templates/lxc-fedora Network startup w/o Network Manager

This patches the Fedora template to insure that the legacy network
startup scripts are enabled when NetworkManager has not been installed
in the container (default).

It also fixes a login problem with pam_loginuid.so in a container.
https://bugzilla.redhat.com/show_bug.cgi?id=966807

Signed-off-by: Michael H. Warfield <mhw@WittsEnd.com>
--
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
index 97944540c95054d0f307fc934fefa0871edde3f4..747bfd5a35036012ef51f78bf02e03f8acca0e97 100644 (file)
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
@@ -98,7 +98,13 @@ configure_fedora()
     mkdir -p $rootfs_path/selinux
     echo 0 > $rootfs_path/selinux/enforce
 
-   # configure the network using the dhcp
+    # This may be related to disabling selinux above but this is
+    # a known problem and documented in RedHat bugzilla as relating
+    # to a problem with auditing enabled.  This prevents an error in
+    # the container "Cannot make/remove an entry for the specified session"
+    sed -i '/^session.*pam_loginuid.so/s/^session/# session/' ${rootfs_path}/etc/pam.d/login
+
+    # configure the network using the dhcp
     cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
 DEVICE=eth0
 BOOTPROTO=dhcp
@@ -160,7 +166,15 @@ EOF
     rm -f ${rootfs_path}/var/lib/rpm/__db*
     chroot ${rootfs_path} rpm --rebuilddb
     chroot ${rootfs_path} yum -y install fedora-release
-    # This just makes sure the rpm db is synced to that version...
+
+    if [[ ! -e ${rootfs_path}/sbin/NetworkManager ]]
+    then
+        # NetworkManager has not been installed.  Use the
+        # legacy chkconfig command to enable the network startup
+        # scripts in the container.
+        chroot ${rootfs_path} chkconfig network on
+    fi
+
     umount ${rootfs_path}/proc
     umount ${rootfs_path}/dev