Skip to content
This repository
Browse code

OS-1397 Add Cron Manifest to the Joyent-Minimal Brand

OS-1402 joyent-minimal should support manifest that aren't imported
  • Loading branch information...
commit b6b872919ab520ce7b503e5e4dc3dd00cfffc798 1 parent 728edb3
Robert Mustacchi rmustacc authored
121 overlay/generic/usr/lib/brand/README.smf
... ... @@ -0,0 +1,121 @@
  1 +#
  2 +# CDDL HEADER START
  3 +#
  4 +# The contents of this file are subject to the terms of the
  5 +# Common Development and Distribution License (the "License").
  6 +# You may not use this file except in compliance with the License.
  7 +#
  8 +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  9 +# or http://www.opensolaris.org/os/licensing.
  10 +# See the License for the specific language governing permissions
  11 +# and limitations under the License.
  12 +#
  13 +# When distributing Covered Code, include this CDDL HEADER in each
  14 +# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15 +# If applicable, add the following below this CDDL HEADER, with the
  16 +# fields enclosed by brackets "[]" replaced with your own identifying
  17 +# information: Portions Copyright [yyyy] [name of copyright owner]
  18 +#
  19 +# CDDL HEADER END
  20 +#
  21 +# Copyright (c) 2012 Joyent, Inc. All rights reserved.
  22 +# Use is subject to license terms.
  23 +#
  24 +
  25 +There are a few rather brand specific issues related to how SMF works inside of
  26 +them. This README describes how the different pieces interact and where they are
  27 +defined. Note that this README only applies to the Joyent-style sparse zones. It
  28 +does not apply to the KVM brand or the traditional ipkg and S10 branded zones.
  29 +
  30 +#
  31 +# Per-brand manifests file
  32 +#
  33 +
  34 +Each brand has a file called `manifests`. This file lists the set of manifests
  35 +that the brand cares about being available to the zone. It is formatted as:
  36 +
  37 +<manifest_name> <enabled | disabled> [noimport]
  38 +
  39 +Examples are:
  40 +
  41 +network/smb/client.xml disabled
  42 +network/ssh.xml enabled
  43 +system/cron.xml disabled noimport
  44 +
  45 +The use of enabled or disabled determines the default disposition of the service
  46 +when it is imported.
  47 +
  48 +The use of `noimport` is optional and has specific meaning for the
  49 +joyent-minimal brand only at this time. Not specifying anything there is the
  50 +equivalent of saying that this manifest should always be imported.
  51 +
  52 +This list is used in various places throughout the rest of the system for
  53 +determining what shows up in the SMF repositories by default and what shows up
  54 +in /lib/svc/manifest.
  55 +
  56 +#
  57 +# Files in /lib/svc/manifest
  58 +#
  59 +
  60 +/lib/svc/manifest is part of the sparse filesystem that gets placed into every
  61 +zone. Unlike /usr, /lib/svc/manifest is brand specific. The zones service
  62 +(svc:/system/zones:default) is responsible for creating the per-brand
  63 +/lib/svc/manifest directories and they live in /zones/manifests/<brand-name>.
  64 +This brand specific directory is lofs-mounted read-only into each zone.
  65 +
  66 +The presence of the enabled and disabled option in the brand's manifests file
  67 +determine whether or not the service is enabled by default when imported. The
  68 +xml file is changed to match the setting.
  69 +
  70 +#
  71 +# Initial SMF repositories
  72 +#
  73 +
  74 +SMF in the minimal brand works differently than it does in the normal Joyent
  75 +Brand when it comes to specifying the initial services that are inside of the
  76 +dataset and what files are in the SMF repository.
  77 +
  78 +SMF has the notion of a `seed repository`. This repository is the initial one
  79 +that is used or copied for new zones. This repository contains various services
  80 +already imported, whether or not they are enabled or disabled, and the various
  81 +service properties.
  82 +
  83 +The traditional `joyent` brand gets this from the dataset itself. In other words,
  84 +the database is already populated with the proper SMF state.
  85 +
  86 +In the `joyent-minimal` brand we handle this differently. We want to be able to
  87 +reuse the datasets that exist but not be stuck with their rather large seed
  88 +repositories that contain many things which are harmful in the minimal context,
  89 +particularly manifest import (both the early and normal kind). To handle this
  90 +the joyent-minimal brand defines a seed repository of its own that gets
  91 +installed at zone creation time and replaces any existing repository.
  92 +
  93 +This seed repository is generated using the `svc.configd-native` and
  94 +`svccfg-native` binaries. Every manifest listed in the brand's manifests file is
  95 +included unless it has the `noimport` option specified. If that is the case, it
  96 +will not be imported into the SMF repository by default, but will still be
  97 +available for manual import in /lib/svc/manifest. With the minimal brand, only
  98 +the bare minimum number of manifests should be imported else that such a zone
  99 +might want should be marked `noimport`.
  100 +
  101 +#
  102 +# Using non-imported manifests
  103 +#
  104 +
  105 +To use one of the manifests that exists but hasn't been imported is pretty easy.
  106 +At some point in time after the initial creation of the zone (during the first
  107 +boot setup script for example), you can import the service. For example, if you
  108 +were going to import the cron service you would run:
  109 +
  110 +svccfg import /var/svc/manifest/system/cron.xml
  111 +
  112 +Next, you need to potentially enable the service depending on the default
  113 +disposition of the service. You enable the service by running:
  114 +
  115 +svcadm enable -s <service>
  116 +
  117 +Adding the `-s` flag causes the enabling to be synchronous. If you do not
  118 +include the flag then it will poke svc.startd to enable the service and return.
  119 +If the service is already enabled by default, then this is safe to run and it
  120 +won't change anything. It is safer to just always enable or disable the service
  121 +after importing it based on your needs.
3  overlay/generic/usr/lib/brand/joyent-minimal/manifests
@@ -5,7 +5,7 @@
5 5 # should be listed here.
6 6 #
7 7 # The format of the file is:
8   -# manifest_name enable/disable
  8 +# manifest_name enable/disable [noimport]
9 9 # The manifest_name is found relative to /lib/svc/manifest on the system.
10 10 # The second field is used to indicate if the svc should be enabled or
11 11 # disabled by default within zones, independently of its current status in
@@ -124,3 +124,4 @@ milestone/name-services.xml enabled
124 124 system/early-manifest-import.xml disabled
125 125 system/manifest-import.xml disabled
126 126 system/mdata.xml enabled
  127 +system/cron.xml disabled noimport
4 tools/build_seeds
@@ -89,9 +89,10 @@ function build_database
89 89 rm -f $SVCCFG_REPOSITORY
90 90
91 91 [[ -f $input ]] || fail "can't read manifest input file: $input"
92   - while read service enabled; do
  92 + while read service enabled import; do
93 93 [[ -z "$service" ]] && continue
94 94 [[ "$service" =~ ^\# ]] && continue
  95 + [[ "$import" == "noimport" ]] && continue
95 96 import_manifest $service $enabled
96 97
97 98 echo $service $enabled
@@ -109,4 +110,3 @@ build_database $ROOT/usr/lib/brand/joyent-minimal/manifests \
109 110 $ROOT/usr/lib/brand/joyent-minimal/repository.db
110 111 chmod 444 $ROOT/usr/lib/brand/joyent-minimal/repository.db
111 112 chown root:root $ROOT/usr/lib/brand/joyent-minimal/repository.db
112   -

0 comments on commit b6b8729

Please sign in to comment.
Something went wrong with that request. Please try again.