fixups to init script rework

- move action() from common to sysvinit wrapper since its only really
  applicable for sysvinit and not the other init systems

- fix bug in action() fallback, need to shift away msg before executing action

- make lxc-net 98 so it starts before lxc-container (99), otherwise the lxcbr0
  won't be available when containers are autostarted

- make the default RUNTIME_PATH be /var/run instead of /run. On older
  distros (like ol6.5) /run doesn't exist. lxc-net will create this directory
  and attempt to create the dnsmasq.pid file in it, but this will fail when
  SELinux is enabled because the directory will have the default_t type.
  Newer systems have /var/run symlinked to /run so you get to the same place
  in that case.

- add %postun to remove lxc-dnsmasq user when pkgs are removed

- fix bug in lxc-oracle template that was creating /var/lock/subsys/lxc as
  a dir and interfering with the init scripts

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/.gitignore b/.gitignore
index c77f8f90a2b8f6be32423f180e18ed1e53a9cc54..ddc4e18e5609db3062afa8457925f270f6471c21 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -114,10 +114,15 @@ config/missing
 config/libtool.m4
 config/lt*.m4
 config/bash/lxc
+config/init/common/lxc-containers
+config/init/common/lxc-net
 config/init/systemd/lxc-autostart-helper
-config/init/systemd/lxc.service
 config/init/systemd/lxc-net.service
+config/init/systemd/lxc.service
 config/init/sysvinit/lxc
+config/init/sysvinit/lxc-containers
+config/init/sysvinit/lxc-net
+config/sysconfig/lxc
 
 doc/*.1
 doc/*.5

diff --git a/config/init/common/lxc-containers.in b/config/init/common/lxc-containers.in
index 9d1d604b6786a1c6296afc7cecc8cc27e1c8e619..31a2b87fba3a9388a1a83607c00cddc28fa89f98 100644 (file)
--- a/config/init/common/lxc-containers.in
+++ b/config/init/common/lxc-containers.in
@@ -32,19 +32,6 @@ OPTIONS=
 #      If you want to kill containers fast, use -k
 STOPOPTS="-a -A -s"
 
-# Source function library.
-test ! -r "$sysconfdir"/rc.d/init.d/functions ||
-        . "$sysconfdir"/rc.d/init.d/functions
-
-# provide action() fallback
-if ! type action >/dev/null 2>&1; then
-    # Real basic fallback for sysvinit "action" verbage.
-    action() {
-        echo -n "$1    "
-       "$@" && echo "OK" || echo "Failed"
-    }
-fi
-
 if [ -d "$localstatedir"/lock/subsys ]
 then
        lockdir="$localstatedir"/lock/subsys
@@ -106,7 +93,7 @@ case "$1" in
         wait_for_bridge
 
         # Start autoboot containers first then the NULL group "onboot,".
-        action $"Starting LXC autoboot containers: " "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
+        "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
         touch "$lockdir"/lxc
     ;;
 
@@ -118,7 +105,7 @@ case "$1" in
         # The stop is serialized and can take excessive time.  We need to avoid
         # delaying the system shutdown / reboot as much as we can since it's not
         # parallelized...  Even 5 second timout may be too long.
-        action $"Stopping LXC containers: " "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
+        "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
         rm -f "$lockdir"/lxc
     ;;
 

diff --git a/config/init/sysvinit/lxc-containers.in b/config/init/sysvinit/lxc-containers.in
index 9d92115cfb79020c388ed56e5f9f184392b936a3..bc93322a41ab18be0212eee00007c0362c926114 100644 (file)
--- a/config/init/sysvinit/lxc-containers.in
+++ b/config/init/sysvinit/lxc-containers.in
@@ -13,12 +13,28 @@
 # Description: Bring up/down LXC autostart containers
 ### END INIT INFO
 
+sysconfdir="@SYSCONFDIR@"
+
+# Source function library.
+test ! -r "$sysconfdir"/rc.d/init.d/functions ||
+        . "$sysconfdir"/rc.d/init.d/functions
+
+# provide action() fallback
+if ! type action >/dev/null 2>&1; then
+    # Real basic fallback for sysvinit "action" verbage.
+    action() {
+        echo -n "$1    "
+        shift
+        "$@" && echo "OK" || echo "Failed"
+    }
+fi
+
 start() {
-    @LIBEXECDIR@/lxc/lxc-containers start
+    action $"Starting LXC autoboot containers: " @LIBEXECDIR@/lxc/lxc-containers start
 }
 
 stop() {
-    @LIBEXECDIR@/lxc/lxc-containers stop
+    action $"Stopping LXC containers: " @LIBEXECDIR@/lxc/lxc-containers stop
 }
 
 # See how we were called.

diff --git a/config/init/sysvinit/lxc-net.in b/config/init/sysvinit/lxc-net.in
index 6e22505f3b183602348d30fc8441a5485878c42a..f6892c142f3fda5e286017c459182e50b8a495b9 100644 (file)
--- a/config/init/sysvinit/lxc-net.in
+++ b/config/init/sysvinit/lxc-net.in
@@ -2,7 +2,7 @@
 #
 # lxc-net Start/Stop LXC Networking
 #
-# chkconfig: 345 99 01
+# chkconfig: 345 98 01
 # description: Starts/Stops LXC Network Bridge
 #
 ### BEGIN INIT INFO
@@ -13,12 +13,28 @@
 # Description: Bring up/down LXC Network Bridge
 ### END INIT INFO
 
+sysconfdir="@SYSCONFDIR@"
+
+# Source function library.
+test ! -r "$sysconfdir"/rc.d/init.d/functions ||
+        . "$sysconfdir"/rc.d/init.d/functions
+
+# provide action() fallback
+if ! type action >/dev/null 2>&1; then
+    # Real basic fallback for sysvinit "action" verbage.
+    action() {
+        echo -n "$1    "
+        shift
+        "$@" && echo "OK" || echo "Failed"
+    }
+fi
+
 start() {
-    @LIBEXECDIR@/lxc/lxc-net start
+    action $"Starting LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net start
 }
 
 stop() {
-    @LIBEXECDIR@/lxc/lxc-net stop
+    action $"Stopping LXC network bridge: " @LIBEXECDIR@/lxc/lxc-net stop
 }
 
 # See how we were called.

diff --git a/lxc.spec.in b/lxc.spec.in
index 52b63268be30e69d7e85102af93d969de8df3c24..fbef674896171410442bc92a2627d87389df53df 100644 (file)
--- a/lxc.spec.in
+++ b/lxc.spec.in
@@ -43,6 +43,12 @@ BuildRequires: systemd
 %define init_script sysvinit
 %endif
 
+# Must use /var/run for runtime_path on older releases or dnsmasq in the
+# lxc-net script will not be able to write its pid in /run (selinux denial)
+%if 0%{?fedora} < 15 || 0%{?rhel} < 7
+%define _with_runtime_path --with-runtime-path=/var/run
+%endif
+
 # RPM needs alpha/beta/rc in Release: not Version: to ensure smooth
 # package upgrades from alpha->beta->rc->release. For more info see:
 # http://fedoraproject.org/wiki/Packaging%3aNamingGuidelines#NonNumericRelease
@@ -62,7 +68,12 @@ Summary: Linux Containers userspace tools
 Group: Applications/System
 License: LGPLv2+
 BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Requires: openssl rsync dnsmasq
+Requires: openssl rsync dnsmasq bridge-utils
+Requires(pre): /usr/sbin/useradd
+Requires(postun): /usr/sbin/userdel
+%if 0%{?fedora} < 15 || 0%{?rhel} < 7
+Requires: libcgroup
+%endif
 # Note for Suse.  The "docbook2X" BuildRequires does properly
 # match docbook2x on Suse in a case insensitive manner
 BuildRequires: libcap libcap-devel docbook2X graphviz libxslt pkgconfig
@@ -134,6 +145,7 @@ PATH=$PATH:/usr/sbin:/sbin %configure $args \
 %if "x%{_unitdir}" != "x"
   --with-systemdsystemunitdir=%{_unitdir} \
 %endif
+  %{?_with_runtime_path} \
   --disable-rpath \
   --with-init-script=%{init_script}
 make %{?_smp_mflags}
@@ -147,7 +159,7 @@ find %{buildroot} -type f -name '*.la' -exec rm -f {} ';'
 rm -rf %{buildroot}
 
 %pre
-# Ensure that lxcdnsmasq uid & gid gets correctly allocated
+# Ensure that lxc-dnsmasq uid & gid gets correctly allocated
 if getent passwd lxc-dnsmasq >/dev/null 2>&1 ; then : ; else \
  /usr/sbin/useradd -M -r -s /sbin/nologin \
  -c "LXC Networking Service" -d %_localstatedir/%name lxc-dnsmasq 2> /dev/null \
@@ -200,6 +212,9 @@ LXC_DHCP_MAX="253"
 EOF
 fi
 
+%postun
+/usr/sbin/userdel lxc-dnsmasq > /dev/null 2>&1 || :
+
 %post   libs -p /sbin/ldconfig
 %postun libs -p /sbin/ldconfig
 

diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
index 830ce5cffa64a0da44729b1f99d52fc02e4da1ee..1f65d4c38ac68733d3a2da9d9d225e06d91f440f 100644 (file)
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@@ -598,7 +598,7 @@ container_rootfs_create()
         fi
     done
 
-    mkdir -p @LOCALSTATEDIR@/lock/subsys/lxc
+    mkdir -p @LOCALSTATEDIR@/lock/subsys
     (
         flock -x 9
         if [ $? -ne 0 ]; then