Bug#732358: pu: package lxc/0.8.0~rc1-8+deb7u2
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu
The "debian" template provided by Wheezy's lxc has been broken from the
start due to live-debconfig never making it to wheezy (and inaction from
the maintainer).
For details: http://bugs.debian.org/680469
I would like to get a usable debian template and after some investigation,
I concluded that the easiest solution was to use the upstream provided
script. That said I opted to use the latest upstream version of said
script because it has been fixed to install the current stable release of
Debian instead of using squeeze...
Please find the debdiff attached.
I did some basic tests to ensure that it works and asked others people on
the bug report to do the same and got back a successful report already.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
Raphaël Hertzog ◈ Debian Developer
Discover the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/
diff -Nru lxc-0.8.0~rc1/debian/changelog lxc-0.8.0~rc1/debian/changelog
--- lxc-0.8.0~rc1/debian/changelog 2012-08-22 22:44:12.000000000 +0200
+++ lxc-0.8.0~rc1/debian/changelog 2013-12-16 12:13:58.000000000 +0100
@@ -1,3 +1,11 @@
+lxc (0.8.0~rc1-8+deb7u2) wheezy; urgency=medium
+
+ * Non-maintainer upload.
+ * Use latest upstream provided lxc-debian that actually works. Closes: #680469
+ * Add rsync to Recommends since lxc-debian uses it.
+
+ -- Raphaël Hertzog <hertzog@debian.org> Mon, 16 Dec 2013 08:51:43 +0100
+
lxc (0.8.0~rc1-8+deb7u1) wheezy; urgency=low
* Non-maintainer upload.
diff -Nru lxc-0.8.0~rc1/debian/control lxc-0.8.0~rc1/debian/control
--- lxc-0.8.0~rc1/debian/control 2012-06-30 00:34:08.000000000 +0200
+++ lxc-0.8.0~rc1/debian/control 2013-12-16 12:13:28.000000000 +0100
@@ -13,7 +13,7 @@
Architecture: linux-any
Pre-Depends: ${multiarch:Pre-Depends}
Depends: ${misc:Depends}, ${shlibs:Depends}
-Recommends: debootstrap | cdebootstrap, libcap2-bin
+Recommends: debootstrap | cdebootstrap, rsync, libcap2-bin
Conflicts: cgroup-bin
Suggests: lxctl
Description: Linux Containers userspace tools
diff -Nru lxc-0.8.0~rc1/debian/patches/13-update-lxc-debian.patch lxc-0.8.0~rc1/debian/patches/13-update-lxc-debian.patch
--- lxc-0.8.0~rc1/debian/patches/13-update-lxc-debian.patch 1970-01-01 01:00:00.000000000 +0100
+++ lxc-0.8.0~rc1/debian/patches/13-update-lxc-debian.patch 2013-12-16 12:07:48.000000000 +0100
@@ -0,0 +1,423 @@
+Description: Update lxc-debian template script
+ Use a newer upstream version of that script that correctly installs the
+ current stable release.
+Origin: upstream, https://github.com/lxc/lxc/raw/master/templates/lxc-debian.in
+Applied-Upstream: 1.0.0
+--- a/templates/lxc-debian.in
++++ b/templates/lxc-debian.in
+@@ -13,14 +13,13 @@
+
+ # This library is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ # Lesser General Public License for more details.
+
+ # You should have received a copy of the GNU Lesser General Public
+ # License along with this library; if not, write to the Free Software
+-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+-SUITE=${SUITE:-squeeze}
+ MIRROR=${MIRROR:-http://cdn.debian.net/debian}
+
+ configure_debian()
+@@ -31,9 +30,9 @@ configure_debian()
+ # squeeze only has /dev/tty and /dev/tty0 by default,
+ # therefore creating missing device nodes for tty1-4.
+ for tty in $(seq 1 4); do
+- if [ ! -e $rootfs/dev/tty$tty ]; then
+- mknod $rootfs/dev/tty$tty c 4 $tty
+- fi
++ if [ ! -e $rootfs/dev/tty$tty ]; then
++ mknod $rootfs/dev/tty$tty c 4 $tty
++ fi
+ done
+
+ # configure the inittab
+@@ -54,6 +53,8 @@ c1:12345:respawn:/sbin/getty 38400 tty1
+ c2:12345:respawn:/sbin/getty 38400 tty2 linux
+ c3:12345:respawn:/sbin/getty 38400 tty3 linux
+ c4:12345:respawn:/sbin/getty 38400 tty4 linux
++p6::ctrlaltdel:/sbin/init 6
++p0::powerfail:/sbin/init 0
+ EOF
+
+ # disable selinux in debian
+@@ -76,11 +77,14 @@ EOF
+
+ # reconfigure some services
+ if [ -z "$LANG" ]; then
+- chroot $rootfs locale-gen en_US.UTF-8 UTF-8
+- chroot $rootfs update-locale LANG=en_US.UTF-8
++ chroot $rootfs locale-gen en_US.UTF-8 UTF-8
++ chroot $rootfs update-locale LANG=en_US.UTF-8
+ else
+- chroot $rootfs locale-gen $LANG $(echo $LANG | cut -d. -f2)
+- chroot $rootfs update-locale LANG=$LANG
++ encoding=$(echo $LANG | cut -d. -f2)
++ chroot $rootfs sed -e "s/^# \(${LANG} ${encoding}\)/\1/" \
++ -i /etc/locale.gen 2>/dev/null
++ chroot $rootfs locale-gen $LANG $encoding
++ chroot $rootfs update-locale LANG=$LANG
+ fi
+
+ # remove pointless services in a container
+@@ -89,12 +93,30 @@ EOF
+ chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
+ chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
+
++ # set initial timezone as on host
++ if [ -f /etc/timezone ]; then
++ cat /etc/timezone > $rootfs/etc/timezone
++ chroot $rootfs dpkg-reconfigure -f noninteractive tzdata
++ elif [ -f /etc/sysconfig/clock ]; then
++ source /etc/sysconfig/clock
++ echo $ZONE > $rootfs/etc/timezone
++ chroot $rootfs dpkg-reconfigure -f noninteractive tzdata
++ else
++ echo "Timezone in container is not configured. Adjust it manually."
++ fi
++
+ echo "root:root" | chroot $rootfs chpasswd
+ echo "Root password is 'root', please change !"
+
+ return 0
+ }
+
++cleanup()
++{
++ rm -rf $cache/partial-$release-$arch
++ rm -rf $cache/rootfs-$release-$arch
++}
++
+ download_debian()
+ {
+ packages=\
+@@ -102,7 +124,7 @@ ifupdown,\
+ locales,\
+ libui-dialog-perl,\
+ dialog,\
+-dhcp3-client,\
++isc-dhcp-client,\
+ netbase,\
+ net-tools,\
+ iproute,\
+@@ -110,26 +132,32 @@ openssh-server
+
+ cache=$1
+ arch=$2
++ release=$3
+
++ trap cleanup EXIT SIGHUP SIGINT SIGTERM
+ # check the mini debian was not already downloaded
+- mkdir -p "$cache/partial-$SUITE-$arch"
++ mkdir -p "$cache/partial-$release-$arch"
+ if [ $? -ne 0 ]; then
+- echo "Failed to create '$cache/partial-$SUITE-$arch' directory"
+- return 1
++ echo "Failed to create '$cache/partial-$release-$arch' directory"
++ return 1
+ fi
+
+ # download a mini debian into a cache
+ echo "Downloading debian minimal ..."
+ debootstrap --verbose --variant=minbase --arch=$arch \
+- --include=$packages \
+- "$SUITE" "$cache/partial-$SUITE-$arch" $MIRROR
++ --include=$packages \
++ "$release" "$cache/partial-$release-$arch" $MIRROR
+ if [ $? -ne 0 ]; then
+- echo "Failed to download the rootfs, aborting."
+- return 1
++ echo "Failed to download the rootfs, aborting."
++ return 1
+ fi
+
+- mv "$1/partial-$SUITE-$arch" "$1/rootfs-$SUITE-$arch"
++ mv "$1/partial-$release-$arch" "$1/rootfs-$release-$arch"
+ echo "Download complete."
++ trap EXIT
++ trap SIGINT
++ trap SIGTERM
++ trap SIGHUP
+
+ return 0
+ }
+@@ -139,11 +167,12 @@ copy_debian()
+ cache=$1
+ arch=$2
+ rootfs=$3
++ release=$4
+
+ # make a local copy of the minidebian
+ echo -n "Copying rootfs to $rootfs..."
+ mkdir -p $rootfs
+- rsync -a "$cache/rootfs-$SUITE-$arch"/ $rootfs/ || return 1
++ rsync -Ha "$cache/rootfs-$release-$arch"/ $rootfs/ || return 1
+ return 0
+ }
+
+@@ -151,34 +180,34 @@ install_debian()
+ {
+ cache="@LOCALSTATEDIR@/cache/lxc/debian"
+ rootfs=$1
++ release=$2
++ arch=$3
+ mkdir -p @LOCALSTATEDIR@/lock/subsys/
+ (
+- flock -n -x 200
+- if [ $? -ne 0 ]; then
+- echo "Cache repository is busy."
+- return 1
+- fi
+-
+- arch=$(dpkg --print-architecture)
+-
+- echo "Checking cache download in $cache/rootfs-$SUITE-$arch ... "
+- if [ ! -e "$cache/rootfs-$SUITE-$arch" ]; then
+- download_debian $cache $arch
+- if [ $? -ne 0 ]; then
+- echo "Failed to download 'debian base'"
+- return 1
+- fi
+- fi
+-
+- copy_debian $cache $arch $rootfs
+- if [ $? -ne 0 ]; then
+- echo "Failed to copy rootfs"
+- return 1
+- fi
++ flock -x 200
++ if [ $? -ne 0 ]; then
++ echo "Cache repository is busy."
++ return 1
++ fi
++
++ echo "Checking cache download in $cache/rootfs-$release-$arch ... "
++ if [ ! -e "$cache/rootfs-$release-$arch" ]; then
++ download_debian $cache $arch $release
++ if [ $? -ne 0 ]; then
++ echo "Failed to download 'debian base'"
++ return 1
++ fi
++ fi
++
++ copy_debian $cache $arch $rootfs $release
++ if [ $? -ne 0 ]; then
++ echo "Failed to copy rootfs"
++ return 1
++ fi
+
+- return 0
++ return 0
+
+- ) 200>@LOCALSTATEDIR@/lock/subsys/lxc
++ ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-debian
+
+ return $?
+ }
+@@ -188,12 +217,26 @@ copy_configuration()
+ path=$1
+ rootfs=$2
+ hostname=$3
++ arch=$4
++
++ # if there is exactly one veth network entry, make sure it has an
++ # associated hwaddr.
++ nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
++ if [ $nics -eq 1 ]; then
++ grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
++ fi
+
++ grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
+ cat <<EOF >> $path/config
+ lxc.tty = 4
+ lxc.pts = 1024
+-lxc.rootfs = $rootfs
++lxc.arch = $arch
+ lxc.utsname = $hostname
++lxc.cap.drop = sys_module mac_admin mac_override sys_time
++
++# When using LXC with apparmor, uncomment the next line to run unconfined:
++#lxc.aa_profile = unconfined
++
+ lxc.cgroup.devices.deny = a
+ # /dev/null and zero
+ lxc.cgroup.devices.allow = c 1:3 rwm
+@@ -209,16 +252,16 @@ lxc.cgroup.devices.allow = c 1:8 rwm
+ lxc.cgroup.devices.allow = c 136:* rwm
+ lxc.cgroup.devices.allow = c 5:2 rwm
+ # rtc
+-lxc.cgroup.devices.allow = c 254:0 rwm
++lxc.cgroup.devices.allow = c 254:0 rm
+
+ # mounts point
+-lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0
+-lxc.mount.entry=sysfs $rootfs/sys sysfs defaults 0 0
++lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
++lxc.mount.entry = sysfs sys sysfs defaults 0 0
+ EOF
+
+ if [ $? -ne 0 ]; then
+- echo "Failed to add configuration"
+- return 1
++ echo "Failed to add configuration"
++ return 1
+ fi
+
+ return 0
+@@ -229,46 +272,65 @@ clean()
+ cache="@LOCALSTATEDIR@/cache/lxc/debian"
+
+ if [ ! -e $cache ]; then
+- exit 0
++ exit 0
+ fi
+
+ # lock, so we won't purge while someone is creating a repository
+ (
+- flock -n -x 200
+- if [ $? != 0 ]; then
+- echo "Cache repository is busy."
+- exit 1
+- fi
+-
+- echo -n "Purging the download cache..."
+- rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+- exit 0
++ flock -x 200
++ if [ $? != 0 ]; then
++ echo "Cache repository is busy."
++ exit 1
++ fi
++
++ echo -n "Purging the download cache..."
++ rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
++ exit 0
+
+- ) 200>@LOCALSTATEDIR@/lock/subsys/lxc
++ ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-debian
+ }
+
+ usage()
+ {
+ cat <<EOF
+-$1 -h|--help -p|--path=<path> --clean
++$1 -h|--help -p|--path=<path> [-a|--arch] [-r|--release=<release>] [-c|--clean]
++release: the debian release (e.g. wheezy): defaults to current stable
++arch: the container architecture (e.g. amd64): defaults to host arch
+ EOF
+ return 0
+ }
+
+-options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
++options=$(getopt -o hp:n:a:r:c -l help,rootfs:,path:,name:,arch:,release:,clean -- "$@")
+ if [ $? -ne 0 ]; then
+ usage $(basename $0)
+- exit 1
++ exit 1
+ fi
+ eval set -- "$options"
+
++if which dpkg >/dev/null 2>&1 ; then
++ arch=$(dpkg --print-architecture)
++else
++ arch=$(uname -m)
++ if [ "$arch" = "i686" ]; then
++ arch="i386"
++ elif [ "$arch" = "x86_64" ]; then
++ arch="amd64"
++ elif [ "$arch" = "armv7l" ]; then
++ arch="armhf"
++ fi
++fi
++hostarch=$arch
++
+ while true
+ do
+ case "$1" in
+- -h|--help) usage $0 && exit 0;;
++ -h|--help) usage $0 && exit 1;;
+ -p|--path) path=$2; shift 2;;
+- -n|--name) name=$2; shift 2;;
+- -c|--clean) clean=$2; shift 2;;
++ --rootfs) rootfs=$2; shift 2;;
++ -a|--arch) arch=$2; shift 2;;
++ -r|--release) release=$2; shift 2;;
++ -n|--name) name=$2; shift 2;;
++ -c|--clean) clean=$2; shift 2;;
+ --) shift 1; break ;;
+ *) break ;;
+ esac
+@@ -279,6 +341,30 @@ if [ ! -z "$clean" -a -z "$path" ]; then
+ exit 0
+ fi
+
++if [ "$arch" == "i686" ]; then
++ arch=i386
++fi
++
++if [ "$arch" == "x86_64" ]; then
++ arch=amd64
++fi
++
++if [ $hostarch = "i386" -a $arch = "amd64" ]; then
++ echo "can't create $arch container on $hostarch"
++ exit 1
++fi
++
++if [ $hostarch = "armhf" -o $hostarch = "armel" ] && \
++ [ $arch != "armhf" -a $arch != "armel" ]; then
++ echo "can't create $arch container on $hostarch"
++ exit 1
++fi
++
++if [ $hostarch = "powerpc" -a $arch != "powerpc" ]; then
++ echo "can't create $arch container on $hostarch"
++ exit 1
++fi
++
+ type debootstrap
+ if [ $? -ne 0 ]; then
+ echo "'debootstrap' command is missing"
+@@ -295,9 +381,28 @@ if [ "$(id -u)" != "0" ]; then
+ exit 1
+ fi
+
+-rootfs=$path/rootfs
++current_release=`wget ${MIRROR}/dists/stable/Release -O - 2>/dev/null |\
++head |awk '/^Codename: (.*)$/ { print $2; }'`
++release=${release:-${current_release}}
++valid_releases=('squeeze' 'wheezy' 'jessie' 'sid')
++if [[ ! "${valid_releases[*]}" =~ (^|[^[:alpha:]])$release([^[:alpha:]]|$) ]]
++then
++ echo "Invalid release ${release}, valid ones are: ${valid_releases[*]}"
++ exit 1
++fi
++
++# detect rootfs
++config="$path/config"
++if [ -z "$rootfs" ]; then
++ if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
++ rootfs=$(awk -F= '/^lxc.rootfs =/{ print $2 }' $config)
++ else
++ rootfs=$path/rootfs
++ fi
++fi
++
+
+-install_debian $rootfs
++install_debian $rootfs $release $arch
+ if [ $? -ne 0 ]; then
+ echo "failed to install debian"
+ exit 1
+@@ -309,7 +414,7 @@ if [ $? -ne 0 ]; then
+ exit 1
+ fi
+
+-copy_configuration $path $rootfs $name
++copy_configuration $path $rootfs $name $arch
+ if [ $? -ne 0 ]; then
+ echo "failed write configuration file"
+ exit 1
diff -Nru lxc-0.8.0~rc1/debian/patches/series lxc-0.8.0~rc1/debian/patches/series
--- lxc-0.8.0~rc1/debian/patches/series 2012-06-29 23:14:41.000000000 +0200
+++ lxc-0.8.0~rc1/debian/patches/series 2013-12-16 12:01:29.000000000 +0100
@@ -10,3 +10,4 @@
10-lxc-clone-trap-name.patch
11-lxc-console-escape.patch
12-lxc-create-rootfs.patch
+13-update-lxc-debian.patch
diff -Nru lxc-0.8.0~rc1/debian/rules lxc-0.8.0~rc1/debian/rules
--- lxc-0.8.0~rc1/debian/rules 2012-06-30 00:34:05.000000000 +0200
+++ lxc-0.8.0~rc1/debian/rules 2013-12-16 11:56:29.000000000 +0100
@@ -36,9 +36,9 @@
cp -r debian/local/lxc-debconf* debian/lxc/usr/share/lxc/templates
# replacing upstreams debian template
- rm -f debian/tmp/usr/share/lxc/templates/lxc-debian
- ln -s lxc-debconf debian/tmp/usr/share/lxc/templates/lxc-debian
- ln -s lxc-debconf.d debian/tmp/usr/share/lxc/templates/lxc-debian.d
+ #rm -f debian/tmp/usr/share/lxc/templates/lxc-debian
+ #ln -s lxc-debconf debian/tmp/usr/share/lxc/templates/lxc-debian
+ #ln -s lxc-debconf.d debian/tmp/usr/share/lxc/templates/lxc-debian.d
# adding progress template symlink
ln -s lxc-debconf debian/tmp/usr/share/lxc/templates/lxc-progress
Reply to: