[PATCH] liblxc: handle interruption/failure of lxc-debian more gracefully

[PATCH] liblxc: handle interruption/failure of lxc-debian more gracefully

[Matt Helsley]

If lxc-debian fails or is interrupted during debootstrap then the next
invocation of lxc-debian breaks because it only checks for the existence
of the directory. This forces the user to remove the cache by hand to
retry the create step.

Let's allow the user to re-run lxc-debian to resume/retry. Store the
cache in a partial-$ARCH directory until debootstrap succeeds. Then move
the valid cache to its final destination.

Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
---
 scripts/lxc-debian.in |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Index: lxc/scripts/lxc-debian.in
===================================================================
--- lxc.orig/scripts/lxc-debian.in
+++ lxc/scripts/lxc-debian.in
@@ -217,19 +217,20 @@ create() {
 		
 		echo "not cached"
 		
-		mkdir -p "$CACHE/rootfs-$ARCH"
+		mkdir -p "$CACHE/partial-$ARCH"
 		
 	        # download a mini debian into a cache
 		echo "Downloading debian minimal ..."
 		debootstrap --verbose --variant=minbase --arch=$ARCH \
 		    --include apache,netbase,net-tools,iproute,openssh-server \
-		    etch $CACHE/rootfs-$ARCH http://ftp.debian.org/debian
+		    etch $CACHE/partial-$ARCH http://ftp.debian.org/debian
 		
 		RESULT=$?
 		if [ "$RESULT" != "0" ]; then
 		    echo "Failed to download the rootfs, aborting."
 		    exit 1
 		fi
+		mv "$CACHE/partial-$ARCH" "$CACHE/rootfs-$ARCH"
 		echo "Download complete."
 	    else
 		echo "Found."

[PATCH] liblxc: Update lxc-debian to use the lenny release

[Matt Helsley]

With the release of lenny nearing this patch may soon be useful.

Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
---
 scripts/lxc-debian.in |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: lxc/scripts/lxc-debian.in
===================================================================
--- lxc.orig/scripts/lxc-debian.in
+++ lxc/scripts/lxc-debian.in
@@ -222,8 +222,8 @@ create() {
 	        # download a mini debian into a cache
 		echo "Downloading debian minimal ..."
 		debootstrap --verbose --variant=minbase --arch=$ARCH \
-		    --include apache,netbase,net-tools,iproute,openssh-server \
-		    etch $CACHE/partial-$ARCH http://ftp.debian.org/debian
+		    --include apache2,netbase,net-tools,iproute,openssh-server \
+		    lenny $CACHE/partial-$ARCH http://ftp.debian.org/debian
 		
 		RESULT=$?
 		if [ "$RESULT" != "0" ]; then

Re: [PATCH] liblxc: handle interruption/failure of lxc-debian more gracefully

[Daniel Lezcano]

Matt Helsley wrote:
> If lxc-debian fails or is interrupted during debootstrap then the next
> invocation of lxc-debian breaks because it only checks for the existence
> of the directory. This forces the user to remove the cache by hand to
> retry the create step.
>
> Let's allow the user to re-run lxc-debian to resume/retry. Store the
> cache in a partial-$ARCH directory until debootstrap succeeds. Then move
> the valid cache to its final destination.
>
> Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
>   
That is definitively better !
Applied, thanks.

  -- Daniel

Re: [PATCH] liblxc: Update lxc-debian to use the lenny release

[Daniel Lezcano]

Matt Helsley wrote:
> With the release of lenny nearing this patch may soon be useful.
>
> Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> ---
>  scripts/lxc-debian.in |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> Index: lxc/scripts/lxc-debian.in
> ===================================================================
> --- lxc.orig/scripts/lxc-debian.in
> +++ lxc/scripts/lxc-debian.in
> @@ -222,8 +222,8 @@ create() {
>  	        # download a mini debian into a cache
>  		echo "Downloading debian minimal ..."
>  		debootstrap --verbose --variant=minbase --arch=$ARCH \
> -		    --include apache,netbase,net-tools,iproute,openssh-server \
> -		    etch $CACHE/partial-$ARCH http://ftp.debian.org/debian
> +		    --include apache2,netbase,net-tools,iproute,openssh-server \
> +		    lenny $CACHE/partial-$ARCH http://ftp.debian.org/debian
>  		
>  		RESULT=$?
>  		if [ "$RESULT" != "0" ]; then
>   
Applied, thanks Matt.

ps : I added the ifupdown missing package because ifup/ifdown are no 
longer in the initscripts package.

Re: [PATCH] liblxc: Update lxc-debian to use the lenny release

[Matt Helsley]

On Mon, 2009-02-09 at 18:14 +0100, Daniel Lezcano wrote:
> Matt Helsley wrote:
> > With the release of lenny nearing this patch may soon be useful.
> >
> > Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> > ---
> >  scripts/lxc-debian.in |    4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > Index: lxc/scripts/lxc-debian.in
> > ===================================================================
> > --- lxc.orig/scripts/lxc-debian.in
> > +++ lxc/scripts/lxc-debian.in
> > @@ -222,8 +222,8 @@ create() {
> >  	        # download a mini debian into a cache
> >  		echo "Downloading debian minimal ..."
> >  		debootstrap --verbose --variant=minbase --arch=$ARCH \
> > -		    --include apache,netbase,net-tools,iproute,openssh-server \
> > -		    etch $CACHE/partial-$ARCH http://ftp.debian.org/debian
> > +		    --include apache2,netbase,net-tools,iproute,openssh-server \
> > +		    lenny $CACHE/partial-$ARCH http://ftp.debian.org/debian
> >  		
> >  		RESULT=$?
> >  		if [ "$RESULT" != "0" ]; then
> >   
> Applied, thanks Matt.
> 
> ps : I added the ifupdown missing package because ifup/ifdown are no 
> longer in the initscripts package.

	Hasn't debian switched to Network Manager too? Seems like there should
be a way to interact with it via scripts without forcing the use of
ifup/ifdown.

	I was somewhat suprised to find debootstrap is incredibly easy to
install by hand on non-debian systems. Even better, there's a package in
fedora. So I've been playing with lxc-debian on fedora 9 and 10. However
I've had problems "Configuring" the opennssh-server package. Removing
that package allows lxc-debian to create the rootfs. I haven't found an
underlying reason yet :/ -- have you run into this problem?

Cheers,
	-Matt

Re: [PATCH] liblxc: Update lxc-debian to use the lenny release

[Daniel Lezcano]

Matt Helsley wrote:
> On Mon, 2009-02-09 at 18:14 +0100, Daniel Lezcano wrote:
>   
>> Matt Helsley wrote:
>>     
>>> With the release of lenny nearing this patch may soon be useful.
>>>
>>> Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
>>> ---
>>>  scripts/lxc-debian.in |    4 ++--
>>>  1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> Index: lxc/scripts/lxc-debian.in
>>> ===================================================================
>>> --- lxc.orig/scripts/lxc-debian.in
>>> +++ lxc/scripts/lxc-debian.in
>>> @@ -222,8 +222,8 @@ create() {
>>>  	        # download a mini debian into a cache
>>>  		echo "Downloading debian minimal ..."
>>>  		debootstrap --verbose --variant=minbase --arch=$ARCH \
>>> -		    --include apache,netbase,net-tools,iproute,openssh-server \
>>> -		    etch $CACHE/partial-$ARCH http://ftp.debian.org/debian
>>> +		    --include apache2,netbase,net-tools,iproute,openssh-server \
>>> +		    lenny $CACHE/partial-$ARCH http://ftp.debian.org/debian
>>>  		
>>>  		RESULT=$?
>>>  		if [ "$RESULT" != "0" ]; then
>>>   
>>>       
>> Applied, thanks Matt.
>>
>> ps : I added the ifupdown missing package because ifup/ifdown are no 
>> longer in the initscripts package.
>>     
>
> 	Hasn't debian switched to Network Manager too? Seems like there should
> be a way to interact with it via scripts without forcing the use of
> ifup/ifdown.
>   
It looks like the minbase does not have the network manager (I didn't 
checked if it is available for "lenny").
So I just made a quick fix adding the ifupdown scripts in order to have 
the debian booting with the network up.
Using the network manager is an interesting solution, but in the short 
term I think the lxc-debian script should be improved to provide a 
simple TUI configuration menu so we can make more complex configurations.
> 	I was somewhat suprised to find debootstrap is incredibly easy to
> install by hand on non-debian systems. Even better, there's a package in
> fedora. So I've been playing with lxc-debian on fedora 9 and 10. However
>   
Yeah, it is a great tool. I am experiencing to do the same with a 
fedora. It may be possible to use yum like debootstrap for an minbase 
fedora install.

> I've had problems "Configuring" the opennssh-server package. Removing
> that package allows lxc-debian to create the rootfs. I haven't found an
> underlying reason yet :/ -- have you run into this problem?
>   
Mmh, no. I just recreated several times a debian, logged via ssh and I 
didn't fall in this problem.
What problem did you faced ?

Re: [PATCH] liblxc: Update lxc-debian to use the lenny release

[Dan Smith]

DL> It may be possible to use yum like debootstrap for an minbase
DL> fedora install.

Yep, something like the following should work:

  root=/path/to/tmproot
  mkdir -p $root/var/lib/rpm
  rpm --root $root --initdb
  rpm --root $root -Uvfh --nodeps http://fedora.osuosl.org/linux/releases/10/Fedora/i386/os/Packages/fedora-release-10-1.noarch.rpm
  yum --installroot=$root -y groupinstall Base

-- 
Dan Smith
IBM Linux Technology Center
email: danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org

[PATCH] liblxc: add scripts/lxc-fedora.in (WAS: Re: [PATCH] liblxc: Update lxc-debian to use the lenny release)

[Matt Helsley]

On Mon, 2009-02-09 at 15:43 -0800, Dan Smith wrote:
> DL> It may be possible to use yum like debootstrap for an minbase
> DL> fedora install.
> 
> Yep, something like the following should work:
> 
>   root=/path/to/tmproot
>   mkdir -p $root/var/lib/rpm
>   rpm --root $root --initdb
>   rpm --root $root -Uvfh --nodeps http://fedora.osuosl.org/linux/releases/10/Fedora/i386/os/Packages/fedora-release-10-1.noarch.rpm
>   yum --installroot=$root -y groupinstall Base

Looks familiar! ;) I was intrigued by this idea last weekend so I
started such a script. However I only tested it as far as creating a
semi-correct rootfs. With the exception of network configs most of the
configs are still written as for debian. For example I know the selinux
policy enforcement settings need to move, the inittab needs to be
replaced by the proper upstart configs, etc.

Of course it's based heavily on Daniel's excellent lxc-debian script.

Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
---
 configure.in          |    1 
 scripts/Makefile.am   |    1 
 scripts/lxc-fedora.in |  404 ++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 406 insertions(+)

Index: lxc/configure.in
===================================================================
--- lxc.orig/configure.in
+++ lxc/configure.in
@@ -90,6 +90,7 @@ AC_CONFIG_FILES([
 
 	scripts/Makefile
 	scripts/lxc-debian
+	scripts/lxc-fedora
 	scripts/lxc-sshd
 
         src/Makefile
Index: lxc/scripts/Makefile.am
===================================================================
--- lxc.orig/scripts/Makefile.am
+++ lxc/scripts/Makefile.am
@@ -1,3 +1,4 @@
 bin_SCRIPTS = \
 	lxc-debian \
+	lxc-fedora \
 	lxc-sshd
Index: lxc/scripts/lxc-fedora.in
===================================================================
--- /dev/null
+++ lxc/scripts/lxc-fedora.in
@@ -0,0 +1,404 @@
+#!/bin/bash
+# set -ex
+
+DISTRO="fedora"
+CACHE="@LOCALSTATEDIR@/cache/lxc/${DISTRO}"
+
+# Default container name
+NAME="fedora"
+CONFFILE="lxc.conf"
+MNTFILE="mount.conf"
+UTSNAME=
+IPV4="172.20.0.21"
+GATEWAY="172.20.0.1"
+
+# These paths are within the container so do not need to obey configure prefixes
+INITTAB="/etc/inittab"
+FSTAB="/etc/fstab"
+SSHD_CONFIG="/etc/ssh/sshd_config"
+
+################################################################################
+#                    DISTRO custom configuration files
+################################################################################
+
+# custom selinux
+
+write_distro_selinux() {
+    mkdir -p ${ROOTFS}/selinux
+    echo 0 > ${ROOTFS}/selinux/enforce
+}
+
+# custom fstab
+
+write_distro_fstab() {
+cat <<EOF > ${ROOTFS}/${FSTAB}
+tmpfs  /dev/shm   tmpfs  defaults  0 0
+EOF
+}
+
+# custom inittab
+
+write_distro_inittab() {
+cat <<EOF > ${ROOTFS}/${INITTAB}
+id:3:initdefault:
+si::sysinit:/etc/init.d/rcS
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+1:2345:respawn:/sbin/getty 38400 console
+c1:12345:respawn:/sbin/getty 38400 tty1 linux
+c2:12345:respawn:/sbin/getty 38400 tty2 linux
+c3:12345:respawn:/sbin/getty 38400 tty3 linux
+c4:12345:respawn:/sbin/getty 38400 tty4 linux
+EOF
+}
+
+# custom network configuration
+write_distro_network() {
+cat <<EOF > ${ROOTFS}/etc/sysconfig/network-scripts/ifcfg-lo
+DEVICE=lo
+IPADDR=127.0.0.1
+NETMASK=255.0.0.0
+NETWORK=127.0.0.0
+# If you're having problems with gated making 127.0.0.0/8 a martian,
+# you can change this to something else (255.255.255.255, for example)
+BROADCAST=127.255.255.255
+ONBOOT=yes
+NAME=loopback
+EOF
+cat <<EOF > ${ROOTFS}/etc/sysconfig/network-scripts/ifcfg-eth0
+DEVICE=eth0
+BOOTPROTO=static
+HWADDR=52:54:00:12:34:56
+ONBOOT=yes
+HOSTNAME=${UTSNAME}
+NM_CONTROLLED=no
+TYPE=Ethernet
+IPADDR=${IPV4}
+NETWORK=$(ipcalc -sn ${IPV4} 255.255.255.0)
+GATEWAY=${GATEWAY}
+BROADCAST=$(ipcalc -sb ${IPV4} 255.255.255.0)
+NETMASK=255.255.255.0
+EOF
+}
+
+# custom hostname
+
+write_distro_hostname() {
+cat <<EOF > ${ROOTFS}/sysconfig/network
+NETWORKING=yes
+HOSTNAME=${UTSNAME}
+EOF
+}
+
+# custom sshd configuration file
+
+write_distro_sshd_config() {
+cat <<EOF > ${ROOTFS}/${SSHD_CONFIG}
+Port 22
+Protocol 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+UsePrivilegeSeparation yes
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+SyslogFacility AUTH
+LogLevel INFO
+LoginGraceTime 120
+PermitRootLogin yes
+StrictModes yes
+RSAAuthentication yes
+PubkeyAuthentication yes
+IgnoreRhosts yes
+RhostsRSAAuthentication no
+HostbasedAuthentication no
+PermitEmptyPasswords yes
+ChallengeResponseAuthentication no
+EOF
+}
+
+################################################################################
+#                        lxc configuration files
+################################################################################
+
+write_lxc_configuration() {
+cat <<EOF > ${CONFFILE}
+lxc.utsname = ${UTSNAME}
+lxc.tty = 4
+lxc.network.type = veth
+lxc.network.flags = up
+lxc.network.link = br0
+lxc.network.name = eth0
+lxc.mount = ${MNTFILE}
+lxc.rootfs = ${ROOTFS}
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+# /dev/pts/* - pts namespaces are "coming soon"
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+EOF
+}
+
+write_lxc_mounts() {
+cat <<EOF > ${MNTFILE}
+
+EOF
+}
+
+create() {
+
+    # choose a container name, default is already in shell NAME variable
+    echo -n "What is the name for the container ? [${NAME}] "
+    read _NAME_
+
+    if [ ! -z "${_NAME_}" ]; then
+	NAME=${_NAME_}
+    fi
+
+    # choose a hostname, default is the container name
+    echo -n "What hostname do you wish for this container ? [${NAME}] "
+    read _UTSNAME_
+
+    if [ ! -z "${_UTSNAME_}" ]; then
+	UTSNAME=${_UTSNAME_}
+    else
+	UTSNAME=${NAME}
+    fi
+
+    # choose an ipv4 address, better to choose the same network than
+    # your host
+    echo -n "What IP address do you wish for this container ? [${IPV4}] "
+    read _IPV4_
+
+    if [ ! -z "${_IPV4_}" ]; then
+	IPV4=${_IPV4_}
+    fi
+
+    # choose the gateway ip address
+    echo -n "What is the gateway IP address ? [${GATEWAY}] "
+    read _GATEWAY_
+
+    if [ ! -z "${_GATEWAY_}" ]; then
+	GATEWAY=${_GATEWAY_}
+    fi
+
+    # the rootfs name will be build with the container name
+    ROOTFS="./rootfs.${NAME}"
+
+    # check if the rootfs does already exist
+    if [ ! -e "${ROOTFS}" ]; then
+	    mkdir -p @LOCALSTATEDIR@/lock/subsys/
+	(
+	    flock -n -x 200
+
+
+	    RES=$?
+	    if [ "${RES}" != "0" ]; then
+		echo "Cache repository is busy."
+		break
+	    fi
+
+	    # check the mini distro was not already downloaded
+	    echo -n "Checking cache download ..."
+	    if [ ! -e "${CACHE}/rootfs" ]; then
+
+		echo "not cached"
+
+		# Rather than write a special yum config we just make the
+		# default RPM and yum layout in ${CACHE}. The alternative is
+		# to copy /etc/yum/yum.conf or /etc/yum.conf and fiddle with
+		# some settings.
+		mkdir -p "${CACHE}/partial/var/lib/rpm"
+		mkdir -p "${CACHE}/partial/var/log"
+		touch "${CACHE}/partial/var/log/yum.log"
+
+		RELEASE="$(yum info ${DISTRO}-release | \
+			awk -F '[[:space:]]*:[[:space:]]*' \
+				'/^Release/ { release = $2 }
+				/^Version/ { version = $2 }
+				END { print version "-" release }')"
+		PKG="${DISTRO}-release.noarch.rpm"
+		RPM="rpm --root \"${CACHE}/partial\""
+
+		echo "Initializing RPM cache ..."
+		${RPM} --initdb
+		echo "Downloading ${DISTRO} Release ${RELEASE} description ..."
+		yumdownloader --destdir="${CACHE}/partial" "${DISTRO}-release.noarch.rpm" && \
+		${RPM} --nodeps -ihv "${CACHE}/partial/${DISTRO}-release*.noarch.rpm"
+		echo "Downloading ${DISTRO} minimal ..."
+		yum --installroot="${CACHE}/partial" -y groupinstall Base
+		RESULT=$?
+		if [ "${RESULT}" != "0" ]; then
+		    echo "Failed to download the rootfs, aborting."
+		    exit 1
+		fi
+		mv "${CACHE}/partial" "${CACHE}/rootfs"
+		echo "Download complete."
+	    else
+		echo "Found."
+	    fi
+
+            # make a local copy of the mini
+	    echo -n "Copying rootfs ..."
+	    cp -a ${CACHE}/rootfs ${ROOTFS} && echo "Done." || exit
+	) 200> "@LOCALSTATEDIR@/lock/subsys/lxc"
+    fi
+
+write_lxc_mounts
+
+write_lxc_configuration
+
+write_distro_inittab
+
+write_distro_hostname
+
+write_distro_fstab
+
+write_distro_network
+
+write_distro_sshd_config
+
+write_distro_selinux
+
+@BINDIR@/lxc-create -n ${NAME} -f ${CONFFILE}
+RES=$?
+
+# remove the configuration files
+rm -f ${CONFFILE}
+rm -f ${MNTFILE}
+
+if [ "${RES}" != "0" ]; then
+    echo "Failed to create '${NAME}'"
+    exit 1
+fi
+
+echo "Done."
+echo -e "\nYou can run your container with the 'lxc-start -n ${NAME}'\n"
+}
+
+destroy() {
+
+    echo -n "What is the name for the container ? [${NAME}] "
+    read _NAME_
+
+    if [ ! -z "${_NAME_}" ]; then
+	NAME=${_NAME_}
+    fi
+
+    @BINDIR@/lxc-destroy -n ${NAME}
+    RETVAL=$?
+    if [ ! ${RETVAL} -eq 0 ]; then
+	echo "Failed to destroyed '${NAME}'"
+	return ${RETVAL}
+    fi
+
+    ROOTFS="./rootfs.${NAME}"
+
+    echo -n "Shall I remove the rootfs [y/n] ? "
+    read
+    if [ "${REPLY}" = "y" ]; then
+	rm -rf ${ROOTFS}
+    fi
+
+    return 0
+}
+
+help() {
+    cat <<EOF
+
+This script is a helper to create ${DISTRO} system containers.
+
+The script will create the container configuration file following
+the informations submitted interactively with 'lxc-${DISTRO} create'
+
+The first creation will download, with yum, a ${DISTRO} minimal
+install and store it into a cache.
+
+The script will copy from the cache the root filesystem to the
+current directory.
+
+If there is a problem with the container, (bad configuration for
+example), you can destroy the container with 'lxc-${DISTRO} destroy'
+but without removing the rootfs and recreate it again with
+'lxc-${DISTRO} create'.
+
+If you want to create another ${DISTRO} container, call the 'lxc-${DISTRO}
+ create' again, specifying another name and new parameters.
+
+At any time you can purge the ${DISTRO} cache download by calling
+'lxc-${DISTRO} purge'
+
+Have fun :)
+
+EOF
+}
+
+purge() {
+
+    if [ ! -e ${CACHE} ]; then
+	exit 0
+    fi
+
+    # lock, so we won't purge while someone is creating a repository
+    (
+	flock -n -x 200
+
+	RES=$?
+	if [ "${RES}" != "0" ]; then
+	    echo "Cache repository is busy."
+	    exit 1
+	fi
+
+	echo -n "Purging the download cache..."
+	rm --preserve-root --one-file-system -rf ${CACHE} && echo "Done." || exit 1
+	exit 0
+
+    ) 200> "@LOCALSTATEDIR@/lock/subsys/lxc"
+}
+
+# Note: assuming uid==0 is root -- might break with userns??
+if [ "$(id -u)" != "0" ]; then
+	echo "This script should be run as 'root'"
+	exit 1
+fi
+
+# Detect which executable we were run as, lxc-fedora or lxc-redhat
+case "$0" in
+    *lxc-redhat)
+	DISTRO="redhat";;
+    *) # default is fedora
+	DISTRO="fedora";;
+esac
+CACHE="@LOCALSTATEDIR@/cache/lxc/${DISTRO}"
+
+case "$1" in
+    create)
+	create;;
+    destroy)
+	destroy;;
+    help)
+	help;;
+    purge)
+	purge;;
+    *)
+	echo "Usage: $0 {create|destroy|purge|help}"
+	exit 1;;
+esac

Re: [PATCH] liblxc: add scripts/lxc-fedora.in (WAS: Re: [PATCH] liblxc: Update lxc-debian to use the lenny release)

[Daniel Lezcano]

Matt Helsley wrote:
> On Mon, 2009-02-09 at 15:43 -0800, Dan Smith wrote:
>   
>> DL> It may be possible to use yum like debootstrap for an minbase
>> DL> fedora install.
>>
>> Yep, something like the following should work:
>>
>>   root=/path/to/tmproot
>>   mkdir -p $root/var/lib/rpm
>>   rpm --root $root --initdb
>>   rpm --root $root -Uvfh --nodeps http://fedora.osuosl.org/linux/releases/10/Fedora/i386/os/Packages/fedora-release-10-1.noarch.rpm
>>   yum --installroot=$root -y groupinstall Base
>>     
>
> Looks familiar! ;) I was intrigued by this idea last weekend so I
> started such a script. However I only tested it as far as creating a
> semi-correct rootfs. With the exception of network configs most of the
> configs are still written as for debian. For example I know the selinux
> policy enforcement settings need to move, the inittab needs to be
> replaced by the proper upstart configs, etc.
>
> Of course it's based heavily on Daniel's excellent lxc-debian script.
>
> Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
>   
Applied.