Quoting Bogdan Purcareata (bogdan.purcare...@freescale.com): > This patch supports the scenario where a user wants to install a > busybox container on a busybox host. > > When running the template, in order to change the root password, > the template needs to do the chroot. On busybox-powered hosts, chroot > is not part of the coreutils package - it's part of busybox. And the > busybox implementation or chroot only works if it has /lib in the new > root populated with the right binaries (or at least that's the > solution I found to make it work). > > The temporarily bind-mounts /lib in the NEWROOT, chroots there, > changes the password, goes back and unmounts. This set of operations > is contained in a new MOUNT namespace, using the lxc-unshare call. > > Signed-off-by: Bogdan Purcareata <bogdan.purcare...@freescale.com>
Thanks much, Bogdan. There are other parts of templates which should be doing this too. Given how unwieldy it is, we should have a helper for this. We should merge this patch now, then at some point I (or someone) should add a helper to lxc.functions which runs a set of commands in a fresh namespace. Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com> BTW, what about cases where the library path is more complicated, i.e. might /lib64 or others need to be bind-mounted as well? (Even if so that shouldn't stop us taking this patch as it obviously is fixing a problem for Bogdan, and won't break others). > --- > templates/lxc-busybox.in | 30 ++++++++++++++++++++++++++++-- > 1 file changed, 28 insertions(+), 2 deletions(-) > > diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in > index cb425ec..2ca2bfd 100644 > --- a/templates/lxc-busybox.in > +++ b/templates/lxc-busybox.in > @@ -189,9 +189,35 @@ configure_busybox() > # passwd exec must be setuid > chmod +s $rootfs/bin/passwd > touch $rootfs/etc/shadow > - echo "setting root passwd to root" > - echo "root:root" | chroot $rootfs chpasswd > > + # setting passwd for root > + CHPASSWD_FILE=$rootfs/root/chpasswd.sh > + > + cat <<EOF >$CHPASSWD_FILE > +echo "setting root password to \"root\"" > + > +mount --bind /lib $rootfs/lib > +if [ \$? -ne 0 ]; then > + echo "Failed bind-mounting /lib at $rootfs/lib" > + exit 1 > +fi > + > +chroot $rootfs chpasswd <<EOFF 2>/dev/null > +root:root > +EOFF > + > + > +if [ \$? -ne 0 ]; then > + echo "Failed to change root password" > + exit 1 > +fi > + > +umount $rootfs/lib > + > +EOF > + > + lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE > + rm $CHPASSWD_FILE > > # add ssh functionality if dropbear package available on host > which dropbear >/dev/null 2>&1 > -- > 1.7.11.7 > > > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use > our toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > Lxc-devel mailing list > Lxc-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lxc-devel ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
