-lxc.network.type=veth
-lxc.network.link=virbr0
-lxc.network.flags=up
+lxc.network.type = veth
+lxc.network.link = virbr0
+lxc.network.flags = up
-lxc.network.type=veth
-lxc.network.link=lxcbr0
-lxc.network.flags=up
+lxc.network.type = veth
+lxc.network.link = lxcbr0
+lxc.network.flags = up
-lxc.network.type=empty
+lxc.network.type = empty
lxc.utsname = $name
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $config_path/fstab
+lxc.mount = $config_path/fstab
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
exit 0
fi
echo "container rootfs and config created"
-echo "container is configured for lxc.network.type=veth and lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
+echo "network configured as $lxc_network_type in the $lxc_network_link"
mkdir -p "${config_path}"
grep -q "^lxc.rootfs" "${config_path}/config" 2>/dev/null || echo "lxc.rootfs=${rootfs_path}" >> "${config_path}/config"
cat > "${config_path}/config" << EOF
-lxc.utsname=${name}
-lxc.tty=4
-lxc.pts=1024
-lxc.mount=${config_path}/fstab
+lxc.utsname = ${name}
+lxc.tty = 4
+lxc.pts = 1024
+lxc.mount = ${config_path}/fstab
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
#networking
-lxc.network.type=${lxc_network_type}
-lxc.network.flags=up
-lxc.network.link=${lxc_network_link}
-lxc.network.name=eth0
-lxc.network.mtu=1500
+lxc.network.type = ${lxc_network_type}
+lxc.network.flags = up
+lxc.network.link = ${lxc_network_link}
+lxc.network.name = eth0
+lxc.network.mtu = 1500
#cgroups
lxc.cgroup.devices.deny = a
# /dev/null and zero
if [ -d "$rootfs/lib" ]; then
cat <<EOF >> $path/config
-lxc.mount.entry=/lib $rootfs/lib none ro,bind 0 0
-lxc.mount.entry=/usr/lib $rootfs/usr/lib none ro,bind 0 0
+lxc.mount.entry = /lib $rootfs/lib none ro,bind 0 0
+lxc.mount.entry = /usr/lib $rootfs/usr/lib none ro,bind 0 0
EOF
fi
for dir in $libdirs; do
if [ -d "/$dir" ] && [ -d "$rootfs/$dir" ]; then
- echo "lxc.mount.entry=/$dir $dir none ro,bind 0 0" >> $path/config
+ echo "lxc.mount.entry = /$dir $dir none ro,bind 0 0" >> $path/config
fi
done
}
lxc.cgroup.devices.allow = c 254:0 rwm
# mounts point
-lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
-lxc.mount.entry=sysfs sys sysfs defaults 0 0
+lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry = sysfs sys sysfs defaults 0 0
EOF
if [ $? -ne 0 ]; then
lxc.utsname = $name
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $config_path/fstab
+lxc.mount = $config_path/fstab
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
lxc.cgroup.devices.allow = c 254:0 rwm
# mounts point
-lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
-lxc.mount.entry=sysfs sys sysfs defaults 0 0
+lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry = sysfs sys sysfs defaults 0 0
EOF
if [ $? -ne 0 ]; then
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $path/fstab
+lxc.mount = $path/fstab
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
lxc.tty = 4
lxc.pts = 1024
lxc.rootfs = $container_rootfs
-lxc.mount = $cfg_dir/fstab
+lxc.mount = $cfg_dir/fstab
# Networking
EOF
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
-lxc.mount.entry=/dev dev none ro,bind 0 0
-lxc.mount.entry=/lib lib none ro,bind 0 0
-lxc.mount.entry=/bin bin none ro,bind 0 0
-lxc.mount.entry=/usr usr none ro,bind 0 0
-lxc.mount.entry=/sbin sbin none ro,bind 0 0
-lxc.mount.entry=tmpfs var/run/sshd tmpfs mode=0644 0 0
-lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd sbin/init none bind 0 0
-lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry = /dev dev none ro,bind 0 0
+lxc.mount.entry = /lib lib none ro,bind 0 0
+lxc.mount.entry = /bin bin none ro,bind 0 0
+lxc.mount.entry = /usr usr none ro,bind 0 0
+lxc.mount.entry = /sbin sbin none ro,bind 0 0
+lxc.mount.entry = tmpfs var/run/sshd tmpfs mode=0644 0 0
+lxc.mount.entry = @LXCTEMPLATEDIR@/lxc-sshd sbin/init none bind 0 0
+lxc.mount.entry = proc $rootfs/proc proc nodev,noexec,nosuid 0 0
EOF
# if no .ipv4 section in config, then have the container run dhcp
if [ "$(uname -m)" = "x86_64" ]; then
cat <<EOF >> $path/config
-lxc.mount.entry=/lib64 lib64 none ro,bind 0 0
+lxc.mount.entry = /lib64 lib64 none ro,bind 0 0
EOF
fi
}
lxc.devttydir =$ttydir
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $path/fstab
+lxc.mount = $path/fstab
lxc.arch = $arch
lxc.cap.drop = sys_module mac_admin mac_override
lxc.pivotdir = lxc_putold
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $path/fstab
+lxc.mount = $path/fstab
lxc.arch = $arch
lxc.cap.drop = sys_module mac_admin
lxc.pivotdir = lxc_putold
projects / thirdparty / lxc.git / commitdiff
