commit 0c046177c514f63a0f723959e0ef37333fcd9f71 Author: Devrandom c1.devrandom@niftybox.net Date: Mon Sep 22 15:10:33 2014 -0700

Default back to lxc-start, with option for lxc-execute --- README.md | 11 ++++++++--- RELEASE_NOTES | 9 +++++++++ libexec/copy-from-target | 2 +- libexec/copy-to-target | 2 +- libexec/gconfig | 3 +++ libexec/on-target | 2 +- 6 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md index dfe6ded..2f07c6a 100644 --- a/README.md +++ b/README.md @@ -138,13 +138,18 @@ TODO:

## LXC tips

-`bin/gbuild` runs `lxc-execute`, which may require root. If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time: +`bin/gbuild` runs `lxc-execute` or `lxc-start`, which may require root. If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:

%admin ALL=NOPASSWD: /usr/bin/lxc-execute + %admin ALL=NOPASSWD: /usr/bin/lxc-start

-Recent distributions allow lxc-execute to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`. +Right now `lxc-start` is the default, but you can force `lxc-execute` (useful for Ubuntu 14.04) with:

-If you have a runaway `lxc-execute` command, just use `kill -9` on it. + export LXC_EXECUTE=lxc-execute + +Recent distributions allow lxc-execute / lxc-start to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`. + +If you have a runaway `lxc-start` command, just use `kill -9` on it.

The machine configuration requires access to lxcbr0 and assumes that the host address is 10.0.3.1 . If lxc does not configure lxcbr0 on boot, you can do so manually:

diff --git a/RELEASE_NOTES b/RELEASE_NOTES new file mode 100644 index 0000000..514cfdc --- /dev/null +++ b/RELEASE_NOTES @@ -0,0 +1,9 @@ +Important: + +We are planning on switching from using lxc-start to using lxc-execute. lxc-execute requires lxc-init (or init.lxc) to be available on the guest at one of the expected places. You might have to manually install lxc on your base VM image or recreate the image. + +To enable this now (required for Ubuntu 14.04), do: + + export LXC_EXECUTE=lxc-execute + +If your guest is more recent than the host, all bets are off, since lxc-execute may not be able to find the lxc init. diff --git a/libexec/copy-from-target b/libexec/copy-from-target index a719f77..f82da66 100755 --- a/libexec/copy-from-target +++ b/libexec/copy-from-target @@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then scp $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -P $VM_SSH_PORT -r $TUSER@localhost:$1 $2 else config-lxc - sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf - + sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf - fi diff --git a/libexec/copy-to-target b/libexec/copy-to-target index 738bfba..f9d900e 100755 --- a/libexec/copy-to-target +++ b/libexec/copy-to-target @@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then tar -h -C `dirname "$1"` -cf - `basename "$1"` | ssh $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER@localhost -- tar -C "$2" -xf - else config-lxc - tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf - + tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf - fi diff --git a/libexec/gconfig b/libexec/gconfig index ee8baa7..fa69055 100644 --- a/libexec/gconfig +++ b/libexec/gconfig @@ -1 +1,4 @@ VM_SSH_PORT=2223 +if [ -z "$LXC_EXECUTE" ]; then + LXC_EXECUTE=lxc-start +fi diff --git a/libexec/on-target b/libexec/on-target index c8d8a48..ae653bd 100755 --- a/libexec/on-target +++ b/libexec/on-target @@ -52,5 +52,5 @@ if [ -z "$USE_LXC" ]; then ssh -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER@localhost $* else config-lxc - sudo lxc-execute -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $* + sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $* fi