From 28d14b0cf17291f27055d241639d78174a43667b Mon Sep 17 00:00:00 2001 From: Oleg Vinichenko Date: Fri, 20 Sep 2013 17:23:34 +0000 Subject: [PATCH] FL-744: correct lxc init script to support Funtoo's corenetwork --- app-emulation/lxc/Manifest | 4 + app-emulation/lxc/files/lxc.initd.2 | 132 +++++++++++++++++++ app-emulation/lxc/files/lxc.initd.3 | 130 +++++++++++++++++++ app-emulation/lxc/lxc-0.8.0-r1.ebuild | 142 +++++++++++++++++++++ app-emulation/lxc/lxc-0.8.0_rc2-r1.ebuild | 148 ++++++++++++++++++++++ app-emulation/lxc/metadata.xml | 20 +++ 6 files changed, 576 insertions(+) create mode 100644 app-emulation/lxc/Manifest create mode 100644 app-emulation/lxc/files/lxc.initd.2 create mode 100644 app-emulation/lxc/files/lxc.initd.3 create mode 100644 app-emulation/lxc/lxc-0.8.0-r1.ebuild create mode 100644 app-emulation/lxc/lxc-0.8.0_rc2-r1.ebuild create mode 100644 app-emulation/lxc/metadata.xml diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest new file mode 100644 index 000000000..7c00d67ff --- /dev/null +++ b/app-emulation/lxc/Manifest @@ -0,0 +1,4 @@ +DIST lxc-0.8.0-backports-1.tar.xz 2424 SHA256 5b68b96b9fbc2d0f5b2ad2e7fb996a3d837114237a306de39d9939f31756a522 SHA512 9898d78836cc546e80015a18070e3976118d2efb006584ecfb2887a4474598766e023eb6c120c16dae2e94dddc33c8a4e928fd44bc6fb2260a1913c06f5d374e WHIRLPOOL ef11f25ec8891f431be7aed32b38c0cc51e1096a37ea71c38aed4448ab0305784b510e2b55bdc73e5ef2128344a6c88adb3add798323f77e276b5185e53f5ef9 +DIST lxc-0.8.0-rc2-backports-2.tar.xz 4616 SHA256 c371817b5be47ed70dea410a32dc434a060073992d5299d2c88853de79aa2111 SHA512 ca646ae325a4cf94632c443397834a8a7dc004874b528d2d685b698b3eda1e72e09ecfd68899b9c0cd17d5d7bf1a62230dd6d17d26f73d2d4ecbf1932c31b996 WHIRLPOOL 76deca3e2b7fe306c0e2f538759fb33656f08c52d1b59570edc6f3d2444d387a0f7944f759baf41402e747eb055ab403a82a40b95ba0c7d42d0644a5f990e851 +DIST lxc-0.8.0-rc2.tar.gz 302999 SHA256 1f0ee0464507d26e494784e841b68c765ecd3abc5976012e226f69d1aa361bef SHA512 e6608f980489f67d412c9a50f8c3f65c1afbba520dfdfe2b695c597c2706544291f31c8cfca2d86cfbab09029f8a5706fae5ab72f1c45dccca5f7e2ae8851181 WHIRLPOOL b41fe7e14315b9e6702070535edfee68379c01fba23d143c5f11afa20f6d392c8bc32953da46ec3f74d7a2affe9f828d918f23a8a16c430e3b8ffcc9b2c10057 +DIST lxc-0.8.0.tar.gz 309973 SHA256 eac833730b94e423d4bef6834bc4a716437d2abd6ab8b24334c506aaaa08692c SHA512 47333e2010d0f4488b8876ba933f2d26304874bec0371a7ab3b6e5bd1a50a7d2312ff8507e273f1ee2341a7f2e3b79cd71e5e19ac31006a4e429ee96b01733f6 WHIRLPOOL 693b7d354dec7c6102d5ce3a42a9b618e213fd9ee8c592068ebadb7f25094606abce6c3da77b483fab0938410215010f71d487f336856c87327d6a98f20b65dd diff --git a/app-emulation/lxc/files/lxc.initd.2 b/app-emulation/lxc/files/lxc.initd.2 new file mode 100644 index 000000000..72680d8f9 --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.2 @@ -0,0 +1,132 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/files/lxc.initd.2,v 1.6 2012/11/14 02:15:10 flameeyes Exp $ + +CONTAINER=${SVCNAME#*.} + +lxc_get_configfile() { + if [ -f "/etc/lxc/${CONTAINER}.conf" ]; then + echo "/etc/lxc/${CONTAINER}.conf" + elif [ -f "/etc/lxc/${CONTAINER}/config" ]; then + echo "/etc/lxc/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.utsname) + if [ ${CONTAINER} != ${utsname} ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + + # find out which network interface the container is linked to, + # and then require that to be enabled, so that the + # dependencies are correct. + netif=$(lxc_get_var lxc.network.link) + + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + nettype=$(lxc_get_var lxc.network.type) + + if [ -n "${netif}" ]; then + case "${nettype}" in + phys) use net.${netif} ;; + *) need net.${netif} ;; + esac + fi +} + +start() { + checkconfig || return 1 + rm /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting ${CONTAINER}" + env -i ${setarch} $(type -p lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 0.5 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] + eend $? +} + +stop() { + checkconfig || return 1 + + + if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + init_pid=$(lxc-info -n ${CONTAINER} --pid | awk '{ print $2 }') + + if [ "${init_pid}" = "-1" ]; then + ewarn "${CONTAINER} doesn't seem to be running." + return 0 + fi + + ebegin "Shutting down system in ${CONTAINER}" + kill -PWR ${init_pid} + eend $? + + TIMEOUT=${TIMEOUT:-30} + i=0 + while [ -n "$(pgrep -P ${init_pid})" -a $i -lt ${TIMEOUT} ]; do + sleep 1 + i=$(expr $i + 1) + done + + if [ -n "${missingprocs}" ]; then + ewarn "Something failed to properly shut down in ${CONTAINER}" + fi + + ebegin "Stopping ${CONTAINER}" + lxc-stop -n ${CONTAINER} + eend $? +} diff --git a/app-emulation/lxc/files/lxc.initd.3 b/app-emulation/lxc/files/lxc.initd.3 new file mode 100644 index 000000000..1402f8697 --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.3 @@ -0,0 +1,130 @@ +#!/sbin/runscript +# Distributed under the terms of the GNU General Public License v2 + +CONTAINER=${SVCNAME#*.} + +lxc_get_configfile() { + if [ -f "/etc/lxc/${CONTAINER}.conf" ]; then + echo "/etc/lxc/${CONTAINER}.conf" + elif [ -f "/etc/lxc/${CONTAINER}/config" ]; then + echo "/etc/lxc/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.utsname) + if [ ${CONTAINER} != ${utsname} ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + + # find out which network interface the container is linked to, + # and then require that to be enabled, so that the + # dependencies are correct. + netif=$(lxc_get_var lxc.network.link) + + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + nettype=$(lxc_get_var lxc.network.type) + + if [ -n "${netif}" ]; then + case "${nettype}" in + phys) use netif.${netif} ;; + *) need netif.${netif} ;; + esac + fi +} + +start() { + checkconfig || return 1 + rm /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting ${CONTAINER}" + env -i ${setarch} $(type -p lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 0.5 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] + eend $? +} + +stop() { + checkconfig || return 1 + + + if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + init_pid=$(lxc-info -n ${CONTAINER} --pid | awk '{ print $2 }') + + if [ "${init_pid}" = "-1" ]; then + ewarn "${CONTAINER} doesn't seem to be running." + return 0 + fi + + ebegin "Shutting down system in ${CONTAINER}" + kill -PWR ${init_pid} + eend $? + + TIMEOUT=${TIMEOUT:-30} + i=0 + while [ -n "$(pgrep -P ${init_pid})" -a $i -lt ${TIMEOUT} ]; do + sleep 1 + i=$(expr $i + 1) + done + + if [ -n "${missingprocs}" ]; then + ewarn "Something failed to properly shut down in ${CONTAINER}" + fi + + ebegin "Stopping ${CONTAINER}" + lxc-stop -n ${CONTAINER} + eend $? +} diff --git a/app-emulation/lxc/lxc-0.8.0-r1.ebuild b/app-emulation/lxc/lxc-0.8.0-r1.ebuild new file mode 100644 index 000000000..884f03a45 --- /dev/null +++ b/app-emulation/lxc/lxc-0.8.0-r1.ebuild @@ -0,0 +1,142 @@ +# Distributed under the terms of the GNU General Public License v2 + +EAPI="4" + +MY_P="${P/_/-}" + +BACKPORTS=1 + +inherit eutils linux-info versionator flag-o-matic + +if [[ -n ${BACKPORTS} ]]; then + inherit autotools +fi + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="http://lxc.sourceforge.net/" +SRC_URI="http://lxc.sourceforge.net/download/lxc/${MY_P}.tar.gz + ${BACKPORTS:+http://dev.gentoo.org/~flameeyes/${PN}/${MY_P}-backports-${BACKPORTS}.tar.xz}" +S="${WORKDIR}/${MY_P}" + +KEYWORDS="~*" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="examples" + +RDEPEND="sys-libs/libcap" + +DEPEND="${RDEPEND} + app-text/docbook-sgml-utils + >=sys-kernel/linux-headers-3.2" + +RDEPEND="${RDEPEND} + sys-apps/util-linux + app-misc/pax-utils + >=sys-apps/openrc-0.9.9.1 + virtual/awk" + +CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE + ~CPUSETS ~CGROUP_CPUACCT + ~RESOURCE_COUNTERS + ~CGROUP_SCHED + + ~NAMESPACES + ~IPC_NS ~USER_NS ~PID_NS + + ~DEVPTS_MULTIPLE_INSTANCES + ~CGROUP_FREEZER + ~UTS_NS ~NET_NS + ~VETH ~MACVLAN + + ~POSIX_MQUEUE + ~!NETPRIO_CGROUP + + ~!GRKERNSEC_CHROOT_MOUNT + ~!GRKERNSEC_CHROOT_DOUBLE + ~!GRKERNSEC_CHROOT_PIVOT + ~!GRKERNSEC_CHROOT_CHMOD + ~!GRKERNSEC_CHROOT_CAPS +" + +ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES: needed for pts inside container" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" + +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" + +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" + +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" + +ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP: as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting." + +ERROR_GRKERNSEC_CHROOT_MOUNT=":CONFIG_GRKERNSEC_CHROOT_MOUNT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_DOUBLE=":CONFIG_GRKERNSEC_CHROOT_DOUBLE some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_PIVOT=":CONFIG_GRKERNSEC_CHROOT_PIVOT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CHMOD=":CONFIG_GRKERNSEC_CHROOT_CHMOD some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CAPS=":CONFIG_GRKERNSEC_CHROOT_CAPS some GRSEC features make LXC unusable see postinst notes" + +DOCS=(AUTHORS CONTRIBUTING MAINTAINERS TODO README doc/FAQ.txt) + +src_prepare() { + sed -i 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/g' configure.ac || die + if [[ -n ${BACKPORTS} ]]; then + epatch "${WORKDIR}"/patches/* + eautoreconf + fi +} + +src_configure() { + append-flags -fno-strict-aliasing + + econf \ + --localstatedir=/var \ + --bindir=/usr/sbin \ + --docdir=/usr/share/doc/${PF} \ + --with-config-path=/etc/lxc \ + --with-rootfs-path=/usr/lib/lxc/rootfs \ + --enable-doc \ + --disable-apparmor \ + $(use_enable examples) +} + +src_install() { + default + + rm -r "${D}"/usr/sbin/lxc-setcap \ + || die "unable to remove lxc-setcap" + + keepdir /etc/lxc /usr/lib/lxc/rootfs + + find "${D}" -name '*.la' -delete + + # Gentoo-specific additions! + newinitd "${FILESDIR}/${PN}.initd.3" ${PN} + keepdir /var/log/lxc +} + +pkg_postinst() { + elog "There is an init script provided with the package now; no documentation" + elog "is currently available though, so please check out /etc/init.d/lxc ." + elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname" + elog "to start the container defined into /etc/lxc/configname.conf ." + elog "For further information about LXC development see" + elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available + elog "" + ewarn "With version 0.7.4, the mountpoint syntax came back to the one used by 0.7.2" + ewarn "and previous versions. This means you'll have to use syntax like the following" + ewarn "" + ewarn " lxc.rootfs = /container" + ewarn " lxc.mount.entry = /usr/portage /container/usr/portage none bind 0 0" + ewarn "" + ewarn "To use the Fedora, Debian and (various) Ubuntu auto-configuration scripts, you" + ewarn "will need sys-apps/yum or dev-util/debootstrap." + ewarn "" + ewarn "Some GrSecurity settings in relation to chroot security will cause LXC not to" + ewarn "work, while others will actually make it much more secure. Please refer to" + ewarn "Diego Elio Pettenò's weblog at http://blog.flameeyes.eu/tag/lxc for further" + ewarn "details." +} diff --git a/app-emulation/lxc/lxc-0.8.0_rc2-r1.ebuild b/app-emulation/lxc/lxc-0.8.0_rc2-r1.ebuild new file mode 100644 index 000000000..c31a9219b --- /dev/null +++ b/app-emulation/lxc/lxc-0.8.0_rc2-r1.ebuild @@ -0,0 +1,148 @@ +# Distributed under the terms of the GNU General Public License v2 + +EAPI="4" + +MY_P="${P/_/-}" + +BACKPORTS=2 + +inherit eutils linux-info versionator flag-o-matic + +if [[ -n ${BACKPORTS} ]]; then + inherit autotools +fi + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="http://lxc.sourceforge.net/" +SRC_URI="http://lxc.sourceforge.net/download/lxc/${MY_P}.tar.gz + ${BACKPORTS:+http://dev.gentoo.org/~flameeyes/${PN}/${MY_P}-backports-${BACKPORTS}.tar.xz}" +S="${WORKDIR}/${MY_P}" + +KEYWORDS="~*" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="examples vanilla" + +RDEPEND="sys-libs/libcap" + +DEPEND="${RDEPEND} + app-text/docbook-sgml-utils + >=sys-kernel/linux-headers-3.2" + +# For init script, so protect with vanilla, they are not strictly +# needed. +RDEPEND="${RDEPEND} + !vanilla? ( + sys-apps/util-linux + app-misc/pax-utils + >=sys-apps/openrc-0.9.9.1 + virtual/awk + )" + +CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE + ~CPUSETS ~CGROUP_CPUACCT + ~RESOURCE_COUNTERS ~CGROUP_MEM_RES_CTLR + ~CGROUP_SCHED + + ~NAMESPACES + ~IPC_NS ~USER_NS ~PID_NS + + ~DEVPTS_MULTIPLE_INSTANCES + ~CGROUP_FREEZER + ~UTS_NS ~NET_NS + ~VETH ~MACVLAN + + ~POSIX_MQUEUE + ~!NETPRIO_CGROUP + + ~!GRKERNSEC_CHROOT_MOUNT + ~!GRKERNSEC_CHROOT_DOUBLE + ~!GRKERNSEC_CHROOT_PIVOT + ~!GRKERNSEC_CHROOT_CHMOD + ~!GRKERNSEC_CHROOT_CAPS +" + +ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES: needed for pts inside container" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" + +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" + +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" + +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" + +ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP: as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting." + +ERROR_GRKERNSEC_CHROOT_MOUNT=":CONFIG_GRKERNSEC_CHROOT_MOUNT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_DOUBLE=":CONFIG_GRKERNSEC_CHROOT_DOUBLE some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_PIVOT=":CONFIG_GRKERNSEC_CHROOT_PIVOT some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CHMOD=":CONFIG_GRKERNSEC_CHROOT_CHMOD some GRSEC features make LXC unusable see postinst notes" +ERROR_GRKERNSEC_CHROOT_CAPS=":CONFIG_GRKERNSEC_CHROOT_CAPS some GRSEC features make LXC unusable see postinst notes" + +DOCS=(AUTHORS CONTRIBUTING MAINTAINERS TODO README doc/FAQ.txt) + +src_prepare() { + if [[ -n ${BACKPORTS} ]]; then + epatch "${WORKDIR}"/patches/* + eautoreconf + fi +} + +src_configure() { + append-flags -fno-strict-aliasing + + econf \ + --localstatedir=/var \ + --bindir=/usr/sbin \ + --docdir=/usr/share/doc/${PF} \ + --with-config-path=/etc/lxc \ + --with-rootfs-path=/usr/lib/lxc/rootfs \ + --enable-doc \ + $(use_enable examples) +} + +src_install() { + default + + rm -r "${D}"/usr/sbin/lxc-setcap \ + || die "unable to remove lxc-setcap" + + keepdir /etc/lxc /usr/lib/lxc/rootfs + + find "${D}" -name '*.la' -delete + + use vanilla && return 0 + + # Gentoo-specific additions! + newinitd "${FILESDIR}/${PN}.initd.3" ${PN} + keepdir /var/log/lxc +} + +pkg_postinst() { + if ! use vanilla; then + elog "There is an init script provided with the package now; no documentation" + elog "is currently available though, so please check out /etc/init.d/lxc ." + elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname" + elog "to start the container defined into /etc/lxc/configname.conf ." + elog "For further information about LXC development see" + elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available + elog "" + fi + ewarn "With version 0.7.4, the mountpoint syntax came back to the one used by 0.7.2" + ewarn "and previous versions. This means you'll have to use syntax like the following" + ewarn "" + ewarn " lxc.rootfs = /container" + ewarn " lxc.mount.entry = /usr/portage /container/usr/portage none bind 0 0" + ewarn "" + ewarn "To use the Fedora, Debian and (various) Ubuntu auto-configuration scripts, you" + ewarn "will need sys-apps/yum or dev-util/debootstrap." + ewarn "" + ewarn "Some GrSecurity settings in relation to chroot security will cause LXC not to" + ewarn "work, while others will actually make it much more secure. Please refer to" + ewarn "Diego Elio Pettenò's weblog at http://blog.flameeyes.eu/tag/lxc for further" + ewarn "details." +} diff --git a/app-emulation/lxc/metadata.xml b/app-emulation/lxc/metadata.xml new file mode 100644 index 000000000..138cece73 --- /dev/null +++ b/app-emulation/lxc/metadata.xml @@ -0,0 +1,20 @@ + + + + virtualization + + flameeyes@gentoo.org + + + dev-zero@gentoo.org + + + + Avoid adding Gentoo Linux-specific modifications, which include + the custom init script. This is present as a flag to avoid + forcing dependencies over users that might not want have them + around as they use LXC in contexts where the init script is not + useful. + + +