diff options
-rw-r--r-- | app-emulation/lxc/Manifest | 5 | ||||
-rw-r--r-- | app-emulation/lxc/files/lxc.initd.2 | 132 | ||||
-rw-r--r-- | app-emulation/lxc/lxc-0.8.0-r2.ebuild | 145 | ||||
-rw-r--r-- | app-emulation/lxc/metadata.xml | 21 |
4 files changed, 303 insertions, 0 deletions
diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest new file mode 100644 index 0000000..389d4af --- /dev/null +++ b/app-emulation/lxc/Manifest @@ -0,0 +1,5 @@ +AUX lxc.initd.2 3673 SHA256 bb7780168695e934549909c5c7baa7d6cdc92b0e19093a3d04a1313081a832e1 SHA512 25b0474d6f16fcede89a8e17518a658f810cb554eaef10aae3ce1fdd8c8640118aa6375cbee443f0b26e8086eb7c25375ceaaaf29a4110bd779f94b2f4b0d300 WHIRLPOOL 28f56d71b95b26c7f6ad5402a37413a973bc7bdf08fd3963ad192888ae1b49809a56c16009bc6049061d419ecffb1279e153e6ef5acbe06956efca154eae6a01 +DIST lxc-0.8.0-backports-1.tar.xz 2424 SHA256 5b68b96b9fbc2d0f5b2ad2e7fb996a3d837114237a306de39d9939f31756a522 SHA512 9898d78836cc546e80015a18070e3976118d2efb006584ecfb2887a4474598766e023eb6c120c16dae2e94dddc33c8a4e928fd44bc6fb2260a1913c06f5d374e WHIRLPOOL ef11f25ec8891f431be7aed32b38c0cc51e1096a37ea71c38aed4448ab0305784b510e2b55bdc73e5ef2128344a6c88adb3add798323f77e276b5185e53f5ef9 +DIST lxc-0.8.0.tar.gz 309973 SHA256 eac833730b94e423d4bef6834bc4a716437d2abd6ab8b24334c506aaaa08692c SHA512 47333e2010d0f4488b8876ba933f2d26304874bec0371a7ab3b6e5bd1a50a7d2312ff8507e273f1ee2341a7f2e3b79cd71e5e19ac31006a4e429ee96b01733f6 WHIRLPOOL 693b7d354dec7c6102d5ce3a42a9b618e213fd9ee8c592068ebadb7f25094606abce6c3da77b483fab0938410215010f71d487f336856c87327d6a98f20b65dd +EBUILD lxc-0.8.0-r2.ebuild 4536 SHA256 fcd89b9314a8327590ae6a42b85398d2ad6470a145ddcdd62c71b56a650e1c5b SHA512 af628627a08d1e40d9de25b711baeaf4e5e89ec66a2561336dad4e393f2469cd32624bc13e72108ee6c51aeee23bd156c4e9a8fa30f7a67addc3f722a8adab2d WHIRLPOOL 20dca3720ac9a67238adbc485df207ffff040c2e241e09a22e89b6693f51300a705efcbfb3fec7f222d3da43e9e6a53d9ecf173740b0b4195f2542219e235aa0 +MISC metadata.xml 653 SHA256 35f64761067f47ff7abd0e3f3cb57f4bab888a2546bf3267d59987505101a190 SHA512 d227bc432c37518190c224b280116439dde42678f93925ae3a8eb2d2e91918377b33171d8e72ae4ab12f3e5d9faead4223a60e53bb4916d7770982deb64b0b70 WHIRLPOOL 4067036bca1ad2906cdba69c42c0ca5b14042ad7eab2ac8e9a2fbe4eb61e8a3972e4d40b6d9d6e7109a0d2f84a8598a8a9560dbddd43b35633f44ad5362937b0 diff --git a/app-emulation/lxc/files/lxc.initd.2 b/app-emulation/lxc/files/lxc.initd.2 new file mode 100644 index 0000000..72680d8 --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.2 @@ -0,0 +1,132 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/files/lxc.initd.2,v 1.6 2012/11/14 02:15:10 flameeyes Exp $ + +CONTAINER=${SVCNAME#*.} + +lxc_get_configfile() { + if [ -f "/etc/lxc/${CONTAINER}.conf" ]; then + echo "/etc/lxc/${CONTAINER}.conf" + elif [ -f "/etc/lxc/${CONTAINER}/config" ]; then + echo "/etc/lxc/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.utsname) + if [ ${CONTAINER} != ${utsname} ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + + # find out which network interface the container is linked to, + # and then require that to be enabled, so that the + # dependencies are correct. + netif=$(lxc_get_var lxc.network.link) + + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + nettype=$(lxc_get_var lxc.network.type) + + if [ -n "${netif}" ]; then + case "${nettype}" in + phys) use net.${netif} ;; + *) need net.${netif} ;; + esac + fi +} + +start() { + checkconfig || return 1 + rm /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting ${CONTAINER}" + env -i ${setarch} $(type -p lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 0.5 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] + eend $? +} + +stop() { + checkconfig || return 1 + + + if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + init_pid=$(lxc-info -n ${CONTAINER} --pid | awk '{ print $2 }') + + if [ "${init_pid}" = "-1" ]; then + ewarn "${CONTAINER} doesn't seem to be running." + return 0 + fi + + ebegin "Shutting down system in ${CONTAINER}" + kill -PWR ${init_pid} + eend $? + + TIMEOUT=${TIMEOUT:-30} + i=0 + while [ -n "$(pgrep -P ${init_pid})" -a $i -lt ${TIMEOUT} ]; do + sleep 1 + i=$(expr $i + 1) + done + + if [ -n "${missingprocs}" ]; then + ewarn "Something failed to properly shut down in ${CONTAINER}" + fi + + ebegin "Stopping ${CONTAINER}" + lxc-stop -n ${CONTAINER} + eend $? +} diff --git a/app-emulation/lxc/lxc-0.8.0-r2.ebuild b/app-emulation/lxc/lxc-0.8.0-r2.ebuild new file mode 100644 index 0000000..c380acc --- /dev/null +++ b/app-emulation/lxc/lxc-0.8.0-r2.ebuild @@ -0,0 +1,145 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/lxc-0.8.0-r1.ebuild,v 1.1 2012/11/14 02:15:10 flameeyes Exp $ + +EAPI="4" + +MY_P="${P/_/-}" + +BACKPORTS=1 + +WANT_AUTOMAKE="1.12" + +inherit eutils linux-info versionator flag-o-matic autotools + +if [[ -n ${BACKPORTS} ]]; then + inherit autotools +fi + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="http://lxc.sourceforge.net/" +SRC_URI="http://lxc.sourceforge.net/download/lxc/${MY_P}.tar.gz + ${BACKPORTS:+http://dev.gentoo.org/~flameeyes/${PN}/${MY_P}-backports-${BACKPORTS}.tar.xz}" +S="${WORKDIR}/${MY_P}" + +KEYWORDS="~amd64 ~ppc64 ~x86" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="examples" + +RDEPEND="sys-libs/libcap" + +DEPEND="${RDEPEND} + app-text/docbook-sgml-utils + >=sys-kernel/linux-headers-3.2" + +RDEPEND="${RDEPEND} + sys-apps/util-linux + app-misc/pax-utils + >=sys-apps/openrc-0.9.9.1 + virtual/awk" + +CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE + ~CPUSETS ~CGROUP_CPUACCT + ~RESOURCE_COUNTERS + ~CGROUP_SCHED + + ~NAMESPACES + ~IPC_NS ~USER_NS ~PID_NS + + ~DEVPTS_MULTIPLE_INSTANCES + ~CGROUP_FREEZER + ~UTS_NS ~NET_NS + ~VETH ~MACVLAN + + ~POSIX_MQUEUE + ~!NETPRIO_CGROUP + + ~!GRKERNSEC_CHROOT_MOUNT + ~!GRKERNSEC_CHROOT_DOUBLE + ~!GRKERNSEC_CHROOT_PIVOT + ~!GRKERNSEC_CHROOT_CHMOD + ~!GRKERNSEC_CHROOT_CAPS +" + +ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES: needed for pts inside container" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" + +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" + +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" + +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" + +ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP: as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting." + +ERROR_GRKERNSEC_CHROOT_MOUNT=":CONFIG_GRKERNSEC_CHROOT_MOUNT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_DOUBLE=":CONFIG_GRKERNSEC_CHROOT_DOUBLE some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_PIVOT=":CONFIG_GRKERNSEC_CHROOT_PIVOT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CHMOD=":CONFIG_GRKERNSEC_CHROOT_CHMOD some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CAPS=":CONFIG_GRKERNSEC_CHROOT_CAPS some GRSEC features make LXC unusable see postinst notes" + +DOCS=(AUTHORS CONTRIBUTING MAINTAINERS TODO README doc/FAQ.txt) + +src_prepare() { + if [[ -n ${BACKPORTS} ]]; then + epatch "${WORKDIR}"/patches/* + eautoreconf + fi +} + +src_configure() { + append-flags -fno-strict-aliasing + + econf \ + --localstatedir=/var \ + --bindir=/usr/sbin \ + --docdir=/usr/share/doc/${PF} \ + --with-config-path=/etc/lxc \ + --with-rootfs-path=/usr/lib/lxc/rootfs \ + --enable-doc \ + --disable-apparmor \ + $(use_enable examples) +} + +src_install() { + default + + rm -r "${D}"/usr/sbin/lxc-setcap \ + || die "unable to remove lxc-setcap" + + keepdir /etc/lxc /usr/lib/lxc/rootfs + + find "${D}" -name '*.la' -delete + + # Gentoo-specific additions! + newinitd "${FILESDIR}/${PN}.initd.2" ${PN} + keepdir /var/log/lxc +} + +pkg_postinst() { + elog "There is an init script provided with the package now; no documentation" + elog "is currently available though, so please check out /etc/init.d/lxc ." + elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname" + elog "to start the container defined into /etc/lxc/configname.conf ." + elog "For further information about LXC development see" + elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available + elog "" + ewarn "With version 0.7.4, the mountpoint syntax came back to the one used by 0.7.2" + ewarn "and previous versions. This means you'll have to use syntax like the following" + ewarn "" + ewarn " lxc.rootfs = /container" + ewarn " lxc.mount.entry = /usr/portage /container/usr/portage none bind 0 0" + ewarn "" + ewarn "To use the Fedora, Debian and (various) Ubuntu auto-configuration scripts, you" + ewarn "will need sys-apps/yum or dev-util/debootstrap." + ewarn "" + ewarn "Some GrSecurity settings in relation to chroot security will cause LXC not to" + ewarn "work, while others will actually make it much more secure. Please refer to" + ewarn "Diego Elio Pettenò's weblog at http://blog.flameeyes.eu/tag/lxc for further" + ewarn "details." +} diff --git a/app-emulation/lxc/metadata.xml b/app-emulation/lxc/metadata.xml new file mode 100644 index 0000000..694fd72 --- /dev/null +++ b/app-emulation/lxc/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>virtualization</herd> + <maintainer> + <email>flameeyes@gentoo.org</email> + </maintainer> + <maintainer> + <email>dev-zero@gentoo.org</email> + </maintainer> + + <use> + <flag name="vanilla"> + Avoid adding Gentoo Linux-specific modifications, which include + the custom init script. This is present as a flag to avoid + forcing dependencies over users that might not want have them + around as they use LXC in contexts where the init script is not + useful. + </flag> + </use> +</pkgmetadata> |