This commit tweaks the layout of the config file for the Ubuntu templates.
With this, we now get a clear network config group, then a path related group,
then a bunch of random config options and the end of the config is apparmor,
capabilities and cgroups.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
templates/lxc-ubuntu-cloud.in | 14 +++++++-------
templates/lxc-ubuntu.in | 11 +++++------
2 files changed, 12 insertions(+), 13 deletions(-)
diff --git a/templates/lxc-ubuntu-cloud.in b/templates/lxc-ubuntu-cloud.in
index de9f3c3..9ee8fb1 100644
--- a/templates/lxc-ubuntu-cloud.in
+++ b/templates/lxc-ubuntu-cloud.in
@@ -41,21 +41,21 @@ copy_configuration()
# associated hwaddr.
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
if [ $nics -eq 1 ]; then
- grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
-lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g;
s/.$//')
-EOF
+ grep -q "^lxc.network.hwaddr" $path/config || sed -i -e
"/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr =
00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
fi
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs =
$rootfs" >> $path/config
cat <<EOF >> $path/config
-lxc.utsname = $name
+lxc.mount = $path/fstab
+lxc.pivotdir = lxc_putold
+lxc.devttydir =$ttydir
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $path/fstab
+
+lxc.utsname = $name
lxc.arch = $arch
-lxc.cap.drop = sys_module mac_admin
-lxc.pivotdir = lxc_putold
+lxc.cap.drop = sys_module mac_admin mac_override
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
diff --git a/templates/lxc-ubuntu.in b/templates/lxc-ubuntu.in
index a2fc952..39c5a1c 100644
--- a/templates/lxc-ubuntu.in
+++ b/templates/lxc-ubuntu.in
@@ -319,22 +319,21 @@ copy_configuration()
# associated hwaddr.
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
if [ $nics -eq 1 ]; then
- grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
-lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g;
s/.$//')
-EOF
+ grep -q "^lxc.network.hwaddr" $path/config || sed -i -e
"/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr =
00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
fi
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs =
$rootfs" >> $path/config
cat <<EOF >> $path/config
-lxc.utsname = $name
+lxc.mount = $path/fstab
+lxc.pivotdir = lxc_putold
lxc.devttydir =$ttydir
lxc.tty = 4
lxc.pts = 1024
-lxc.mount = $path/fstab
+
+lxc.utsname = $name
lxc.arch = $arch
lxc.cap.drop = sys_module mac_admin mac_override
-lxc.pivotdir = lxc_putold
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
--
1.8.1.2
------------------------------------------------------------------------------
The Go Parallel Website, sponsored by Intel - in partnership with Geeknet,
is your hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials, tech docs,
whitepapers, evaluation guides, and opinion stories. Check out the most
recent posts - join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
