m4_define([lxc_devel], 0)
m4_define([lxc_version_major], 2)
m4_define([lxc_version_minor], 0)
-m4_define([lxc_version_micro], 9)
+m4_define([lxc_version_micro], 10)
m4_define([lxc_version_beta], [])
m4_define([lxc_abi_major], 1)
--- /dev/null
+#! /bin/bash
+
+set -eu
+
+LXC_DHCP_SCRIPT="/usr/local/share/lxc/hooks/dhclient-script"
+LXC_DHCP_CONFIG="/usr/local/etc/lxc/dhclient.conf"
+
+rootfs_path="${LXC_ROOTFS_PATH#*:}"
+hookdir="${rootfs_path/%rootfs/hook}"
+
+conffile_arg=""
+if [ -e "${LXC_DHCP_CONFIG}" ]; then
+ conffile_arg="-cf ${LXC_DHCP_CONFIG}"
+fi
+
+debugfile="/dev/null"
+if [ "${LXC_LOG_LEVEL}" = "DEBUG" ] || [ "${LXC_LOG_LEVEL}" = "TRACE" ]; then
+ debugfile="${hookdir}/dhclient.log"
+ echo "INFO: Writing dhclient log at ${debugfile}." >&2
+fi
+
+pidfile="${hookdir}/dhclient.pid"
+leasefile="${hookdir}/dhclient.leases"
+
+usage() {
+ echo "Usage: ${0##*/} <name> lxc {start-host|stop}"
+}
+
+# Wrap the dhclient command with "aa-exec -p unconfined" if AppArmor is enabled.
+dhclient() {
+ bin="/sbin/dhclient"
+ if [ -d "/sys/kernel/security/apparmor" ] && which aa-exec >/dev/null; then
+ bin="aa-exec -p unconfined ${bin}"
+ fi
+ echo $bin
+}
+
+dhclient_start() {
+ ns_args=("--uts" "--net")
+ if [ -z "$(readlink /proc/${LXC_PID}/ns/user /proc/self/ns/user | uniq -d)" ]; then
+ ns_args+=("--user")
+ fi
+
+ mkdir -p "${hookdir}"
+
+ if [ -e "${pidfile}" ]; then
+ echo "WARN: DHCP client is already running, skipping start hook." >> "${debugfile}"
+ else
+ echo "INFO: Starting DHCP client and acquiring a lease..." >> "${debugfile}"
+ nsenter ${ns_args[@]} --target "${LXC_PID}" -- \
+ $(dhclient) -1 ${conffile_arg} -pf "${pidfile}" -lf "${leasefile}" -e "ROOTFS=${rootfs_path}" -sf "${LXC_DHCP_SCRIPT}" -v >> "${debugfile}" 2>&1
+ fi
+}
+
+dhclient_stop() {
+ # We can't use LXC_PID here since the container process has exited,
+ # use the namespace file descriptors in the hook arguments instead.
+ ns_args=("")
+ if [ "${LXC_HOOK_VERSION:-0}" -eq 0 ]; then
+ for arg in "$@"; do
+ case "${arg}" in
+ uts:* | user:* | net:*) ns_args+=("--${arg/:/=}") ;;
+ *) ;;
+ esac
+ done
+ else
+ ns_args+=("--uts=${LXC_UTS_NS}")
+ ns_args+=("--net=${LXC_NET_NS}")
+ [ -n "${LXC_USER_NS:+x}" ] && ns_args+=("--user=${LXC_USER_NS}")
+ fi
+
+ if [ -e "${pidfile}" ]; then
+ echo "INFO: Stopping DHCP client and releasing leases..." >> "${debugfile}"
+ nsenter ${ns_args[@]} -- \
+ $(dhclient) -r ${conffile_arg} -pf "${pidfile}" -lf "${leasefile}" -e "ROOTFS=${rootfs_path}" -sf "${LXC_DHCP_SCRIPT}" -v >> "${debugfile}" 2>&1
+ else
+ echo "WARN: DHCP client is not running, skipping stop hook." >> "${debugfile}"
+ fi
+
+ # dhclient could fail to release the lease and shutdown, try to cleanup after ourselves just in case.
+ nsenter ${ns_args[@]} -- \
+ /bin/sh -c 'pkill --ns $$ --nslist net -f "^/sbin/dhclient"' || true
+ rm -f "${pidfile}"
+}
+
+HOOK_SECTION=
+HOOK_TYPE=
+case "${LXC_HOOK_VERSION:-0}" in
+ 0) HOOK_SECTION="${2:-}"; HOOK_TYPE="${3:-}"; shift 3;;
+ 1) HOOK_SECTION="${LXC_HOOK_SECTION:-}"; HOOK_TYPE="${LXC_HOOK_TYPE:-}";;
+ *) echo "ERROR: Unsupported hook version: ${LXC_HOOK_VERSION}." >&2; exit 1;;
+esac
+
+if [ "${HOOK_SECTION}" != "lxc" ]; then
+ echo "ERROR: Not running through LXC." >&2
+ exit 1
+fi
+
+case "${HOOK_TYPE}" in
+ start-host) dhclient_start $@;;
+ stop) dhclient_stop $@;;
+ *) usage; exit 1;;
+esac
+
+exit 0
projects / thirdparty / lxc.git / commitdiff
