Message ID | 1455606196-52101-1-git-send-email-openwrt@daniel.thecshore.com |
---|---|
State | Changes Requested |
Delegated to: | Felix Fietkau |
Headers | show |
i think having lxc specific hooks sprayed over a pile a scripts is the wrong approach, so NAK on this one. John On 16/02/2016 08:03, openwrt@daniel.thecshore.com wrote: > From: Daniel Dickinson <openwrt@daniel.thecshore.com> > > I have a patch that it will be some time before I personally will have some time > to test but have noted that there are others interested in LXC on OpenWrt and > therefore am tossing out this untested patch in case someone is interested in > trying it out. > > Basically you can use this patch and build .tar.gz rootfs to use as your > LXC rootfs (that part I tested with a different way of generating the .tar.gz > that made a .tar.gz specifically for LXC) (i.e. don't use a template but > rather use lxc-create with the extracted tar.gz as your rootfs, assuming on the > LXC host you have enabled the appropriate kernrel parameters to be able to use > LXC). Generating the .tar.gz does *not* require the special kernel parameters, > and in fact for the .tar.gz the kernel build is mostly irrelevant since it's > just the rootfs). > > Two things need to be verified with this patch: > > 1) That is works correctly as LXC rootfs > 2) Confirmation of my test results that it doesn't break non-LXC builds (I use this patch on live systems and haven't seen any bad effects on non-LXC systems). > > Certain aspects of OpenWrt will fail when run as in LXC guest, > therefore detect when we are inside and LXC guest session and > avoid problematic actions. > > Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com> > --- > package/base-files/files/etc/init.d/boot | 14 +++++++------- > package/base-files/files/etc/init.d/clearvar | 15 +++++++++++++++ > package/base-files/files/etc/init.d/sysfixtime | 7 ++++++- > package/base-files/files/etc/uci-defaults/lxc-inittab | 13 +++++++++++++ > package/base-files/files/sbin/inlxc | 11 +++++++++++ > package/utils/busybox/files/sysntpd | 6 +++++- > 6 files changed, 57 insertions(+), 9 deletions(-) > create mode 100755 package/base-files/files/etc/init.d/clearvar > create mode 100644 package/base-files/files/etc/uci-defaults/lxc-inittab > create mode 100755 package/base-files/files/sbin/inlxc > > diff --git a/package/base-files/files/etc/init.d/boot b/package/base-files/files/etc/init.d/boot > index ccd0afe..23c45be 100755 > --- a/package/base-files/files/etc/init.d/boot > +++ b/package/base-files/files/etc/init.d/boot > @@ -18,9 +18,9 @@ uci_apply_defaults() { > } > > boot() { > - [ -f /proc/mounts ] || /sbin/mount_root > - [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc > - [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD > + /sbin/inlxc || [ -f /proc/mounts ] || /sbin/mount_root > + /sbin/inlxc || [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc > + /sbin/inlxc || [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD > > mkdir -p /var/run > mkdir -p /var/log > @@ -33,15 +33,15 @@ boot() { > touch /var/log/lastlog > touch /tmp/resolv.conf.auto > ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf > - grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug > + /sbin/inlxc || grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug > [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe > > - /sbin/kmodloader > + /sbin/inlxc || /sbin/kmodloader > > # allow wifi modules time to settle > sleep 1 > > - /sbin/wifi detect > /tmp/wireless.tmp > + /sbin/inlxc || /sbin/wifi detect > /tmp/wireless.tmp > [ -s /tmp/wireless.tmp ] && { > cat /tmp/wireless.tmp >> /etc/config/wireless > } > @@ -54,7 +54,7 @@ boot() { > /sbin/reload_config > > # create /dev/root if it doesn't exist > - [ -e /dev/root -o -h /dev/root ] || { > + /sbin/inlxc || [ -e /dev/root -o -h /dev/root ] || { > rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) > [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root > } > diff --git a/package/base-files/files/etc/init.d/clearvar b/package/base-files/files/etc/init.d/clearvar > new file mode 100755 > index 0000000..59fc607 > --- /dev/null > +++ b/package/base-files/files/etc/init.d/clearvar > @@ -0,0 +1,15 @@ > +#!/bin/sh /etc/rc.common > +# Copyright (C) 2013-2014 OpenWrt.org > + > +START=00 > + > +clearvar() { > + find /var -mindepth 1 ! -path '/var/run*' -print0 |xargs -0 rm -rf > + find /tmp/run -mindepth 1 ! -name ubus.sock -print0 |xargs -0 rm -rf > + mkdir /var/log /var/cache /var/state /var/etc /var/lock > +} > + > +boot() { > + /sbin/inlxc && clearvar > +} > + > diff --git a/package/base-files/files/etc/init.d/sysfixtime b/package/base-files/files/etc/init.d/sysfixtime > index ab946f6..2833b0d 100755 > --- a/package/base-files/files/etc/init.d/sysfixtime > +++ b/package/base-files/files/etc/init.d/sysfixtime > @@ -7,7 +7,7 @@ STOP=90 > RTC_DEV=/dev/rtc0 > HWCLOCK=/sbin/hwclock > > -boot() { > +sysfixtime() { > start && exit 0 > > local curtime="$(date +%s)" > @@ -23,3 +23,8 @@ stop() { > [ -e "$RTC_DEV" ] && [ -e "$HWCLOCK" ] && $HWCLOCK -w -f $RTC_DEV && \ > logger -t sysfixtime "saved '$(date)' to $RTC_DEV" > } > + > +boot() { > + /sbin/inlxc || sysfixtime > +} > + > diff --git a/package/base-files/files/etc/uci-defaults/lxc-inittab b/package/base-files/files/etc/uci-defaults/lxc-inittab > new file mode 100644 > index 0000000..fd1a4a9 > --- /dev/null > +++ b/package/base-files/files/etc/uci-defaults/lxc-inittab > @@ -0,0 +1,13 @@ > +#!/bin/sh > + > +if /sbin/inlxc; then > +cat >/etc/inittab <<EOF > +::sysinit:/etc/init.d/rcS S boot > +::shutdown:/etc/init.d/rcS K shutdown > +tty1::askfirst:/bin/ash --login > +tty2::askfirst:/bin/ash --login > +tty3::askfirst:/bin/ash --login > +tty4::askfirst:/bin/ash --login > +EOF > +fi > + > diff --git a/package/base-files/files/sbin/inlxc b/package/base-files/files/sbin/inlxc > new file mode 100755 > index 0000000..fd9754e > --- /dev/null > +++ b/package/base-files/files/sbin/inlxc > @@ -0,0 +1,11 @@ > +#!/bin/sh > + > +# Shamelessly stolen from virt-what (GPL-2+) > + > +if [ -e "/proc/1/environ" ] && > + cat "/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container='; then > + exit 0 > +fi > + > +exit 1 > + > diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd > index f73bb83..bbe005d 100755 > --- a/package/utils/busybox/files/sysntpd > +++ b/package/utils/busybox/files/sysntpd > @@ -12,7 +12,7 @@ validate_ntp_section() { > 'server:list(host)' 'enabled:bool:1' 'enable_server:bool:0' > } > > -start_service() { > +start_sysntpd() { > local server enabled enable_server peer > > validate_ntp_section ntp || { > @@ -35,6 +35,10 @@ start_service() { > procd_close_instance > } > > +start_service() { > + /sbin/inlxc || start_sysntpd > +} > + > service_triggers() > { > procd_add_reload_trigger "system" >
Felix didn't like my previous approach which was an lxc-specific tarball generation. Do either you have an actual suggestion of what you'd like to see, so that I can do something that will keep you both happy? Regards, Daniel On 16/02/16 02:10 AM, John Crispin wrote: > i think having lxc specific hooks sprayed over a pile a scripts is the > wrong approach, so NAK on this one. > > John > > > On 16/02/2016 08:03, openwrt@daniel.thecshore.com wrote: >> From: Daniel Dickinson <openwrt@daniel.thecshore.com> >> >> I have a patch that it will be some time before I personally will have some time >> to test but have noted that there are others interested in LXC on OpenWrt and >> therefore am tossing out this untested patch in case someone is interested in >> trying it out. >> >> Basically you can use this patch and build .tar.gz rootfs to use as your >> LXC rootfs (that part I tested with a different way of generating the .tar.gz >> that made a .tar.gz specifically for LXC) (i.e. don't use a template but >> rather use lxc-create with the extracted tar.gz as your rootfs, assuming on the >> LXC host you have enabled the appropriate kernrel parameters to be able to use >> LXC). Generating the .tar.gz does *not* require the special kernel parameters, >> and in fact for the .tar.gz the kernel build is mostly irrelevant since it's >> just the rootfs). >> >> Two things need to be verified with this patch: >> >> 1) That is works correctly as LXC rootfs >> 2) Confirmation of my test results that it doesn't break non-LXC builds (I use this patch on live systems and haven't seen any bad effects on non-LXC systems). >> >> Certain aspects of OpenWrt will fail when run as in LXC guest, >> therefore detect when we are inside and LXC guest session and >> avoid problematic actions. >> >> Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com> >> --- >> package/base-files/files/etc/init.d/boot | 14 +++++++------- >> package/base-files/files/etc/init.d/clearvar | 15 +++++++++++++++ >> package/base-files/files/etc/init.d/sysfixtime | 7 ++++++- >> package/base-files/files/etc/uci-defaults/lxc-inittab | 13 +++++++++++++ >> package/base-files/files/sbin/inlxc | 11 +++++++++++ >> package/utils/busybox/files/sysntpd | 6 +++++- >> 6 files changed, 57 insertions(+), 9 deletions(-) >> create mode 100755 package/base-files/files/etc/init.d/clearvar >> create mode 100644 package/base-files/files/etc/uci-defaults/lxc-inittab >> create mode 100755 package/base-files/files/sbin/inlxc >> >> diff --git a/package/base-files/files/etc/init.d/boot b/package/base-files/files/etc/init.d/boot >> index ccd0afe..23c45be 100755 >> --- a/package/base-files/files/etc/init.d/boot >> +++ b/package/base-files/files/etc/init.d/boot >> @@ -18,9 +18,9 @@ uci_apply_defaults() { >> } >> >> boot() { >> - [ -f /proc/mounts ] || /sbin/mount_root >> - [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc >> - [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD >> + /sbin/inlxc || [ -f /proc/mounts ] || /sbin/mount_root >> + /sbin/inlxc || [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc >> + /sbin/inlxc || [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD >> >> mkdir -p /var/run >> mkdir -p /var/log >> @@ -33,15 +33,15 @@ boot() { >> touch /var/log/lastlog >> touch /tmp/resolv.conf.auto >> ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf >> - grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug >> + /sbin/inlxc || grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug >> [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe >> >> - /sbin/kmodloader >> + /sbin/inlxc || /sbin/kmodloader >> >> # allow wifi modules time to settle >> sleep 1 >> >> - /sbin/wifi detect > /tmp/wireless.tmp >> + /sbin/inlxc || /sbin/wifi detect > /tmp/wireless.tmp >> [ -s /tmp/wireless.tmp ] && { >> cat /tmp/wireless.tmp >> /etc/config/wireless >> } >> @@ -54,7 +54,7 @@ boot() { >> /sbin/reload_config >> >> # create /dev/root if it doesn't exist >> - [ -e /dev/root -o -h /dev/root ] || { >> + /sbin/inlxc || [ -e /dev/root -o -h /dev/root ] || { >> rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) >> [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root >> } >> diff --git a/package/base-files/files/etc/init.d/clearvar b/package/base-files/files/etc/init.d/clearvar >> new file mode 100755 >> index 0000000..59fc607 >> --- /dev/null >> +++ b/package/base-files/files/etc/init.d/clearvar >> @@ -0,0 +1,15 @@ >> +#!/bin/sh /etc/rc.common >> +# Copyright (C) 2013-2014 OpenWrt.org >> + >> +START=00 >> + >> +clearvar() { >> + find /var -mindepth 1 ! -path '/var/run*' -print0 |xargs -0 rm -rf >> + find /tmp/run -mindepth 1 ! -name ubus.sock -print0 |xargs -0 rm -rf >> + mkdir /var/log /var/cache /var/state /var/etc /var/lock >> +} >> + >> +boot() { >> + /sbin/inlxc && clearvar >> +} >> + >> diff --git a/package/base-files/files/etc/init.d/sysfixtime b/package/base-files/files/etc/init.d/sysfixtime >> index ab946f6..2833b0d 100755 >> --- a/package/base-files/files/etc/init.d/sysfixtime >> +++ b/package/base-files/files/etc/init.d/sysfixtime >> @@ -7,7 +7,7 @@ STOP=90 >> RTC_DEV=/dev/rtc0 >> HWCLOCK=/sbin/hwclock >> >> -boot() { >> +sysfixtime() { >> start && exit 0 >> >> local curtime="$(date +%s)" >> @@ -23,3 +23,8 @@ stop() { >> [ -e "$RTC_DEV" ] && [ -e "$HWCLOCK" ] && $HWCLOCK -w -f $RTC_DEV && \ >> logger -t sysfixtime "saved '$(date)' to $RTC_DEV" >> } >> + >> +boot() { >> + /sbin/inlxc || sysfixtime >> +} >> + >> diff --git a/package/base-files/files/etc/uci-defaults/lxc-inittab b/package/base-files/files/etc/uci-defaults/lxc-inittab >> new file mode 100644 >> index 0000000..fd1a4a9 >> --- /dev/null >> +++ b/package/base-files/files/etc/uci-defaults/lxc-inittab >> @@ -0,0 +1,13 @@ >> +#!/bin/sh >> + >> +if /sbin/inlxc; then >> +cat >/etc/inittab <<EOF >> +::sysinit:/etc/init.d/rcS S boot >> +::shutdown:/etc/init.d/rcS K shutdown >> +tty1::askfirst:/bin/ash --login >> +tty2::askfirst:/bin/ash --login >> +tty3::askfirst:/bin/ash --login >> +tty4::askfirst:/bin/ash --login >> +EOF >> +fi >> + >> diff --git a/package/base-files/files/sbin/inlxc b/package/base-files/files/sbin/inlxc >> new file mode 100755 >> index 0000000..fd9754e >> --- /dev/null >> +++ b/package/base-files/files/sbin/inlxc >> @@ -0,0 +1,11 @@ >> +#!/bin/sh >> + >> +# Shamelessly stolen from virt-what (GPL-2+) >> + >> +if [ -e "/proc/1/environ" ] && >> + cat "/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container='; then >> + exit 0 >> +fi >> + >> +exit 1 >> + >> diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd >> index f73bb83..bbe005d 100755 >> --- a/package/utils/busybox/files/sysntpd >> +++ b/package/utils/busybox/files/sysntpd >> @@ -12,7 +12,7 @@ validate_ntp_section() { >> 'server:list(host)' 'enabled:bool:1' 'enable_server:bool:0' >> } >> >> -start_service() { >> +start_sysntpd() { >> local server enabled enable_server peer >> >> validate_ntp_section ntp || { >> @@ -35,6 +35,10 @@ start_service() { >> procd_close_instance >> } >> >> +start_service() { >> + /sbin/inlxc || start_sysntpd >> +} >> + >> service_triggers() >> { >> procd_add_reload_trigger "system" >> >
diff --git a/package/base-files/files/etc/init.d/boot b/package/base-files/files/etc/init.d/boot index ccd0afe..23c45be 100755 --- a/package/base-files/files/etc/init.d/boot +++ b/package/base-files/files/etc/init.d/boot @@ -18,9 +18,9 @@ uci_apply_defaults() { } boot() { - [ -f /proc/mounts ] || /sbin/mount_root - [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc - [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD + /sbin/inlxc || [ -f /proc/mounts ] || /sbin/mount_root + /sbin/inlxc || [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc + /sbin/inlxc || [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD mkdir -p /var/run mkdir -p /var/log @@ -33,15 +33,15 @@ boot() { touch /var/log/lastlog touch /tmp/resolv.conf.auto ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf - grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug + /sbin/inlxc || grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe - /sbin/kmodloader + /sbin/inlxc || /sbin/kmodloader # allow wifi modules time to settle sleep 1 - /sbin/wifi detect > /tmp/wireless.tmp + /sbin/inlxc || /sbin/wifi detect > /tmp/wireless.tmp [ -s /tmp/wireless.tmp ] && { cat /tmp/wireless.tmp >> /etc/config/wireless } @@ -54,7 +54,7 @@ boot() { /sbin/reload_config # create /dev/root if it doesn't exist - [ -e /dev/root -o -h /dev/root ] || { + /sbin/inlxc || [ -e /dev/root -o -h /dev/root ] || { rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root } diff --git a/package/base-files/files/etc/init.d/clearvar b/package/base-files/files/etc/init.d/clearvar new file mode 100755 index 0000000..59fc607 --- /dev/null +++ b/package/base-files/files/etc/init.d/clearvar @@ -0,0 +1,15 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2013-2014 OpenWrt.org + +START=00 + +clearvar() { + find /var -mindepth 1 ! -path '/var/run*' -print0 |xargs -0 rm -rf + find /tmp/run -mindepth 1 ! -name ubus.sock -print0 |xargs -0 rm -rf + mkdir /var/log /var/cache /var/state /var/etc /var/lock +} + +boot() { + /sbin/inlxc && clearvar +} + diff --git a/package/base-files/files/etc/init.d/sysfixtime b/package/base-files/files/etc/init.d/sysfixtime index ab946f6..2833b0d 100755 --- a/package/base-files/files/etc/init.d/sysfixtime +++ b/package/base-files/files/etc/init.d/sysfixtime @@ -7,7 +7,7 @@ STOP=90 RTC_DEV=/dev/rtc0 HWCLOCK=/sbin/hwclock -boot() { +sysfixtime() { start && exit 0 local curtime="$(date +%s)" @@ -23,3 +23,8 @@ stop() { [ -e "$RTC_DEV" ] && [ -e "$HWCLOCK" ] && $HWCLOCK -w -f $RTC_DEV && \ logger -t sysfixtime "saved '$(date)' to $RTC_DEV" } + +boot() { + /sbin/inlxc || sysfixtime +} + diff --git a/package/base-files/files/etc/uci-defaults/lxc-inittab b/package/base-files/files/etc/uci-defaults/lxc-inittab new file mode 100644 index 0000000..fd1a4a9 --- /dev/null +++ b/package/base-files/files/etc/uci-defaults/lxc-inittab @@ -0,0 +1,13 @@ +#!/bin/sh + +if /sbin/inlxc; then +cat >/etc/inittab <<EOF +::sysinit:/etc/init.d/rcS S boot +::shutdown:/etc/init.d/rcS K shutdown +tty1::askfirst:/bin/ash --login +tty2::askfirst:/bin/ash --login +tty3::askfirst:/bin/ash --login +tty4::askfirst:/bin/ash --login +EOF +fi + diff --git a/package/base-files/files/sbin/inlxc b/package/base-files/files/sbin/inlxc new file mode 100755 index 0000000..fd9754e --- /dev/null +++ b/package/base-files/files/sbin/inlxc @@ -0,0 +1,11 @@ +#!/bin/sh + +# Shamelessly stolen from virt-what (GPL-2+) + +if [ -e "/proc/1/environ" ] && + cat "/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container='; then + exit 0 +fi + +exit 1 + diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd index f73bb83..bbe005d 100755 --- a/package/utils/busybox/files/sysntpd +++ b/package/utils/busybox/files/sysntpd @@ -12,7 +12,7 @@ validate_ntp_section() { 'server:list(host)' 'enabled:bool:1' 'enable_server:bool:0' } -start_service() { +start_sysntpd() { local server enabled enable_server peer validate_ntp_section ntp || { @@ -35,6 +35,10 @@ start_service() { procd_close_instance } +start_service() { + /sbin/inlxc || start_sysntpd +} + service_triggers() { procd_add_reload_trigger "system"