diff options
Diffstat (limited to 'libexec/container')
| -rwxr-xr-x | libexec/container/auto | 51 | ||||
| -rwxr-xr-x | libexec/container/build | 4 | ||||
| -rwxr-xr-x | libexec/container/console | 2 | ||||
| -rwxr-xr-x | libexec/container/enter | 4 | ||||
| -rwxr-xr-x | libexec/container/get | 2 | ||||
| -rwxr-xr-x | libexec/container/info | 28 | ||||
| -rwxr-xr-x | libexec/container/key | 10 | ||||
| -rwxr-xr-x | libexec/container/limit | 2 | ||||
| -rwxr-xr-x | libexec/container/list | 8 | ||||
| -rwxr-xr-x | libexec/container/log | 2 | ||||
| -rwxr-xr-x | libexec/container/move | 2 | ||||
| -rwxr-xr-x | libexec/container/rebuild | 152 | ||||
| -rwxr-xr-x | libexec/container/remove | 4 | ||||
| -rwxr-xr-x | libexec/container/restart | 39 | ||||
| -rwxr-xr-x | libexec/container/start | 35 | ||||
| -rwxr-xr-x | libexec/container/stop | 79 | ||||
| -rwxr-xr-x | libexec/container/top | 2 | ||||
| -rwxr-xr-x | libexec/container/update | 2 | ||||
| -rwxr-xr-x | libexec/container/version | 2 |
19 files changed, 372 insertions, 58 deletions
diff --git a/libexec/container/auto b/libexec/container/auto index de5f292..83c5c50 100755 --- a/libexec/container/auto +++ b/libexec/container/auto @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -111,17 +111,50 @@ esac for FILE in "${CONFIG}"/*.conf do - if grep -Eqs "^ *cnt.auto=force-true" "${FILE}" + if ! grep -Eqs "^ *cnt.container-server=${HOST}" "${FILE}" then - OPTIONS="${OPTIONS} -f" + continue fi - if grep -Eqs "^ *cnt.auto=(force-true|true)" "${FILE}" && grep -Eqs "^ *cnt.container-server=${HOST}" "${FILE}" - then - CONTAINER="$(basename ${FILE} .conf)" - - cnt ${ACTION} -n ${CONTAINER} ${OPTIONS} || true - fi + CONTAINER="$(basename ${FILE} .conf)" + CNT_AUTO="$(grep -Es "^ *cnt.auto=" ${FILE} | awk -F= '{ print $2 }')" + + case "${ACTION}" in + start) + case "${CNT_AUTO}" in + force-true) + OPTIONS="${OPTIONS} -f" + + cnt ${ACTION} -n ${CONTAINER} ${OPTIONS} || true + ;; + + last-on) + if grep -qs start "/var/lib/${SOFTWARE}/state/${CONTAINER}.run" || \ + [ ! -e "/var/lib/${SOFTWARE}/state/${CONTAINER}.run" ] + then + cnt start -n ${CONTAINER} ${OPTIONS} -f || true + fi + ;; + + last-off) + if grep -qs start "/var/lib/${SOFTWARE}/state/${CONTAINER}.run" + then + cnt start -n ${CONTAINER} ${OPTIONS} -f || true + fi + ;; + + true) + cnt ${ACTION} -n ${CONTAINER} ${OPTIONS} || true + ;; + esac + ;; + + stop) + OPTIONS="${OPTIONS} -f --stateless" + + cnt ${ACTION} -n ${CONTAINER} ${OPTIONS} || true + ;; + esac done # Post hooks diff --git a/libexec/container/build b/libexec/container/build index d6c938c..2c29730 100755 --- a/libexec/container/build +++ b/libexec/container/build @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -123,7 +123,7 @@ Parameters () Usage () { - echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [--cnt.auto=true|false|force-true] [--cnt.container-server=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [--cnt.overlay-options=OPTION[,OPTION]] [--cnt.start=OPTION[,OPTION]] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [--bind-ro DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-v|--verbose] [-- SCRIPT_OPTIONS]" >&2 + echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [--cnt.auto=true|false|force-true|last-on|last-off] [--cnt.container-server=true|false|FQDN] [--cnt.overlay=DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED] [--cnt.overlay-options=OPTION[,OPTION]] [--cnt.start=OPTION[,OPTION]] [-b|--bind DIRECTORY:DIRECTORY[:OPTIONS]] [--bind-ro DIRECTORY:DIRECTORY[:OPTIONS]] [-c|--capability CAPABILITY[,CAPABILITY]] [-d|--drop-capability DROP_CAPABILITY[,DROP_CAPABILITY]] [-s|--script SCRIPT] [-v|--verbose] [-- SCRIPT_OPTIONS]" >&2 echo echo "See ${COMMAND}(1), ${PROGRAM}(1) and ${PROJECT}(7) for more information." diff --git a/libexec/container/console b/libexec/container/console index 31da60d..be2b897 100755 --- a/libexec/container/console +++ b/libexec/container/console @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/enter b/libexec/container/enter index 604d714..b366ba6 100755 --- a/libexec/container/enter +++ b/libexec/container/enter @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -111,7 +111,7 @@ done SSH_CLIENT="${SSH_CLIENT:-127.0.0.1 0 0}" # Run -nsenter --all --target "${LEADER}" --wd="${MACHINES}/${NAME}/root" /usr/bin/script -c "LC_ALL=C.UTF-8 /bin/bash -l" -q /dev/null +nsenter --all --target "${LEADER}" --wd="${MACHINES}/${NAME}/root" /usr/bin/script -c "LC_ALL=C.UTF-8 SSH_CLIENT=\"${SSH_CLIENT}\" /bin/bash -l" -q /dev/null case "${SSH_CLIENT}" in 127.0.0.1*) diff --git a/libexec/container/get b/libexec/container/get index 2b41ba8..0d0f420 100755 --- a/libexec/container/get +++ b/libexec/container/get @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/info b/libexec/container/info index d030780..b713e7a 100755 --- a/libexec/container/info +++ b/libexec/container/info @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -143,30 +143,34 @@ esac VERSION_BASH="$(chroot ${MACHINES}/${NAME} apt-cache policy bash | awk '/Installed: / { print $2 }')" case "${VERSION_BASH}" in - 4.1*) + 4.1-*|4.1.[0-9]*) OS="Debian 6 (squeeze)" ;; - 4.2*) + 4.2-*|4.2.[0-9]*) OS="Debian 7 (wheezy)" ;; - 4.3*) + 4.3-*|4.3.[0-9]*) OS="Debian 8 (jessie)" ;; - 4.4*) + 4.4-*|4.4.[0-9]*) OS="Debian 9 (stretch)" ;; - 5.0*) + 5.0-*|5.0.[0-9]*) OS="Debian 10 (buster)" ;; - 5.1*) + 5.1-*|5.1.[0-9]*) OS="Debian 11 (bullseye)" ;; + 5.2-*|5.2.[0-9]*) + OS="Debian 12 (bookworm)" + ;; + *) OS="n/a" ;; @@ -174,16 +178,16 @@ esac case "${STATUS}" in started) - IP="$(cnt run -n ${NAME} -- hostname -I | awk '{ print $1 }')" + IP="$(cnt run -n ${NAME} -- hostname -I)" ;; *) - if ls "${MACHINES}/${CONTAINER}/etc/systemd/network"/*.network > /dev/null 2>&1 + if ls "${MACHINES}/${NAME}/etc/systemd/network"/*.network > /dev/null 2>&1 then - IP="$(awk -FAddress= '/^Address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/systemd/network/*.network | head -n1)" - elif [ -e "${MACHINES}/${CONTAINER}/etc/network/interfaces" ] + IP="$(awk -FAddress= '/^Address/ { printf "%s ", $2 }' ${MACHINES}/${NAME}/etc/systemd/network/*.network)" + elif [ -e "${MACHINES}/${NAME}/etc/network/interfaces" ] then - IP="$(awk '/address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/network/interfaces | head -n1)" + IP="$(awk '/address/ { printf "%s ", $2 }' ${MACHINES}/${NAME}/etc/network/interfaces)" fi IP="${IP:-n/a}" diff --git a/libexec/container/key b/libexec/container/key index e35c56c..efd214e 100755 --- a/libexec/container/key +++ b/libexec/container/key @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -146,12 +146,12 @@ case "${ACTION}" in if [ -e "${ADD}" ] then gpg --homedir "${KEYS}" --import "${ADD}" - elif [ -e "/usr/share/compute-tools/keys/${ADD}" ] + elif [ -e "/usr/share/${SOFTWARE}/keys/${ADD}" ] then - gpg --homedir "${KEYS}" --import "/usr/share/compute-tools/keys/${ADD}" - elif [ -e "/usr/share/compute-tools/keys/${ADD}.pub" ] + gpg --homedir "${KEYS}" --import "/usr/share/${SOFTWARE}/keys/${ADD}" + elif [ -e "/usr/share/${SOFTWARE}/keys/${ADD}.pub" ] then - gpg --homedir "${KEYS}" --import "/usr/share/compute-tools/keys/${ADD}.pub" + gpg --homedir "${KEYS}" --import "/usr/share/${SOFTWARE}/keys/${ADD}.pub" else gpg --homedir "${KEYS}" --recv "${ADD}" fi diff --git a/libexec/container/limit b/libexec/container/limit index 2c87b78..b7f6e9b 100755 --- a/libexec/container/limit +++ b/libexec/container/limit @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/list b/libexec/container/list index c112cc8..a56c1f8 100755 --- a/libexec/container/list +++ b/libexec/container/list @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -377,7 +377,7 @@ do *) LEADER="$(machinectl status ${CONTAINER} | awk '/Leader: / { print $2 }')" - ADDRESS="$(nsenter --all --target "${LEADER}" /bin/hostname -I | sed -e 's|\r$||' | awk '{ print $1 }')" + ADDRESS="$(nsenter --all --target "${LEADER}" /bin/hostname -I)" ;; esac @@ -387,10 +387,10 @@ do *) if ls "${MACHINES}/${CONTAINER}/etc/systemd/network"/*.network > /dev/null 2>&1 then - ADDRESS="$(awk -FAddress= '/^Address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/systemd/network/*.network | head -n1)" + ADDRESS="$(for IP in $(awk -FAddress= '/^Address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/systemd/network/*.network); do echo -n "${IP} "; done)" elif [ -e "${MACHINES}/${CONTAINER}/etc/network/interfaces" ] then - ADDRESS="$(awk '/address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/network/interfaces | head -n1)" + ADDRESS="$(for IP in $(awk '/address/ { print $2 }' ${MACHINES}/${CONTAINER}/etc/network/interfaces); do echo -n "${IP} "; done)" fi ADDRESS="${ADDRESS:-n/a}" diff --git a/libexec/container/log b/libexec/container/log index 9d11fd6..b7a000d 100755 --- a/libexec/container/log +++ b/libexec/container/log @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/move b/libexec/container/move index d41c995..fdc19e6 100755 --- a/libexec/container/move +++ b/libexec/container/move @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/rebuild b/libexec/container/rebuild new file mode 100755 index 0000000..e526520 --- /dev/null +++ b/libexec/container/rebuild @@ -0,0 +1,152 @@ +#!/bin/sh + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +set -e + +PROJECT="open-infrastructure" +SOFTWARE="compute-tools" +PROGRAM="container" +COMMAND="$(basename ${0})" + +HOOKS="/etc/${SOFTWARE}/hooks" +MACHINES="/var/lib/machines" + +Parameters () +{ + OPTIONS_ALL="" + + GETOPT_LONGOPTIONS="name:,force,verbose," + GETOPT_OPTIONS="n:,f,v," + + PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${COMMAND}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -n|--name) + NAME="${2}" + shift 2 + ;; + + -f|--force) + FORCE="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --force" + ;; + + -v|--verbose) + VERBOSE="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --verbose" + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${COMMAND}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [-f|--force] [-v|--verbose]" >&2 + echo + echo "See ${COMMAND}(1), ${PROGRAM}(1) and ${PROJECT}(7) for more information." + + exit 1 +} + +Parameters "${@}" + +if [ -z "${NAME}" ] +then + Usage +fi + +case "${NAME}" in + ALL) + NAMES="$(${PROGRAM} list --format shell --started)" + + for NAME in ${NAMES} + do + ${PROGRAM} rebuild,start --name ${NAME} ${OPTIONS_ALL} || true + done + + exit 0 + ;; +esac + +if [ ! -e "${MACHINES}/${NAME}" ] +then + echo "'${NAME}': no such container" >&2 + exit 1 +fi + +# Pre hooks +for FILE in "${HOOKS}/pre-${COMMAND}".* "${HOOKS}/${NAME}.pre-${COMMAND}" +do + if [ -x "${FILE}" ] + then + "${FILE}" + fi +done + +# Run +case "${VERBOSE}" in + true) + echo -n "Rebuilding container ${NAME}..." + ;; +esac + +${PROGRAM} stop ${OPTIONS_ALL} --name ${NAME} || true +sleep 0.5 +${PROGRAM} remove ${OPTIONS_ALL} --name ${NAME} || true +sleep 0.5 +${PROGRAM} build --name ${NAME} || true + +case "${VERBOSE}" in + true) + echo " done." + ;; +esac + +# Post hooks +for FILE in "${HOOKS}/post-${COMMAND}".* "${HOOKS}/${NAME}.post-${COMMAND}" +do + if [ -x "${FILE}" ] + then + "${FILE}" + fi +done diff --git a/libexec/container/remove b/libexec/container/remove index 03303a7..4cb5d48 100755 --- a/libexec/container/remove +++ b/libexec/container/remove @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -150,7 +150,7 @@ case "${STATE}" in case "${ALLOW_STOP}" in true) echo "'${NAME}': container is started, stopping it now" >&2 - ${PROGRAM} stop -n ${NAME} + ${PROGRAM} stop -n ${NAME} -f ;; *) diff --git a/libexec/container/restart b/libexec/container/restart index c172731..0eb753c 100755 --- a/libexec/container/restart +++ b/libexec/container/restart @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -31,8 +31,8 @@ Parameters () { OPTIONS_ALL="" - GETOPT_LONGOPTIONS="name:,verbose," - GETOPT_OPTIONS="n:,v," + GETOPT_LONGOPTIONS="name:,force,interactive,verbose," + GETOPT_OPTIONS="n:,f,i,v," PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -52,6 +52,20 @@ Parameters () shift 2 ;; + -f|--force) + FORCE="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --force" + ;; + + -i|--interactive) + INTERACTIVE="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --interactive" + ;; + -v|--verbose) VERBOSE="true" shift 1 @@ -74,7 +88,7 @@ Parameters () Usage () { - echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [-v|--verbose]" >&2 + echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [-f|--force] [-i|--interactive] [-v|--verbose]" >&2 echo echo "See ${COMMAND}(1), ${PROGRAM}(1) and ${PROJECT}(7) for more information." @@ -107,6 +121,23 @@ then exit 1 fi +if [ "${FORCE}" != "true" ] || [ "${INTERACTIVE}" = "true" ] +then + echo -n "'${NAME}': restart container '${NAME}' [y|N]? " + read STOP + + STOP="$(echo ${STOP} | tr '[A-Z]' '[a-z]')" + + case "${STOP}" in + y|yes) + ;; + + *) + exit 1 + ;; + esac +fi + # Pre hooks for FILE in "${HOOKS}/pre-${COMMAND}".* "${HOOKS}/${NAME}.pre-${COMMAND}" do diff --git a/libexec/container/start b/libexec/container/start index f899446..1f22325 100755 --- a/libexec/container/start +++ b/libexec/container/start @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -191,6 +191,13 @@ case "${HOST_ARCHITECTURE}" in ;; esac +if systemctl status systemd-networkd > /dev/null 2>&1 +then + NETWORK_SUBSYSTEM="systemd-networkd" +else + NETWORK_SUBSYSTEM="ifupdown" +fi + case "${START}" in start) ;; @@ -362,7 +369,7 @@ then NETWORK_VETH_EXTRA="${NETWORK_VETH_EXTRA} --network-veth-extra=${VETH}" INTERFACE="$(echo ${VETH} | awk -F: '{ print $1 }')" - if [ "$(echo ${INTERFACE} | wc -c)" -gt 15 ] + if [ "$(echo ${INTERFACE} | wc -c)" -gt 16 ] then echo "'${INTERFACE}': name exceeds maximum of 15 characters, network might be not working." fi @@ -382,7 +389,7 @@ then INTERFACE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $1 }')" BRIDGE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $2 }')" - if [ "$(echo ${INTERFACE} | wc -c)" -gt 15 ] + if [ "$(echo ${INTERFACE} | wc -c)" -gt 16 ] then echo "'${INTERFACE}': name exceeds maximum of 15 characters, network might be not working." fi @@ -390,6 +397,9 @@ then if [ -n "${BRIDGE}" ] && [ -n "${INTERFACE}" ] then + case "${NETWORK_SUBSYSTEM}" in + ifupdown) + cat > "/etc/network/interfaces.d/${INTERFACE}" << EOF allow-hotplug ${INTERFACE} iface ${INTERFACE} inet manual @@ -399,6 +409,22 @@ iface ${INTERFACE} inet manual post-down ip link set ${INTERFACE} down EOF + ;; + + systemd-networkd) + mkdir -p /run/systemd/network + +cat > "/run/systemd/network/${INTERFACE}.network" << EOF +[Match] +Name=${INTERFACE} + +[Network] +Bridge=${BRIDGE} +EOF + + networkctl reload + ;; + esac else echo "Warning bridge definition '${BRIDGE_DEFINITION}' not recognized (expected <bridge>:<interface>): Ignoring" fi @@ -530,6 +556,9 @@ case "${START}" in ;; esac + mkdir -p "/var/lib/${SOFTWARE}/state" + echo "start" > "/var/lib/${SOFTWARE}/state/${NAME}.run" + ${SETARCH} systemd-nspawn --keep-unit ${BIND} ${BIND_RO} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} case "${VERBOSE}" in diff --git a/libexec/container/stop b/libexec/container/stop index 98b2afa..8ca98ce 100755 --- a/libexec/container/stop +++ b/libexec/container/stop @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -34,8 +34,8 @@ Parameters () { OPTIONS_ALL="" - GETOPT_LONGOPTIONS="name:,force,clean,verbose," - GETOPT_OPTIONS="n:,f,v," + GETOPT_LONGOPTIONS="name:,force,interactive,kill,clean,stateless,verbose," + GETOPT_OPTIONS="n:,f,i,k,v," PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" @@ -62,6 +62,20 @@ Parameters () OPTIONS_ALL="${OPTIONS_ALL} --force" ;; + -i|--interactive) + INTERACTIVE="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --interactive" + ;; + + -k|--kill) + KILL="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --kill" + ;; + --clean) # internal option CLEAN="true" @@ -70,6 +84,14 @@ Parameters () OPTONS_ALL="${OPTIONS_ALL} --clean" ;; + --stateless) + # internal option + STATELESS="true" + shift 1 + + OPTIONS_ALL="${OPTIONS_ALL} --stateless" + ;; + -v|--verbose) VERBOSE="true" shift 1 @@ -92,7 +114,7 @@ Parameters () Usage () { - echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [-f|--force] [-v|--verbose]" >&2 + echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [-f|--force] [-i|--interactive] [-v|--verbose]" >&2 echo echo "See ${COMMAND}(1), ${PROGRAM}(1) and ${PROJECT}(7) for more information." @@ -146,6 +168,13 @@ then exit 1 fi +if systemctl status systemd-networkd > /dev/null 2>&1 +then + NETWORK_SUBSYSTEM="systemd-networkd" +else + NETWORK_SUBSYSTEM="ifupdown" +fi + # Pre hooks for FILE in "${HOOKS}/pre-${COMMAND}".* "${HOOKS}/${NAME}.pre-${COMMAND}" do @@ -220,7 +249,16 @@ case "${CLEAN}" in for VETH in ${VETHS} do INTERFACE="$(echo ${VETH} | awk -F: '{ print $1 }')" - FILE="/etc/network/interfaces.d/${INTERFACE}" + + case "${NETWORK_SUBSYSTEM}" in + ifupdown) + FILE="/etc/network/interfaces.d/${INTERFACE}" + ;; + + systemd-networkd) + FILE="/run/systemd/network/${INTERFACE}.network" + ;; + esac if [ -f "${FILE}" ] then @@ -247,7 +285,7 @@ case "${STATE}" in ;; esac -case "${FORCE}" in +case "${KILL}" in true) MODE="terminate" ;; @@ -257,6 +295,23 @@ case "${FORCE}" in ;; esac +if [ "${FORCE}" != "true" ] || [ "${INTERACTIVE}" = "true" ] +then + echo -n "'${NAME}': stop container '${NAME}' [y|N]? " + read STOP + + STOP="$(echo ${STOP} | tr '[A-Z]' '[a-z]')" + + case "${STOP}" in + y|yes) + ;; + + *) + exit 1 + ;; + esac +fi + # Run case "${VERBOSE}" in true) @@ -266,7 +321,7 @@ esac machinectl ${MODE} ${NAME} -case "${FORCE}" in +case "${KILL}" in true) VETHS="$(awk -Fnetwork-veth-extra= '/^network-veth-extra=/ { print $2 }' ${CONFIG}/${NAME}.conf | awk -F: '{ print $1 }')" @@ -279,6 +334,16 @@ case "${FORCE}" in ;; esac +case "${STATELESS}" in + true) + ;; + + *) + mkdir -p "/var/lib/${SOFTWARE}/state" + echo "stop" > "/var/lib/${SOFTWARE}/state/${NAME}.run" + ;; +esac + case "${VERBOSE}" in true) echo " done." diff --git a/libexec/container/top b/libexec/container/top index 20e2a29..268da9a 100755 --- a/libexec/container/top +++ b/libexec/container/top @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/update b/libexec/container/update index c5ff6c2..e2d9c80 100755 --- a/libexec/container/update +++ b/libexec/container/update @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # diff --git a/libexec/container/version b/libexec/container/version index 3b33a4d..e580688 100755 --- a/libexec/container/version +++ b/libexec/container/version @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2021 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # |