Skip to content

L
lxc
Commit ce4c4ca4 by Bogdan Purcareata Committed by Stéphane Graber
Options

lxc-template: enable chroot + chpasswd functionality for Busybox hosts

This patch supports the scenario where a user wants to install a busybox container on a busybox host. When running the template, in order to change the root password, the template needs to do the chroot. On busybox-powered hosts, chroot is not part of the coreutils package - it's part of busybox. And the busybox implementation or chroot only works if it has /lib in the new root populated with the right binaries (or at least that's the solution I found to make it work). The temporarily bind-mounts /lib in the NEWROOT, chroots there, changes the password, goes back and unmounts. This set of operations is contained in a new MOUNT namespace, using the lxc-unshare call. Signed-off-by: 's avatarBogdan Purcareata <bogdan.purcareata@freescale.com> Acked-by: 's avatarSerge E. Hallyn <serge.hallyn@ubuntu.com>
parent 8e7da691
Showing with 28 additions and 2 deletions
templates/lxc-busybox.in
...@@ -189,9 +189,35 @@ configure_busybox() ...@@ -189,9 +189,35 @@ configure_busybox()
# passwd exec must be setuid # passwd exec must be setuid
chmod +s $rootfs/bin/passwd chmod +s $rootfs/bin/passwd
touch $rootfs/etc/shadow touch $rootfs/etc/shadow
echo "setting root passwd to root"
echo "root:root" | chroot $rootfs chpasswd
# setting passwd for root
CHPASSWD_FILE=$rootfs/root/chpasswd.sh
cat <<EOF >$CHPASSWD_FILE
echo "setting root password to \"root\""
mount --bind /lib $rootfs/lib
if [ \$? -ne 0 ]; then
echo "Failed bind-mounting /lib at $rootfs/lib"
exit 1
fi
chroot $rootfs chpasswd <<EOFF 2>/dev/null
root:root
EOFF
if [ \$? -ne 0 ]; then
echo "Failed to change root password"
exit 1
fi
umount $rootfs/lib
EOF
lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE
rm $CHPASSWD_FILE
# add ssh functionality if dropbear package available on host # add ssh functionality if dropbear package available on host
which dropbear >/dev/null 2>&1 which dropbear >/dev/null 2>&1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment