commit a681029fa1d0727e2082623a7d7c9937e95aa49c Author: Christopher Gurnee chris@gurneeconsulting.net Date: Thu Sep 4 16:54:05 2014 -0400

Fix issue #63: use lxc-execute instead of lxc-start --- README.md | 8 ++++---- bin/make-base-vm | 2 +- libexec/copy-from-target | 2 +- libexec/copy-to-target | 2 +- libexec/on-target | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md index 0fe7fde..dfe6ded 100644 --- a/README.md +++ b/README.md @@ -138,13 +138,13 @@ TODO:

## LXC tips

-`bin/gbuild` runs `lxc-start`, which may require root. If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time: +`bin/gbuild` runs `lxc-execute`, which may require root. If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:

- %admin ALL=NOPASSWD: /usr/bin/lxc-start + %admin ALL=NOPASSWD: /usr/bin/lxc-execute

-Recent distributions allow lxc-start to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`. +Recent distributions allow lxc-execute to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.

-If you have a runaway `lxc-start` command, just use `kill -9` on it. +If you have a runaway `lxc-execute` command, just use `kill -9` on it.

The machine configuration requires access to lxcbr0 and assumes that the host address is 10.0.3.1 . If lxc does not configure lxcbr0 on boot, you can do so manually:

diff --git a/bin/make-base-vm b/bin/make-base-vm index cc5fe5b..66a3704 100755 --- a/bin/make-base-vm +++ b/bin/make-base-vm @@ -68,7 +68,7 @@ if [ $ARCH = "amd64" -a $SUITE = "hardy" ]; then FLAVOUR=server fi

-addpkg=openssh-server,pciutils,build-essential,git-core,subversion +addpkg=openssh-server,pciutils,build-essential,git-core,subversion,lxc

# Remove cron to work around vmbuilder issue when umounting /dev on target removepkg=cron diff --git a/libexec/copy-from-target b/libexec/copy-from-target index 25133c4..a719f77 100755 --- a/libexec/copy-from-target +++ b/libexec/copy-from-target @@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then scp $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -P $VM_SSH_PORT -r $TUSER@localhost:$1 $2 else config-lxc - sudo lxc-start -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf - + sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf - fi diff --git a/libexec/copy-to-target b/libexec/copy-to-target index 82c102a..738bfba 100755 --- a/libexec/copy-to-target +++ b/libexec/copy-to-target @@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then tar -h -C `dirname "$1"` -cf - `basename "$1"` | ssh $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER@localhost -- tar -C "$2" -xf - else config-lxc - tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo lxc-start -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf - + tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf - fi diff --git a/libexec/on-target b/libexec/on-target index fe1f2ce..c8d8a48 100755 --- a/libexec/on-target +++ b/libexec/on-target @@ -52,5 +52,5 @@ if [ -z "$USE_LXC" ]; then ssh -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER@localhost $* else config-lxc - sudo lxc-start -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $* + sudo lxc-execute -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $* fi