init: Add upstart jobs and some more changes (v3)

config/Makefile.am

-SUBDIRS = etc templates
+SUBDIRS = etc init templates

config/init/Makefile.am

+SUBDIRS = systemd sysvinit upstart

config/init/systemd/Makefile.am

+EXTRA_DIST = \
+	lxc-devsetup \
+	lxc.service
+
+if INIT_SCRIPT_SYSTEMD
+if HAVE_DEBIAN
+SYSTEMD_UNIT_DIR = /lib/systemd/system
+else
+SYSTEMD_UNIT_DIR = /usr/lib/systemd/system
+endif
+install-systemd: lxc.service lxc-devsetup
+	$(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR)
+	$(INSTALL_DATA) lxc.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/
+
+uninstall-systemd:
+	rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc.service
+	rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || :
+pkglibexec_SCRIPTS = lxc-devsetup
+else
+install-systemd:
+uninstall-systemd:
+endif
+
+install-data-local: install-systemd
+
+uninstall-local: uninstall-systemd

config/init/sysvinit/Makefile.am

+EXTRA_DIST = lxc
+
+if INIT_SCRIPT_SYSV
+install-sysvinit: lxc
+	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/rc.d/init.d
+	$(INSTALL_SCRIPT) lxc $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
+
+uninstall-sysvinit:
+	rm -f $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
+	rmdir $(DESTDIR)$(sysconfdir)/rc.d/init.d || :
+else
+install-sysvinit:
+uninstall-sysvinit:
+endif
+
+install-data-local: install-sysvinit
+
+uninstall-local: uninstall-sysvinit

config/init/upstart/Makefile.am

+EXTRA_DIST = lxc.conf lxc-instance.conf lxc-net.conf
+
+if INIT_SCRIPT_UPSTART
+install-upstart: lxc.conf lxc-instance.conf lxc-net.conf
+	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/init/
+	$(INSTALL_DATA) lxc.conf $(DESTDIR)$(sysconfdir)/init/
+	$(INSTALL_DATA) lxc-instance.conf $(DESTDIR)$(sysconfdir)/init/
+	$(INSTALL_DATA) lxc-net.conf $(DESTDIR)$(sysconfdir)/init/
+
+uninstall-upstart:
+	rm -f $(DESTDIR)$(sysconfdir)/init/lxc.conf
+	rm -f $(DESTDIR)$(sysconfdir)/init/lxc-instance.conf
+	rm -f $(DESTDIR)$(sysconfdir)/init/lxc-net.conf
+	rmdir $(DESTDIR)$(sysconfdir)/init || :
+else
+install-upstart:
+uninstall-upstart:
+endif
+
+install-data-local: install-upstart
+
+uninstall-local: uninstall-upstart

config/init/upstart/lxc-instance.conf

+description "lxc instance"
+author "Christian Kampka <chris@emerge-life.de>"
+
+stop on stopping lxc
+
+# wait for 120 seconds for container to shutdown before killing it
+kill timeout 120
+
+# send SIGPWR to container to trigger a shutdown (see lxc-shutdown(1))
+kill signal SIGPWR
+
+
+instance $NAME
+usage "NAME=name of LXC instance"
+
+pre-start script
+	lxc-wait -s RUNNING -n $NAME -t 0 && { stop; exit 0; } || true
+end script
+
+script
+	exec lxc-start -n $NAME
+end script

config/init/upstart/lxc-net.conf

+description "lxc network"
+author "Serge Hallyn <serge.hallyn@canonical.com>"
+
+start on starting lxc
+stop on stopped lxc
+
+env USE_LXC_BRIDGE="false"
+env LXC_BRIDGE="lxcbr0"
+env LXC_ADDR="10.0.3.1"
+env LXC_NETMASK="255.255.255.0"
+env LXC_NETWORK="10.0.3.0/24"
+env LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
+env LXC_DHCP_MAX="253"
+env LXC_DHCP_CONFILE=""
+env varrun="/var/run/lxc"
+env LXC_DOMAIN=""
+
+pre-start script
+	[ -f /etc/default/lxc ] && . /etc/default/lxc
+
+	[ "x$USE_LXC_BRIDGE" = "xtrue" ] || { stop; exit 0; }
+
+	use_iptables_lock="-w"
+	iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock=""
+	cleanup() {
+		# dnsmasq failed to start, clean up the bridge
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
+		iptables $use_iptables_lock -t nat -D POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true
+		iptables $use_iptables_lock -t mangle -D POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
+		ifconfig ${LXC_BRIDGE} down || true
+		brctl delbr ${LXC_BRIDGE} || true
+	}
+
+	if [ -d /sys/class/net/${LXC_BRIDGE} ]; then
+		if [ ! -f ${varrun}/network_up ]; then
+			# bridge exists, but we didn't start it
+			stop;
+		fi
+		exit 0;
+	fi
+
+	# set up the lxc network
+	brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in kernel"; stop; exit 0; }
+	echo 1 > /proc/sys/net/ipv4/ip_forward
+	mkdir -p ${varrun}
+	ifconfig ${LXC_BRIDGE} ${LXC_ADDR} netmask ${LXC_NETMASK} up
+	iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
+	iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
+	iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
+	iptables $use_iptables_lock -I INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
+	iptables $use_iptables_lock -t nat -A POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE
+	iptables $use_iptables_lock -t mangle -A POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
+
+	LXC_DOMAIN_ARG=""
+	if [ -n "$LXC_DOMAIN" ]; then
+		LXC_DOMAIN_ARG="-s $LXC_DOMAIN"
+	fi
+	dnsmasq $LXC_DOMAIN_ARG -u lxc-dnsmasq --strict-order --bind-interfaces --pid-file=${varrun}/dnsmasq.pid --conf-file=${LXC_DHCP_CONFILE} --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override --except-interface=lo --interface=${LXC_BRIDGE} --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases --dhcp-authoritative || cleanup
+	touch ${varrun}/network_up
+end script
+
+post-stop script
+	[ -f /etc/default/lxc ] && . /etc/default/lxc
+	[ -f "${varrun}/network_up" ] || exit 0;
+	# if $LXC_BRIDGE has attached interfaces, don't shut it down
+	ls /sys/class/net/${LXC_BRIDGE}/brif/* > /dev/null 2>&1 && exit 0;
+
+	if [ -d /sys/class/net/${LXC_BRIDGE} ]; then
+		use_iptables_lock="-w"
+		iptables -w -L -n 2>&1 > /dev/null || use_iptables_lock=""
+		ifconfig ${LXC_BRIDGE} down
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 67 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 67 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p udp --dport 53 -j ACCEPT
+		iptables $use_iptables_lock -D INPUT -i ${LXC_BRIDGE} -p tcp --dport 53 -j ACCEPT
+		iptables $use_iptables_lock -t nat -D POSTROUTING -s ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true
+		iptables $use_iptables_lock -t mangle -D POSTROUTING -o ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
+		pid=`cat ${varrun}/dnsmasq.pid 2>/dev/null` && kill -9 $pid || true
+		rm -f ${varrun}/dnsmasq.pid
+		brctl delbr ${LXC_BRIDGE}
+	fi
+	rm -f ${varrun}/network_up
+end script

config/init/upstart/lxc.conf

+description "lxc"
+author "Serge Hallyn <serge.hallyn@canonical.com>"
+
+start on runlevel [2345]
+stop on starting rc RUNLEVEL=[016]
+
+env LXC_AUTO="false"
+
+pre-start script
+	[ -f /etc/default/lxc ] && . /etc/default/lxc
+
+	# don't load profiles if mount mediation is not supported
+	SYSF=/sys/kernel/security/apparmor/features/mount/mask
+	if [ -f $SYSF ]; then
+		if [ -x /lib/init/apparmor-profile-load ]; then
+			/lib/init/apparmor-profile-load usr.bin.lxc-start
+			/lib/init/apparmor-profile-load lxc-containers
+		fi
+	fi
+
+	[ "x$LXC_AUTO" = "xtrue" ] || exit 0
+
+	lxc-autostart -L | while read line; do
+		set -- $line
+		(start lxc-instance NAME=$1 && sleep $2) || true
+	done
+end script

configure.ac

@@ -78,7 +78,7 @@ AM_CONDITIONAL([DISTRO_UBUNTU], [test "x$with_distro" = "xubuntu"])
 AC_MSG_CHECKING([for init system type])
 AC_ARG_WITH([init-script],
 	    [AC_HELP_STRING([--with-init-script@<:@=TYPE@<:@,TYPE,...@:>@@:>@],
-			    [Type(s) of init script to install: sysv, systemd, upstart,
+			    [Type(s) of init script to install: sysvinit, systemd, upstart,
 			     distro @<:@default=distro@:>@])],[],[with_init_script=distro])
 case "$with_init_script" in
 	distro)
@@ -87,17 +87,17 @@ case "$with_init_script" in
 				init_script=systemd
 				;;
 			redhat|centos|oracle|oracleserver)
-				init_script=sysv
+				init_script=sysvinit
 				;;
 			debian)
-				init_script=sysv,upstart,systemd
+				init_script=upstart,systemd
 				;;
 			ubuntu)
 				init_script=upstart
 				;;
 			*)
-				echo -n "Linux distribution init system unknown, defaulting to sysv"
-				init_script=sysv
+				echo -n "Linux distribution init system unknown."
+				init_script=
 				;;
 		esac
 		;;
@@ -110,7 +110,7 @@ esac
 (IFS="," ; for init_sys in $init_script;
 do
 	case "$init_sys" in
-		none|sysv|systemd|upstart)
+		none|sysvinit|systemd|upstart)
 			;;
 		*)
 			exit 1
@@ -118,7 +118,7 @@ do
 	esac
 done) || AC_MSG_ERROR([Unknown init system type in $init_script])
 
-AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysv"])
+AM_CONDITIONAL([INIT_SCRIPT_SYSV], [echo "$init_script" |grep -q "sysvinit"])
 AM_CONDITIONAL([INIT_SCRIPT_SYSTEMD], [echo "$init_script" |grep -q "systemd"])
 AM_CONDITIONAL([INIT_SCRIPT_UPSTART], [echo "$init_script" |grep -q "upstart"])
 AC_MSG_RESULT($init_script)
@@ -547,6 +547,10 @@ AC_CONFIG_FILES([
 	lxc.spec
 
 	config/Makefile
+	config/init/Makefile
+	config/init/sysvinit/Makefile
+	config/init/systemd/Makefile
+	config/init/upstart/Makefile
 	config/etc/Makefile
 	config/templates/Makefile
 	config/templates/debian.common.conf

lxc.spec.in

@@ -31,7 +31,7 @@
 BuildRequires: systemd-units
 %else
 %global with_systemd 0
-%define init_script sysv
+%define init_script sysvinit
 %endif
 
 # RPM needs alpha/beta/rc in Release: not Version: to ensure smooth

src/lxc/Makefile.am

@@ -165,11 +165,8 @@ bin_SCRIPTS = \
 
 EXTRA_DIST = \
 	lxc-device \
-	lxc-devsetup \
 	lxc-ls \
-	lxc-top \
-	lxc.service \
-	lxc.sysvinit
+	lxc-top
 
 if ENABLE_PYTHON
 bin_SCRIPTS += lxc-device
@@ -212,43 +209,6 @@ bin_PROGRAMS = \
 pkglibexec_PROGRAMS = \
 	lxc-init
 
-if INIT_SCRIPT_SYSV
-install-init: lxc.sysvinit
-	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/rc.d/init.d
-	$(INSTALL_SCRIPT) lxc.sysvinit $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
-
-uninstall-init:
-	rm -f $(DESTDIR)$(sysconfdir)/rc.d/init.d/lxc
-	rmdir $(DESTDIR)$(sysconfdir)/rc.d/init.d || :
-else
-install-init:
-uninstall-init:
-endif
-
-if INIT_SCRIPT_SYSTEMD
-SYSTEMD_UNIT_DIR = /usr/lib/systemd/system
-install-systemd: lxc.service lxc-devsetup
-	$(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR)
-	$(INSTALL_DATA) lxc.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/
-
-uninstall-systemd:
-	rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc.service
-	rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || :
-pkglibexec_SCRIPTS = lxc-devsetup
-else
-install-systemd:
-uninstall-systemd:
-endif
-
-if INIT_SCRIPT_UPSTART
-# FIXME: install/uninstall upstart script here
-install-upstart:
-uninstall-upstart:
-else
-install-upstart:
-uninstall-upstart:
-endif
-
 AM_LDFLAGS = -Wl,-E
 if ENABLE_RPATH
 AM_LDFLAGS += -Wl,-rpath -Wl,$(libdir)
@@ -286,10 +246,6 @@ lxc_snapshot_SOURCES = lxc_snapshot.c
 lxc_usernsexec_SOURCES = lxc_usernsexec.c
 lxc_user_nic_SOURCES = lxc_user_nic.c network.c network.h
 
-install-data-local: install-init install-systemd install-upstart
-
-uninstall-local: uninstall-init uninstall-systemd uninstall-upstart
-
 install-exec-local: install-soPROGRAMS
 	mkdir -p $(DESTDIR)$(datadir)/lxc
 	install -c -m 644 lxc.functions $(DESTDIR)$(datadir)/lxc