument supports an additional parameter > that > +is the bridge name to attach to. This enables us to get rid of the goofy > +action-script hack that passed bridge names as environment variables. > + > +This patch is on top of the systemd/lxcfs mount rework patch, as we probably > +want to wait to use 1.5 options until it has been out for a while and is in > +distros. > + > +Signed-off-by: Tycho Andersen <[email protected]> > +Acked-by: Serge E. Hallyn <[email protected]>" > + > +Signed-off-by: Jim Somerville <[email protected]> > +--- > + configure.ac | 1 + > + src/lxc/lxc-restore-net | 26 -------------------------- > + src/lxc/lxc-restore-net.in | 26 ++++++++++++++++++++++++++ > + 3 files changed, 27 insertions(+), 26 deletions(-) > + delete mode 100755 src/lxc/lxc-restore-net > + create mode 100755 src/lxc/lxc-restore-net.in > + > +diff --git a/configure.ac b/configure.ac > +index 574b2cd..4972803 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -768,6 +768,7 @@ AC_CONFIG_FILES([ > + src/lxc/legacy/lxc-ls > + src/lxc/lxc.functions > + src/lxc/version.h > ++ src/lxc/lxc-restore-net > + src/python-lxc/Makefile > + src/python-lxc/setup.py > + > +diff --git a/src/lxc/lxc-restore-net b/src/lxc/lxc-restore-net > +deleted file mode 100755 > +index 6ae3c19..0000000 > +--- a/src/lxc/lxc-restore-net > ++++ /dev/null > +@@ -1,26 +0,0 @@ > +-#!/bin/sh > +- > +-set -e > +- > +-i=0 > +-while true; do > +- eval "bridge=\$LXC_CRIU_BRIDGE$i" > +- eval "veth=\$LXC_CRIU_VETH$i" > +- > +- if [ -z "$bridge" ] || [ -z "$veth" ]; then > +- exit 0 > +- fi > +- > +- if [ "$CRTOOLS_SCRIPT_ACTION" = "network-lock" ]; then > +- brctl delif $bridge $veth > +- fi > +- > +- if [ "$CRTOOLS_SCRIPT_ACTION" = "network-unlock" ]; then > +- brctl addif $bridge $veth > +- ip link set dev $veth up > +- fi > +- > +- i=$((i+1)) > +-done > +- > +-exit 1 > +diff --git a/src/lxc/lxc-restore-net.in b/src/lxc/lxc-restore-net.in > +new file mode 100755 > +index 0000000..6ae3c19 > +--- /dev/null > ++++ b/src/lxc/lxc-restore-net.in > +@@ -0,0 +1,26 @@ > ++#!/bin/sh > ++ > ++set -e > ++ > ++i=0 > ++while true; do > ++ eval "bridge=\$LXC_CRIU_BRIDGE$i" > ++ eval "veth=\$LXC_CRIU_VETH$i" > ++ > ++ if [ -z "$bridge" ] || [ -z "$veth" ]; then > ++ exit 0 > ++ fi > ++ > ++ if [ "$CRTOOLS_SCRIPT_ACTION" = "network-lock" ]; then > ++ brctl delif $bridge $veth > ++ fi > ++ > ++ if [ "$CRTOOLS_SCRIPT_ACTION" = "network-unlock" ]; then > ++ brctl addif $bridge $veth > ++ ip link set dev $veth up > ++ fi > ++ > ++ i=$((i+1)) > ++done > ++ > ++exit 1 > +-- > +1.8.3.2 > + > diff --git > a/recipes-containers/lxc/files/lxc-helper-create-local-action-function.patch > b/recipes-containers/lxc/files/lxc-helper-create-local-action-function.patch > deleted file mode 100644 > index d1d31ee..0000000 > --- > a/recipes-containers/lxc/files/lxc-helper-create-local-action-function.patch > +++ /dev/null > @@ -1,38 +0,0 @@ > -From aada9da49caca9e4a25764df2d2a2c11d9d95dbb Mon Sep 17 00:00:00 2001 > -From: Bruce Ashfield <[email protected]> > -Date: Fri, 10 Apr 2015 10:55:49 -0400 > -Subject: [PATCH] lxc-helper: create local action() function > - > -Signed-off-by: Bruce Ashfield <[email protected]> > ---- > - config/init/sysvinit/lxc.in | 14 ++++++++++++++ > - 1 file changed, 14 insertions(+) > - > -diff --git a/config/init/sysvinit/lxc.in b/config/init/sysvinit/lxc.in > -index 19c102e74c86..9f96a4f7496f 100644 > ---- a/config/init/sysvinit/lxc.in > -+++ b/config/init/sysvinit/lxc.in > -@@ -52,6 +52,20 @@ test ! -r "$sysconfdir"/sysconfig/lxc || > - # Check for needed utility program > - [ -x "$bindir"/lxc-autostart ] || exit 1 > - > -+action() > -+{ > -+ local STRING rc > -+ > -+ STRING=$1 > -+ echo -n "$STRING " > -+ > -+ shift > -+ "$@" && success $"$STRING" || failure $"$STRING" > -+ rc=$? > -+ > -+ return $rc > -+} > -+ > - # If libvirtd is providing the bridge, it might not be > - # immediately available, so wait a bit for it before starting > - # up the containers or else any that use the bridge will fail > --- > -2.1.0 > - > diff --git > a/recipes-containers/lxc/files/ppc-add-seccomp-support-for-lxc.patch > b/recipes-containers/lxc/files/ppc-add-seccomp-support-for-lxc.patch > deleted file mode 100644 > index 1055539..0000000 > --- a/recipes-containers/lxc/files/ppc-add-seccomp-support-for-lxc.patch > +++ /dev/null > @@ -1,111 +0,0 @@ > -From b4067426d58aec9b6cad7a4739793f3d90c5f189 Mon Sep 17 00:00:00 2001 > -From: Bogdan Purcareata <[email protected]> > -Date: Thu, 12 Mar 2015 08:57:47 +0000 > -Subject: [PATCH] seccomp: add ppc support > - > -This patch enables seccomp support for LXC containers running on PowerPC > -architectures. It is based on the latest PowerPC support added to > libseccomp, on > -the working-ppc64 branch [1]. > - > -Libseccomp has been tested on ppc, ppc64 and ppc64le architectures. LXC with > -seccomp support has been tested on ppc and ppc64 architectures, using the > -default seccomp policy example files delivered with the LXC package. > - > -[1] https://github.com/seccomp/libseccomp/commits/working-ppc64 > - > -v2: > -- add #ifdefs in get_new_ctx to fix builds on systems not having > SCMP_ARCH_PPC* > - defined > - > -Upstream-Status: Applied > -[https://github.com/lxc/lxc/commit/b4067426d58aec9b6cad7a4739793f3d90c5f189] > - > -Signed-off-by: Bogdan Purcareata <[email protected]> > -Acked-by: Serge E. Hallyn <[email protected]> > ---- > - src/lxc/seccomp.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ > - 1 file changed, 48 insertions(+) > - > -diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c > -index 3ba6c9a..108faa0 100644 > ---- a/src/lxc/seccomp.c > -+++ b/src/lxc/seccomp.c > -@@ -121,6 +121,9 @@ enum lxc_hostarch_t { > - lxc_seccomp_arch_i386, > - lxc_seccomp_arch_amd64, > - lxc_seccomp_arch_arm, > -+ lxc_seccomp_arch_ppc64, > -+ lxc_seccomp_arch_ppc64le, > -+ lxc_seccomp_arch_ppc, > - lxc_seccomp_arch_unknown = 999, > - }; > - > -@@ -137,6 +140,12 @@ int get_hostarch(void) > - return lxc_seccomp_arch_amd64; > - else if (strncmp(uts.machine, "armv7", 5) == 0) > - return lxc_seccomp_arch_arm; > -+ else if (strncmp(uts.machine, "ppc64le", 7) == 0) > -+ return lxc_seccomp_arch_ppc64le; > -+ else if (strncmp(uts.machine, "ppc64", 5) == 0) > -+ return lxc_seccomp_arch_ppc64; > -+ else if (strncmp(uts.machine, "ppc", 3) == 0) > -+ return lxc_seccomp_arch_ppc; > - return lxc_seccomp_arch_unknown; > - } > - > -@@ -150,6 +159,15 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch, > uint32_t default_policy_ > - case lxc_seccomp_arch_i386: arch = SCMP_ARCH_X86; break; > - case lxc_seccomp_arch_amd64: arch = SCMP_ARCH_X86_64; break; > - case lxc_seccomp_arch_arm: arch = SCMP_ARCH_ARM; break; > -+#ifdef SCMP_ARCH_PPC64LE > -+ case lxc_seccomp_arch_ppc64le: arch = SCMP_ARCH_PPC64LE; break; > -+#endif > -+#ifdef SCMP_ARCH_PPC64 > -+ case lxc_seccomp_arch_ppc64: arch = SCMP_ARCH_PPC64; break; > -+#endif > -+#ifdef SCMP_ARCH_PPC > -+ case lxc_seccomp_arch_ppc: arch = SCMP_ARCH_PPC; break; > -+#endif > - default: return NULL; > - } > - > -@@ -343,6 +361,36 @@ static int parse_config_v2(FILE *f, char *line, struct > lxc_conf *conf) > - cur_rule_arch = lxc_seccomp_arch_arm; > - } > - #endif > -+#ifdef SCMP_ARCH_PPC64LE > -+ else if (strcmp(line, "[ppc64le]") == 0 || > -+ strcmp(line, "[PPC64LE]") == 0) { > -+ if (native_arch != lxc_seccomp_arch_ppc64le) { > -+ cur_rule_arch = > lxc_seccomp_arch_unknown; > -+ continue; > -+ } > -+ cur_rule_arch = lxc_seccomp_arch_ppc64le; > -+ } > -+#endif > -+#ifdef SCMP_ARCH_PPC64 > -+ else if (strcmp(line, "[ppc64]") == 0 || > -+ strcmp(line, "[PPC64]") == 0) { > -+ if (native_arch != lxc_seccomp_arch_ppc64) { > -+ cur_rule_arch = > lxc_seccomp_arch_unknown; > -+ continue; > -+ } > -+ cur_rule_arch = lxc_seccomp_arch_ppc64; > -+ } > -+#endif > -+#ifdef SCMP_ARCH_PPC > -+ else if (strcmp(line, "[ppc]") == 0 || > -+ strcmp(line, "[PPC]") == 0) { > -+ if (native_arch != lxc_seccomp_arch_ppc) { > -+ cur_rule_arch = > lxc_seccomp_arch_unknown; > -+ continue; > -+ } > -+ cur_rule_arch = lxc_seccomp_arch_ppc; > -+ } > -+#endif > - else > - goto bad_arch; > - > --- > -2.1.4 > - > diff --git a/recipes-containers/lxc/lxc_1.0.7.bb > b/recipes-containers/lxc/lxc_1.0.7.bb > deleted file mode 100644 > index faa31b7..0000000 > --- a/recipes-containers/lxc/lxc_1.0.7.bb > +++ /dev/null > @@ -1,148 +0,0 @@ > -DESCRIPTION = "lxc aims to use these new functionnalities to provide an > userspace container object" > -SECTION = "console/utils" > -LICENSE = "GPLv2" > -LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" > -PRIORITY = "optional" > -DEPENDS = "libxml2 libcap" > -RDEPENDS_${PN} = " \ > - rsync \ > - gzip \ > - libcap-bin \ > - bridge-utils \ > - dnsmasq \ > - perl-module-strict \ > - perl-module-getopt-long \ > - perl-module-vars \ > - perl-module-warnings-register \ > - perl-module-exporter \ > - perl-module-constant \ > - perl-module-overload \ > - perl-module-exporter-heavy \ > -" > -RDEPENDS_${PN}-ptest += "file make" > - > -SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ > - file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ > - file://runtest.patch \ > - file://run-ptest \ > - file://automake-ensure-VPATH-builds-correctly.patch \ > - file://add-lxc.rebootsignal.patch \ > - file://lxc-helper-create-local-action-function.patch \ > - file://document-lxc.rebootsignal.patch \ > - file://lxc-busybox-use-lxc.rebootsignal-SIGTERM.patch \ > - file://ppc-add-seccomp-support-for-lxc.patch \ > - file://lxc-fix-B-S.patch \ > - file://lxc-busybox-add-OpenSSH-support.patch \ > - file://make-some-OpenSSH-tools-optional.patch \ > - " > - > -SRC_URI[md5sum] = "b48f468a9bef0e4e140dd723f0a65ad0" > -SRC_URI[sha256sum] = > "3c0cb2d95d9d8a8d59c7189d237a45cde77f38ea180fbff2c148d59e176e9dab" > - > -S = "${WORKDIR}/${BPN}-${PV}" > - > -# Let's not configure for the host distro. > -# > -PTEST_CONF = "${@base_contains('DISTRO_FEATURES', 'ptest', '--enable-tests', > '', d)}" > -EXTRA_OECONF += "--with-distro=${DISTRO} ${PTEST_CONF}" > - > -EXTRA_OECONF += "--with-init-script=\ > -${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit,', '', d)}\ > -${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" > - > -PACKAGECONFIG ??= "templates \ > - ${@base_contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ > -" > -PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc > --disable-api-docs,," > -PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,," > -PACKAGECONFIG[apparmour] = > "--enable-apparmor,--disable-apparmor,apparmor,apparmor" > -PACKAGECONFIG[templates] = ",,, ${PN}-templates" > -PACKAGECONFIG[selinux] = > "--enable-selinux,--disable-selinux,libselinux,libselinux" > -PACKAGECONFIG[seccomp] > ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp" > - > -inherit autotools pkgconfig ptest update-rc.d systemd > - > -SYSTEMD_PACKAGES = "${PN}-setup" > -SYSTEMD_SERVICE_${PN}-setup = "lxc.service" > -SYSTEMD_AUTO_ENABLE_${PN}-setup = "disable" > - > -INITSCRIPT_PACKAGES = "${PN}-setup" > -INITSCRIPT_NAME_{PN}-setup = "lxc" > -INITSCRIPT_PARAMS_${PN}-setup = "${OS_DEFAULT_INITSCRIPT_PARAMS}" > - > -FILES_${PN}-doc = "${mandir} ${infodir}" > -# For LXC the docdir only contains example configuration files and should be > included in the lxc package > -FILES_${PN} += "${docdir}" > -FILES_${PN}-dbg += "${libexecdir}/lxc/.debug" > -PACKAGES =+ "${PN}-templates ${PN}-setup" > -FILES_${PN}-templates += "${datadir}/lxc/templates" > -RDEPENDS_${PN}-templates += "bash" > - > -FILES_${PN}-setup += "/etc/tmpfiles.d" > -FILES_${PN}-setup += "/lib/systemd/system" > -FILES_${PN}-setup += "/usr/lib/systemd/system" > -FILES_${PN}-setup += "/etc/init.d" > - > -PRIVATE_LIBS_${PN}-ptest = "liblxc.so.1" > - > -do_install_append() { > - # The /var/cache/lxc directory created by the Makefile > - # is wiped out in volatile, we need to create this at boot. > - rm -rf ${D}${localstatedir}/cache > - install -d ${D}${sysconfdir}/default/volatiles > - echo "d root root 0755 ${localstatedir}/cache/lxc none" \ > - > ${D}${sysconfdir}/default/volatiles/99_lxc > - > - for i in `grep -l "#! */bin/bash" ${D}${datadir}/lxc/hooks/*`; do \ > - sed -e 's|#! */bin/bash|#!/bin/sh|' -i $i; done > - > - if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', > d)}; then > - install -d ${D}${sysconfdir}/init.d > - cp ${S}/config/init/sysvinit/lxc ${D}${sysconfdir}/init.d > - fi > -} > - > -EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests" > - > -do_install_ptest() { > - oe_runmake -C src/tests install-ptest > -} > - > -pkg_postinst_${PN}() { > - if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then > - /etc/init.d/populate-volatile.sh update > - fi > -} > - > -pkg_postinst_${PN}-setup() { > - if [ "x$D" != "x" ]; then > - exit 1 > - fi > - > - # setup for our bridge > - echo "lxc.network.link=lxcbr0" >> ${sysconfdir}/lxc/default.conf > - > -cat >> /etc/network/interfaces << EOF > - > -auto lxcbr0 > -iface lxcbr0 inet dhcp > - bridge_ports eth0 > - bridge_fd 0 > - bridge_maxwait 0 > -EOF > - > -cat<<EOF>/etc/network/if-pre-up.d/lxcbr0 > -#! /bin/sh > - > -if test "x\$IFACE" = xlxcbr0 ; then > - brctl show |grep lxcbr0 > /dev/null 2>/dev/null > - if [ \$? != 0 ] ; then > - brctl addbr lxcbr0 > - brctl addif lxcbr0 eth0 > - ip addr flush eth0 > - ifconfig eth0 up > - fi > -fi > -EOF > -chmod 755 /etc/network/if-pre-up.d/lxcbr0 > -} > diff --git a/recipes-containers/lxc/lxc_1.1.2.bb > b/recipes-containers/lxc/lxc_1.1.2.bb > new file mode 100644 > index 0000000..77d226b > --- /dev/null > +++ b/recipes-containers/lxc/lxc_1.1.2.bb > @@ -0,0 +1,147 @@ > +DESCRIPTION = "lxc aims to use these new functionnalities to provide an > userspace container object" > +SECTION = "console/utils" > +LICENSE = "GPLv2" > +LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" > +PRIORITY = "optional" > +DEPENDS = "libxml2 libcap" > +RDEPENDS_${PN} = " \ > + rsync \ > + gzip \ > + libcap-bin \ > + bridge-utils \ > + dnsmasq \ > + perl-module-strict \ > + perl-module-getopt-long \ > + perl-module-vars \ > + perl-module-warnings-register \ > + perl-module-exporter \ > + perl-module-constant \ > + perl-module-overload \ > + perl-module-exporter-heavy \ > +" > +RDEPENDS_${PN}-ptest += "file make" > + > +SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ > + file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ > + file://runtest.patch \ > + file://run-ptest \ > + file://automake-ensure-VPATH-builds-correctly.patch \ > + file://add-lxc.rebootsignal.patch \ > + file://document-lxc.rebootsignal.patch \ > + file://lxc-busybox-use-lxc.rebootsignal-SIGTERM.patch \ > + file://lxc-fix-B-S.patch \ > + file://lxc-busybox-add-OpenSSH-support.patch \ > + file://make-some-OpenSSH-tools-optional.patch \ > + file://Generate-lxc-restore-net-properly.patch \ > + " > + > +SRC_URI[md5sum] = "3ebadacf5fe8bfe689fd7a09812b682c" > +SRC_URI[sha256sum] = > "34ba517ffd7b38a14e5d12d56a4928b78602d56311d5f47c3ef90f4e714b9604" > + > +S = "${WORKDIR}/${BPN}-${PV}" > + > +# Let's not configure for the host distro. > +# > +PTEST_CONF = "${@base_contains('DISTRO_FEATURES', 'ptest', '--enable-tests', > '', d)}" > +EXTRA_OECONF += "--with-distro=${DISTRO} ${PTEST_CONF}" > + > +EXTRA_OECONF += "--with-init-script=\ > +${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit,', '', d)}\ > +${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" > + > +PACKAGECONFIG ??= "templates \ > + ${@base_contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ > +" > +PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc > --disable-api-docs,," > +PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,," > +PACKAGECONFIG[apparmour] = > "--enable-apparmor,--disable-apparmor,apparmor,apparmor" > +PACKAGECONFIG[templates] = ",,, ${PN}-templates" > +PACKAGECONFIG[selinux] = > "--enable-selinux,--disable-selinux,libselinux,libselinux" > +PACKAGECONFIG[seccomp] > ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp" > + > +inherit autotools pkgconfig ptest update-rc.d systemd > + > +SYSTEMD_PACKAGES = "${PN}-setup" > +SYSTEMD_SERVICE_${PN}-setup = "lxc.service" > +SYSTEMD_AUTO_ENABLE_${PN}-setup = "disable" > + > +INITSCRIPT_PACKAGES = "${PN}-setup" > +INITSCRIPT_NAME_{PN}-setup = "lxc" > +INITSCRIPT_PARAMS_${PN}-setup = "${OS_DEFAULT_INITSCRIPT_PARAMS}" > + > +FILES_${PN}-doc = "${mandir} ${infodir}" > +# For LXC the docdir only contains example configuration files and should be > included in the lxc package > +FILES_${PN} += "${docdir}" > +FILES_${PN}-dbg += "${libexecdir}/lxc/.debug" > +PACKAGES =+ "${PN}-templates ${PN}-setup" > +FILES_${PN}-templates += "${datadir}/lxc/templates" > +RDEPENDS_${PN}-templates += "bash" > + > +FILES_${PN}-setup += "/etc/tmpfiles.d" > +FILES_${PN}-setup += "/lib/systemd/system" > +FILES_${PN}-setup += "/usr/lib/systemd/system" > +FILES_${PN}-setup += "/etc/init.d" > + > +PRIVATE_LIBS_${PN}-ptest = "liblxc.so.1" > + > +do_install_append() { > + # The /var/cache/lxc directory created by the Makefile > + # is wiped out in volatile, we need to create this at boot. > + rm -rf ${D}${localstatedir}/cache > + install -d ${D}${sysconfdir}/default/volatiles > + echo "d root root 0755 ${localstatedir}/cache/lxc none" \ > + > ${D}${sysconfdir}/default/volatiles/99_lxc > + > + for i in `grep -l "#! */bin/bash" ${D}${datadir}/lxc/hooks/*`; do \ > + sed -e 's|#! */bin/bash|#!/bin/sh|' -i $i; done > + > + if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', > d)}; then > + install -d ${D}${sysconfdir}/init.d > + install -m 755 config/init/sysvinit/lxc* ${D}${sysconfdir}/init.d > + fi > +} > + > +EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests" > + > +do_install_ptest() { > + oe_runmake -C src/tests install-ptest > +} > + > +pkg_postinst_${PN}() { > + if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then > + /etc/init.d/populate-volatile.sh update > + fi > +} > + > +pkg_postinst_${PN}-setup() { > + if [ "x$D" != "x" ]; then > + exit 1 > + fi > + > + # setup for our bridge > + echo "lxc.network.link=lxcbr0" >> ${sysconfdir}/lxc/default.conf > + > +cat >> /etc/network/interfaces << EOF > + > +auto lxcbr0 > +iface lxcbr0 inet dhcp > + bridge_ports eth0 > + bridge_fd 0 > + bridge_maxwait 0 > +EOF > + > +cat<<EOF>/etc/network/if-pre-up.d/lxcbr0 > +#! /bin/sh > + > +if test "x\$IFACE" = xlxcbr0 ; then > + brctl show |grep lxcbr0 > /dev/null 2>/dev/null > + if [ \$? != 0 ] ; then > + brctl addbr lxcbr0 > + brctl addif lxcbr0 eth0 > + ip addr flush eth0 > + ifconfig eth0 up > + fi > +fi > +EOF > +chmod 755 /etc/network/if-pre-up.d/lxcbr0 > +} > -- > 1.8.3.2 > > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization -- "Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end" -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
