lxc-ubuntu{-cloud}: Config layout tweaking

This commit tweaks the layout of the config file for the Ubuntu templates.

With this, we now get a clear network config group, then a path related group,
then a bunch of random config options and the end of the config is apparmor,
capabilities and cgroups.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>

diff --git a/templates/lxc-ubuntu-cloud.in b/templates/lxc-ubuntu-cloud.in
index de9f3c31dcd85701a79161a4a5063b9b7c82502a..9ee8fb127ac66a0f618b90ffca3167bcce86b4d6 100644 (file)
--- a/templates/lxc-ubuntu-cloud.in
+++ b/templates/lxc-ubuntu-cloud.in
@@ -41,21 +41,21 @@ copy_configuration()
     # associated hwaddr.
     nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
     if [ $nics -eq 1 ]; then
-        grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
-lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
-EOF
+        grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
     fi
 
     grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
     cat <<EOF >> $path/config
-lxc.utsname = $name
+lxc.mount = $path/fstab
+lxc.pivotdir = lxc_putold
 
+lxc.devttydir =$ttydir
 lxc.tty = 4
 lxc.pts = 1024
-lxc.mount = $path/fstab
+
+lxc.utsname = $name
 lxc.arch = $arch
-lxc.cap.drop = sys_module mac_admin
-lxc.pivotdir = lxc_putold
+lxc.cap.drop = sys_module mac_admin mac_override
 
 # When using LXC with apparmor, uncomment the next line to run unconfined:
 #lxc.aa_profile = unconfined

diff --git a/templates/lxc-ubuntu.in b/templates/lxc-ubuntu.in
index a2fc95201c46227418b4bf87e8bb7ccbcfe87a2c..39c5a1c4206b2b074282620e5d459a72cfc88281 100644 (file)
--- a/templates/lxc-ubuntu.in
+++ b/templates/lxc-ubuntu.in
@@ -319,22 +319,21 @@ copy_configuration()
     # associated hwaddr.
     nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
     if [ $nics -eq 1 ]; then
-        grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
-lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
-EOF
+        grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
     fi
 
     grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
     cat <<EOF >> $path/config
-lxc.utsname = $name
+lxc.mount = $path/fstab
+lxc.pivotdir = lxc_putold
 
 lxc.devttydir =$ttydir
 lxc.tty = 4
 lxc.pts = 1024
-lxc.mount = $path/fstab
+
+lxc.utsname = $name
 lxc.arch = $arch
 lxc.cap.drop = sys_module mac_admin mac_override
-lxc.pivotdir = lxc_putold
 
 # When using LXC with apparmor, uncomment the next line to run unconfined:
 #lxc.aa_profile = unconfined