diff options
| author |   Serge Hallyn <serge.hallyn@canonical.com> | 2012-01-23 12:05:40 -0600 |
|---|---|---|
| committer |   Daniel Lezcano <daniel.lezcano@free.fr> | 2012-02-26 10:44:40 +0100 |
| commit | 2e44ed1e647d9fd1544b7ad855bda22ca71abd12 (patch) | |
| tree | 5bb91e9027fc543803d9d4ff763c0f3ad3add6d1 | |
| parent | lxc-ubuntu: add /dev/full, /dev/hpet, and /dev/kvm to devices whitelist (diff) | |
| download | lxc-2e44ed1e647d9fd1544b7ad855bda22ca71abd12.tar.gz lxc-2e44ed1e647d9fd1544b7ad855bda22ca71abd12.tar.bz2 lxc-2e44ed1e647d9fd1544b7ad855bda22ca71abd12.zip | |
lxc-ubuntu: use release-updates and release-security
Particularly for LTS releases, which many people will want to use in
their containers, it is not wise to not use -security and -updates.
Furthermore the fix allowing ssh to allow the container to shut down
is in lucid-updates only.
With this patch, after debootstrapping a container, we add -updates
and -security to sources.list and do an apt-get upgrade under chroot.
Unfortunately we need to do this because debootstrap doesn't know how
to.
Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
| -rw-r--r-- | templates/lxc-ubuntu.in | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/templates/lxc-ubuntu.in b/templates/lxc-ubuntu.in index d7e9b8c..af17ef0 100644 --- a/templates/lxc-ubuntu.in +++ b/templates/lxc-ubuntu.in @@ -133,6 +133,55 @@ EOF return 1 fi + # Serge isn't sure whether we should avoid doing this when + # $release == `distro-info -d` + echo "Installing updates" + case $arch in + amd64|i386) + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} + SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.ubuntu.com/ubuntu} + ;; + sparc) + case $SUITE in + gutsy) + MIRROR=${MIRROR:-http://archive.ubuntu.com/ubuntu} + SECURITY_MIRROR=${SECURITY_MIRRORMIRROR:-http://security.ubuntu.com/ubuntu} + ;; + *) + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} + ;; + esac + ;; + *) + MIRROR=${MIRROR:-http://ports.ubuntu.com/ubuntu-ports} + SECURITY_MIRROR=${SECURITY_MIRROR:-http://ports.ubuntu.com/ubuntu-ports} + ;; + esac + cat >> "$1/partial-${arch}/etc/apt/sources.list" << EOF +deb $MIRROR ${release}-updates main universe +deb $SECURITY_MIRROR ${release}-security main universe +EOF + chroot "$1/partial-${arch}" apt-get update + if [ $? -ne 0 ]; then + echo "Failed to update the apt cache" + return 1 + fi + cat > "$1/partial-${arch}"/usr/sbin/policy-rc.d << EOF +#!/bin/sh +exit 101 +EOF + chmod +x "$1/partial-${arch}"/usr/sbin/policy-rc.d + + lxc-unshare -s MOUNT -- chroot "$1/partial-${arch}" apt-get dist-upgrade -y + ret=$? + rm -f "$1/partial-${arch}"/usr/sbin/policy-rc.d + + if [ $ret -ne 0 ]; then + echo "Failed to upgrade the cache" + return 1 + fi + mv "$1/partial-$arch" "$1/rootfs-$arch" echo "Download complete" return 0 @@ -359,8 +408,9 @@ post_process() if [ $release = "lucid" -o $release = "maverick" ]; then chroot $rootfs apt-get install --force-yes -y python-software-properties chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa - chroot $rootfs apt-get update fi + cp /etc/resolv.conf "${rootfs}/etc" + chroot $rootfs apt-get update chroot $rootfs apt-get install --force-yes -y lxcguest fi } |