[tbb-commits] [gitian-builder/tor-browser-builder-3] Default back to lxc-start, with option for lxc-execute

mikeperry at torproject.org mikeperry at torproject.org
Fri May 8 02:05:23 UTC 2015


commit 0c046177c514f63a0f723959e0ef37333fcd9f71
Author: Devrandom <c1.devrandom at niftybox.net>
Date:   Mon Sep 22 15:10:33 2014 -0700

    Default back to lxc-start, with option for lxc-execute
---
 README.md                |   11 ++++++++---
 RELEASE_NOTES            |    9 +++++++++
 libexec/copy-from-target |    2 +-
 libexec/copy-to-target   |    2 +-
 libexec/gconfig          |    3 +++
 libexec/on-target        |    2 +-
 6 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index dfe6ded..2f07c6a 100644
--- a/README.md
+++ b/README.md
@@ -138,13 +138,18 @@ TODO:
 
 ## LXC tips
 
-`bin/gbuild` runs `lxc-execute`, which may require root.  If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:
+`bin/gbuild` runs `lxc-execute` or `lxc-start`, which may require root.  If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:
 
     %admin ALL=NOPASSWD: /usr/bin/lxc-execute
+    %admin ALL=NOPASSWD: /usr/bin/lxc-start
 
-Recent distributions allow lxc-execute to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.
+Right now `lxc-start` is the default, but you can force `lxc-execute` (useful for Ubuntu 14.04) with:
 
-If you have a runaway `lxc-execute` command, just use `kill -9` on it.
+    export LXC_EXECUTE=lxc-execute
+
+Recent distributions allow lxc-execute / lxc-start to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.
+
+If you have a runaway `lxc-start` command, just use `kill -9` on it.
 
 The machine configuration requires access to lxcbr0 and assumes that the host address is 10.0.3.1 .  If lxc does not configure lxcbr0 on boot, you can do so manually:
 
diff --git a/RELEASE_NOTES b/RELEASE_NOTES
new file mode 100644
index 0000000..514cfdc
--- /dev/null
+++ b/RELEASE_NOTES
@@ -0,0 +1,9 @@
+Important:
+
+We are planning on switching from using lxc-start to using lxc-execute.  lxc-execute requires lxc-init (or init.lxc) to be available on the guest at one of the expected places.  You might have to manually install lxc on your base VM image or recreate the image.
+
+To enable this now (required for Ubuntu 14.04), do:
+
+  export LXC_EXECUTE=lxc-execute
+
+If your guest is more recent than the host, all bets are off, since lxc-execute may not be able to find the lxc init.
diff --git a/libexec/copy-from-target b/libexec/copy-from-target
index a719f77..f82da66 100755
--- a/libexec/copy-from-target
+++ b/libexec/copy-from-target
@@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then
     scp $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -P $VM_SSH_PORT -r $TUSER at localhost:$1 $2
 else
     config-lxc
-    sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf -
+    sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf -
 fi
diff --git a/libexec/copy-to-target b/libexec/copy-to-target
index 738bfba..f9d900e 100755
--- a/libexec/copy-to-target
+++ b/libexec/copy-to-target
@@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then
     tar -h -C `dirname "$1"` -cf - `basename "$1"` | ssh $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER at localhost -- tar -C "$2" -xf -
 else
     config-lxc
-    tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf -
+    tar -h -C `dirname "$1"` -cf - `basename "$1"` | sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf -
 fi
diff --git a/libexec/gconfig b/libexec/gconfig
index ee8baa7..fa69055 100644
--- a/libexec/gconfig
+++ b/libexec/gconfig
@@ -1 +1,4 @@
 VM_SSH_PORT=2223
+if [ -z "$LXC_EXECUTE" ]; then
+  LXC_EXECUTE=lxc-start
+fi
diff --git a/libexec/on-target b/libexec/on-target
index c8d8a48..ae653bd 100755
--- a/libexec/on-target
+++ b/libexec/on-target
@@ -52,5 +52,5 @@ if [ -z "$USE_LXC" ]; then
     ssh -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER at localhost $*
 else
     config-lxc
-    sudo lxc-execute -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $*
+    sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $*
 fi



More information about the tbb-commits mailing list