commit lxc.1265 for openSUSE:12.2:Update

5 Feb 2013

Hello community,

here is the log from the commit of package lxc.1265 for openSUSE:12.2:Update checked in at 2013-02-05 17:34:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.2:Update/lxc.1265 (Old)
 and      /work/SRC/openSUSE:12.2:Update/.lxc.1265.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "lxc.1265", Maintainer is ""

Changes:
--------
New Changes file:

--- /dev/null	2013-01-09 19:40:42.352580873 +0100
+++ /work/SRC/openSUSE:12.2:Update/.lxc.1265.new/lxc.changes	2013-02-05 17:34:46.000000000 +0100
@@ -0,0 +1,230 @@
+-------------------------------------------------------------------
+Thu Jan 10 18:29:54 CET 2013 - fcrozat@suse.com
+
+- Add lxc-opensuse-12.1-fixbuild.patch: fix openSUSE 12.1 container
+  build (bnc#786245).
+- Add lxc-opensuse-12.2.patch:
+  + switch openSUSE template to 12.2
+  + install iputils in the default configuration
+  + autoconfigure gateway if possible
+  + detect if network is set to 0.0.0.0 and configure DHCP
+  + bind mount /etc/resolv.conf in container
+- Add use-relative-paths-for-container.patch,
+  fix-lxc-clone-mount-entries.patch and update sles
+  template: use relative paths for container mount points, fixes
+  lxc-clone dropping some lxc.mount entries (bnc#789387).
+- Add Requires(post) dependency on aaa_base (bnc#786970).
+- Add dhcpcd in default installation in openSUSE template (bnc#776169).
+- Add change-hwaddr-on-clone.patch: modify MAC address when cloning
+  a container (git)
+- Add wait-until-container-is-stopped.patch: if destroying a
+  running container, wait until it is stopped before destroying it.
+- Ensure lxc-createconfig uses opensuse template by default.
+- Ensure lxc-createconfig correctly detect cidr (bnc#773234).
+- Add pivot-root_shared.patch: fix pivot root when / is mounted as
+  shared (default on 12.3 and later).
+
+-------------------------------------------------------------------
+Fri Apr 20 13:53:41 UTC 2012 - fcrozat@suse.com
+
+- Add various fixes to opensuse template :
+  + create /etc/hostname as symlink to /etc/HOSTNAME 
+    (lxc-clone fix)
+  + fix inadequate space in lxc.mount config (lxc-clone fix)
+  + disable network in container if not configured
+  + configure network scripts properly
+- Add lxc-snapshot-btrfs-lvm.patch: backport snapshot support,
+  using btrfs or lvm2.
+- Add lxc-opensuse-tmpfs.patch: ensure container shutting down is
+  correctly detected by LXC.
+
+-------------------------------------------------------------------
+Fri Apr 13 11:36:16 UTC 2012 - fcrozat@suse.com
+
+- Add lxc-createconfig script to easy LXC configuration
+  (bnc#723950).
+
+-------------------------------------------------------------------
+Tue Mar  6 21:11:54 CET 2012 - jslaby@suse.de
+
+- Accurately detect whether a system supports clone_children
+  (bnc#750470)
+
+-------------------------------------------------------------------
+Tue Jan 10 15:41:45 UTC 2012 - fcrozat@suse.com
+
+- Drop lxc-file_caps.patch, it is SLES specific, since openSUSE is
+  now shipping with file capabilities enabled.
+
+-------------------------------------------------------------------
+Fri Jan  6 15:51:32 UTC 2012 - fcrozat@suse.com
+
+- Update lxc-opensuse-12.1.patch to correctly generate containers
+  on x86 (bnc#739315).
+- Backport some fixes from SLES 11 SP2:
+  - Add lxc-checkconfig-kernel-3.patch and lxc-file_caps.patch:
+    fix detection of kernel 3.x and file capabilities (bnc#720845).
+  - Fix example path in manpages (bnc#723946).
+
+-------------------------------------------------------------------
+Tue Oct 25 11:35:10 UTC 2011 - fcrozat@suse.com
+
+- Add console to opensuse securetty, since we are in a container.
+
+-------------------------------------------------------------------
+Tue Oct 25 09:32:01 UTC 2011 - fcrozat@suse.com
+
+- Add lxc-opensuse-12.1.patch: create openSUSE 12.1 containers now
+- Add Recommends on build package, which is used by opensuse
+  template.
+- Update README.SUSE to current status for cgroups mountpoint
+
+-------------------------------------------------------------------
+Fri Sep  2 08:26:28 UTC 2011 - fcrozat@suse.com
+
+- Fix license tag, it is LGPLv2.1+ (using LGPLv2+ tag to be
+  consistent).
+
+-------------------------------------------------------------------
+Wed Aug 31 11:16:28 UTC 2011 - fcrozat@suse.com
+
+- Update to 0.7.5:
+  - add initial lxc-clone feature
+  - add arm as supported srcarch
+  - opensuse template is merged
+  - improve other distribution templates
+  - support cgroups mounted in multiple places
+
+-------------------------------------------------------------------
+Fri Jun 24 21:33:24 CEST 2011 - jslaby@suse.de
+
+- kill _service
+
+-------------------------------------------------------------------
+Fri Jun 24 14:09:02 UTC 2011 - fcrozat@suse.com
+
+- Add lxc-opensuse template.
+- package /var/lib/lxc.
+
+-------------------------------------------------------------------
+Fri May 27 21:16:56 CEST 2011 - jslaby@suse.de
+
+- update to 0.7.4.2
+  - exit if allocation fails
+  - ensure monitored container name is null terminated
+  - do not put devpts in fstab
+
+-------------------------------------------------------------------
+Thu Mar 24 14:22:15 UTC 2011 - brian@aljex.com
+
+- update to 0.7.4.1
+  - fix mount path
+  - rename physical device to the original name
+
+-------------------------------------------------------------------
+Mon Feb 28 18:03:32 CET 2011 - jslaby@suse.de
+
+- update to 0.7.4 final
+  - fix support for >= 2.6.37 kernels
+- update README.SUSE file -- it contained obsolete information
+
+-------------------------------------------------------------------
+Mon Feb 21 17:48:07 CET 2011 - jslaby@suse.de
+
+- update to 0.7.4-rc1+
+  - fix cgroups collision with systemd (bnc#673821)
+  - lxc-start output-to-file support
+  - better error reporting
+  - suppress udev log output
+  - many fixes
+
+-------------------------------------------------------------------
+Wed Dec 20 10:12:28 CEST 2010 - jslaby@suse.de
+
+- update to 0.7.3
+  - mount the rootfs to the mount directory first
+  - update the lxc.conf man page
+  - fix compilation and link errors
+  - don't play with the capabilities when we are root
+
+-------------------------------------------------------------------
+Wed Oct  6 09:02:28 CEST 2010 - jslaby@suse.de
+
+- update to 0.7.2
+
+-------------------------------------------------------------------
+Mon Jul  5 22:24:34 CEST 2010 - jslaby@suse.de
+
+- update to 0.7.1
+  * full list of changes since 0.6.5 at http://lxc.git.sourceforge.net
+
+-------------------------------------------------------------------
+Fri Mar  5 10:22:44 UTC 2010 - lnussel@suse.de
+
+- add README.SUSE
+- add %dir /var/lib/lxc
+
+-------------------------------------------------------------------
+Thu Mar  4 16:33:46 CET 2010 - jslaby@suse.de
+
+- update to 0.6.5
+
+-------------------------------------------------------------------
+Wed Aug 19 09:06:17 CEST 2009 - jslaby@suse.de
+
+- remove stddef.h workaround, linux-kernel-headers are fixed now
+
+-------------------------------------------------------------------
+Tue Aug 18 15:29:26 CEST 2009 - jslaby@suse.de
+
+- remove mkdir /var/lxc from %post rpm script
+
+-------------------------------------------------------------------
+Mon Aug 17 13:03:00 CEST 2009 - jslaby@suse.de
+
+- Remove old lxc hack from specfile
+- Fix factory build due to broken linux-kernel-headers
+  (add stddef.h to includes in configure.ac) and lxc automake file
+
+-------------------------------------------------------------------
+Thu Aug 13 08:51:03 UTC 2009 - adrian@suse.de
+
+- Add Requires to ensure that lxc-setcap is working
+
+-------------------------------------------------------------------
+Mon Aug 10 15:14:40 CEST 2009 - jslaby@suse.de
+
+- update to 0.6.3
++++ 33 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.2:Update/.lxc.1265.new/lxc.changes

New:
----
  Accurately-detect-whether-a-system-supports-clone_children.patch
  README.SUSE
  change-hwaddr-on-clone.patch
  fix-lxc-clone-mount-entries.patch
  lxc-0.7.5.tar.gz
  lxc-cgroup-already-running.patch
  lxc-cgroup-warning.patch
  lxc-checkconfig-kernel-3.patch
  lxc-cleanup-network-on-error.patch
  lxc-createconfig.in
  lxc-fix-warning-already-running.patch
  lxc-improve-gateway-detection.patch
  lxc-opensuse-12.1-fixbuild.patch
  lxc-opensuse-12.1.patch
  lxc-opensuse-12.2.patch
  lxc-opensuse-tmpfs.patch
  lxc-snapshot-btrfs-lvm.patch
  lxc.changes
  lxc.spec
  pivot-root_shared.patch
  use-relative-paths-for-container.patch
  wait-until-container-is-stopped.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ lxc.spec ++++++
#
# spec file for package lxc
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           lxc
Version:        0.7.5
Release:        0
Url:            http://lxc.sourceforge.net/
Summary:        Linux containers implementation
License:        LGPL-2.1+
Group:          System/Management
Source:         http://lxc.sourceforge.net/download/lxc/%{name}-%{version}.tar.gz
Source1:        README.SUSE
Source2:        lxc-createconfig.in
# PATCH-FIX-UPSTREAM update openSUSE template to use 12.1 and various fixes
Patch0:         lxc-opensuse-12.1.patch
# PATCH-FIX-UPSTREAM lxc-checkconfig-kernel-3.patch bnc#720845 fcrozat@suse.com -- correctly detect kernel 3.x
Patch1:         lxc-checkconfig-kernel-3.patch
Patch2:         Accurately-detect-whether-a-system-supports-clone_children.patch
# PATCH-FIX-UPSTREAM lxc-snapshot-btrfs-lvm.patch fcrozat@suse.com -- backport support for btrfs and lvm based snapshots (git)
Patch3:         lxc-snapshot-btrfs-lvm.patch
# PATCH-FIX-UPSTREAM lxc-opensuse-tmpfs.patch fcrozat@suse.com -- fix shutdown in openSUSE container
Patch4:         lxc-opensuse-tmpfs.patch
# PATCH-FIX-UPSTREAM lxc-opensuse-12.1-fixbuild.patch bnc#786245 fcrozat@suse.com -- fix build
Patch5:         lxc-opensuse-12.1-fixbuild.patch
# PATCH-FIX-UPSTREAM lxc-cgroup-warning.patch fcrozat@suse.com -- explain cgroups aren't mounted when starting fails
Patch6:         lxc-cgroup-warning.patch
# PATCH-FIX-UPSTREAM lxc-fix-warning-already-running.patch fcrozat@suse.com -- warn if container is already running
Patch7:         lxc-fix-warning-already-running.patch
# PATCH-FIX-UPSTREAM lxc-cleanup-network-on-error.patch fcrozat@suse.com -- cleanup network virtual interface on error
Patch8:         lxc-cleanup-network-on-error.patch
# PATCH-FIX-UPSTREAM lxc-improve-gateway-detection.patch fcrozat@suse.com -- Improve gateway detection
Patch9:         lxc-improve-gateway-detection.patch
# PATCH-FIX-UPSTREAM lxc-cgroup-already-running.patch fcrozat@suse.com -- warn if container is already running
Patch10:        lxc-cgroup-already-running.patch
# PATCH-FIX-UPSTREAM change-hwaddr-on-clone.patch fcrozat@suse.com -- update network address when cloning a container
Patch11:        change-hwaddr-on-clone.patch
# PATCH-FIX-UPSTREAM wait-until-container-is-stopped.patch fcrozat@suse.com -- wait until container is stopped before destroying it
Patch12:        wait-until-container-is-stopped.patch
# PATCH-FIX-UPSTREAM use-relative-paths-for-container.patch fcrozat@suse.com bnc#789387 -- use relative paths for containers
Patch13:        use-relative-paths-for-container.patch
# PATCH-FIX-UPSTREAM fix-lxc-clone-mount-entries.patch fcrozat@suse.com bnc#789387 -- fix lxc.mount entries when using lxc-clone
Patch14:        fix-lxc-clone-mount-entries.patch
# PATCH-FIX-UPSTREAM lxc-opensuse-12.2.patch
Patch15:        lxc-opensuse-12.2.patch
# PATCH-FIX-UPSTREAM pivot-root_shared.patch fcrozat@suse.com -- fix pivot root when / is mount as shared
Patch16:        pivot-root_shared.patch

BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  docbook-utils
BuildRequires:  libcap-devel
BuildRequires:  pkg-config
%if 0%{?suse_version} >= 1130
BuildRequires:  linux-glibc-devel
%else
BuildRequires:  linux-kernel-headers
%endif
Requires:       /sbin/setcap
Requires:       rsync
Requires(post): aaa_base
# needed to create openSUSE containers using template
Recommends:     build

%description
It provides commands to create and manage containers. It contains a
full featured container with the isolation/virtualization of the pids,
the ipc, the utsname, the mount points, /proc, /sys, the network and it
takes into account the control groups. It is very light, flexible, and
provides a set of tools around the container like the monitoring with
asynchronous events notification, or the freeze of the container. This
package is useful to create Virtual Private Server, or to run isolated
applications like bash or sshd.

%package devel
Summary:        Development library for lxc
License:        LGPL-2.1
Group:          Development/Libraries/C and C++
Requires:       %name = %version
Requires:       glibc-devel

%description devel
Lxc header files and library needed for development of containers.

%prep
%setup
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1

%build
%configure --disable-examples
%__make %{?_smp_mflags}
%__cp %{SOURCE1} .
%__rm -rf .doc
%__mkdir_p .doc/examples
%__cp doc/examples/*.conf .doc/examples

%install
%makeinstall
install -d -m 755 %{buildroot}/var/lib/lxc
find %buildroot -type f -name '*.la' -delete

./config.status --file=%{buildroot}%{_bindir}/lxc-createconfig:%{S:2}
chmod a+x %{buildroot}%{_bindir}/lxc-createconfig

%clean
%__rm -rf %buildroot

%post
/sbin/ldconfig
%fillup_and_insserv -f -Y boot.cgroup
/etc/init.d/boot.cgroup start 2>/dev/null >/dev/null || :

%postun
/sbin/ldconfig
%insserv_cleanup

%files
%defattr(-,root,root)
%doc AUTHORS MAINTAINERS COPYING README doc/FAQ.txt
%doc README.SUSE
%doc .doc/examples
%{_libdir}/lib%{name}.so.*
%{_libdir}/%name
%dir /var/lib/lxc
%{_bindir}/%{name}-*
%{_mandir}/man[^3]/*

%files devel
%defattr(-,root,root)
%{_includedir}/%name
%{_libdir}/lib%{name}.so
%{_datadir}/pkgconfig/%{name}.pc

%changelog
++++++ Accurately-detect-whether-a-system-supports-clone_children.patch ++++++
...
From 3e2981d4599962ec069c249460d86ce8ebec7644 Mon Sep 17 00:00:00 2001
From: Serge E. Hallyn <serge.hallyn@canonical.com>
Date: Mon, 24 Oct 2011 14:38:30 +0200
Subject: Accurately detect whether a system supports clone_children
Patch-upstream: yes
If multiple cgroups are mounted under /sys/fs/cgroup, then the
original check ends up looking for /sys/fs/cgroup/cgroup.clone_children,
which does not exist because that is just a tmpfs.

So make sure to check an actual cgroupfs.

Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/lxc-checkconfig.in |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/src/lxc/lxc-checkconfig.in b/src/lxc/lxc-checkconfig.in
index 5dcf3a4..30f6186 100755
--- a/src/lxc/lxc-checkconfig.in
+++ b/src/lxc/lxc-checkconfig.in
@@ -63,7 +63,12 @@ echo -n "Multiple /dev/pts instances: " && is_enabled DEVPTS_MULTIPLE_INSTANCES
 echo
 echo "--- Control groups ---"
 
-CGROUP_MNT_PATH=$(grep -m1 "^cgroup" /proc/self/mounts | awk '{ print $2 }')
+print_cgroups() {
+  # print all mountpoints for cgroup filesystems
+  awk '$1 !~ /#/ && $3 == mp { print $2; } ; END { exit(0); } '  "mp=$1" "$2" ;
+}
+
+CGROUP_MNT_PATH=`print_cgroups cgroup /proc/self/mounts | head -1`
 
 echo -n "Cgroup: " && is_enabled CONFIG_CGROUPS yes
 
-- 
1.7.4.1

++++++ README.SUSE ++++++
To mount the control group file system on openSUSE 11.3, SLE 11 SP1 and older,
perform the following:
mkdir /cgroup
and add the following line to /etc/fstab:
cgroup               /cgroup               cgroup    nofail                0 0

On openSUSE 11.4, SLE 11 SP2 and newer, you can just run:
/sbin/insserv boot.cgroup
and /sys/fs/cgroup will be mounted for cgroup automatically.
++++++ change-hwaddr-on-clone.patch ++++++
...
From 7b605a1d1e2ad65c235a43bf61dbd0bc240809c1 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Tue, 31 Jul 2012 16:01:28 +0200
Subject: [PATCH] lxc-clone: update any hwaddrs
Since we are creating a new container it should not share a macaddr with
the original container.

Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/934256

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/lxc-clone.in |   14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/lxc/lxc-clone.in b/src/lxc/lxc-clone.in
index 4a9f581..78058ec 100644
--- a/src/lxc/lxc-clone.in
+++ b/src/lxc/lxc-clone.in
@@ -259,6 +259,20 @@ if [ -f $rootfs/etc/dhcp/dhclient.conf ]; then
     sed -i "s/send host-name.*$/send host-name \"$hostname\";/" $rootfs/etc/dhcp/dhclient.conf
 fi
 
+c=$lxc_path/$lxc_new/config
+# change hwaddrs
+mv ${c} ${c}.old
+(
+while read line; do
+	if [ "${line:0:18}" = "lxc.network.hwaddr" ]; then
+		echo "lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')"
+	else
+		echo $line
+	fi
+done
+) < ${c}.old > ${c}
+rm -f ${c}.old
+
 # set the hostname
 cat <<EOF > $rootfs/etc/hostname
 $hostname
-- 
1.7.10.4
...
From 989e861d5c5b4a905efb4eb3f58a3eae9d21f83f Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Tue, 31 Jul 2012 16:04:33 +0200
Subject: [PATCH] lxc-clone.in: put $line in quotes to avoid its expansion
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/lxc-clone.in |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/lxc-clone.in b/src/lxc/lxc-clone.in
index deb01f7..f20411c 100644
--- a/src/lxc/lxc-clone.in
+++ b/src/lxc/lxc-clone.in
@@ -271,7 +271,7 @@ while read line; do
 	if [ "${line:0:18}" = "lxc.network.hwaddr" ]; then
 		echo "lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')"
 	else
-		echo $line
+		echo "$line"
 	fi
 done
 ) < ${c}.old > ${c}
-- 
1.7.10.4

Index: lxc-0.7.5/src/lxc/lxc-clone.in
===================================================================
--- lxc-0.7.5.orig/src/lxc/lxc-clone.in
+++ lxc-0.7.5/src/lxc/lxc-clone.in
@@ -265,13 +265,13 @@ if [ -f $rootfs/etc/dhcp/dhclient.conf ]
     sed -i "s/send host-name.*$/send host-name \"$hostname\";/" $rootfs/etc/dhcp/dhclient.conf
 fi
 
-c=$lxc_path/$lxc_new/config
+c=$config_path/$lxc_new/config
 # change hwaddrs
 mv ${c} ${c}.old
 (
 while read line; do
 	if [ "${line:0:18}" = "lxc.network.hwaddr" ]; then
-		echo "lxc.network.hwaddr= 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')"
+		echo "lxc.network.hwaddr = 00:16:3e:$((date ; cat /proc/interrupts ) | md5sum | sed -r 's/^(.{6}).*$/\1/;s/([0-9a-f]{2})/\1:/g;s/:$//;')"
 	else
 		echo "$line"
 	fi
++++++ fix-lxc-clone-mount-entries.patch ++++++
...
From 4d5fb23ad827eda17b64676f527c3f168cd56ebd Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@amd1.(none)>
Date: Fri, 20 Jul 2012 10:38:15 -0500
Subject: [PATCH] lxc-clone: fix handling of lxc.mount entries
The 'lxc.mount =' entry can have more than one space, or tabs, before the =.
We only need to disambiguate from 'lxc.mount.entry'.  So just check for a
space or tab after mount.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---
 src/lxc/lxc-clone.in |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/lxc-clone.in b/src/lxc/lxc-clone.in
index 9292e10..d9ed78c 100644
--- a/src/lxc/lxc-clone.in
+++ b/src/lxc/lxc-clone.in
@@ -176,7 +176,7 @@ cp $lxc_path/$lxc_orig/config $lxc_path/$lxc_new/config
 sed -i '/lxc.utsname/d' $lxc_path/$lxc_new/config
 echo "lxc.utsname = $hostname" >> $lxc_path/$lxc_new/config
 
-grep "lxc.mount =" $lxc_path/$lxc_new/config >/dev/null 2>&1 && { sed -i '/lxc.mount =/d' $lxc_path/$lxc_new/config; echo "lxc.mount = $lxc_path/$lxc_new/fstab" >> $lxc_path/$lxc_new/config; }
+grep "lxc.mount[ \t]" $lxc_path/$lxc_new/config >/dev/null 2>&1 && { sed -i '/lxc.mount[ \t]/d' $lxc_path/$lxc_new/config; echo "lxc.mount = $lxc_path/$lxc_new/fstab" >> $lxc_path/$lxc_new/config; }
 
 if [ -e  $lxc_path/$lxc_orig/fstab ];then
     cp $lxc_path/$lxc_orig/fstab $lxc_path/$lxc_new/fstab
-- 
1.7.10.4

++++++ lxc-cgroup-already-running.patch ++++++
...
From abce2e8ee2cc07c1273dff7786902393a28108de Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Fri, 27 Apr 2012 15:57:02 +0200
Subject: [PATCH] give a hint if old cgroup can't be moved
When cgroup can't be moved, it might be a hint container is already
running.
---
 src/lxc/cgroup.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

Index: lxc-0.7.5/src/lxc/cgroup.c
===================================================================
--- lxc-0.7.5.orig/src/lxc/cgroup.c
+++ lxc-0.7.5/src/lxc/cgroup.c
@@ -185,6 +185,9 @@ static int lxc_one_cgroup_create(const c
 	 */
 	if (!access(cgname, F_OK) && rmdir(cgname)) {
 		SYSERROR("failed to remove previous cgroup '%s'", cgname);
+		ERROR("##");
+		ERROR("# The container might be already running!");
+		ERROR("##");
 		return -1;
 	}
 
++++++ lxc-cgroup-warning.patch ++++++
...
From f0e64b8b66e0634cf0eb79728223bc3fdb407523 Mon Sep 17 00:00:00 2001
From: Daniel Lezcano <daniel.lezcano@free.fr>
Date: Thu, 5 Jan 2012 22:45:31 +0100
Subject: [PATCH] give explicit error when the cgroup are not found
When the cgroup is not mounted, we silently exit without giving
some clues to the user with what is happening.

Give some info and an explicit error.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/cgroup.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index a2b823e..6ae67bd 100644
--- a/src/lxc/cgroup.c
+++ b/src/lxc/cgroup.c
@@ -240,6 +240,7 @@ int lxc_cgroup_create(const char *name, pid_t pid)
 	struct mntent *mntent;
 	FILE *file = NULL;
 	int err = -1;
+	int found = 0;
 
 	file = setmntent(MTAB, "r");
 	if (!file) {
@@ -253,13 +254,18 @@ int lxc_cgroup_create(const char *name, pid_t pid)
 
 		if (!strcmp(mntent->mnt_type, "cgroup")) {
 
-			INFO("found cgroup mounted at '%s'", mntent->mnt_dir);
+			INFO("[%d] found cgroup mounted at '%s',opts='%s'",
+			     ++found, mntent->mnt_dir, mntent->mnt_opts);
+
 			err = lxc_one_cgroup_create(name, mntent, pid);
 			if (err)
 				goto out;
 		}
 	};
 
+	if (!found)
+		ERROR("No cgroup mounted on the system");
+
 out:
 	endmntent(file);
 	return err;
-- 
1.7.7

++++++ lxc-checkconfig-kernel-3.patch ++++++
...
From 5a4d96d1fd95719ddeb462fff45dbbc7cbbee3df Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Thu, 13 Oct 2011 11:26:56 +0200
Subject: [PATCH] handle kernel 3.x in lxc-checkconfig
Make sure to correctly detect kernel 3.x for file capabilities.
---
 src/lxc/lxc-checkconfig.in |   17 +++++++++++++----
 1 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/lxc/lxc-checkconfig.in b/src/lxc/lxc-checkconfig.in
index 5dcf3a4..c2c64ba 100755
--- a/src/lxc/lxc-checkconfig.in
+++ b/src/lxc/lxc-checkconfig.in
@@ -83,12 +83,21 @@ echo "--- Misc ---"
 echo -n "Veth pair device: " && is_enabled CONFIG_VETH
 echo -n "Macvlan: " && is_enabled CONFIG_MACVLAN
 echo -n "Vlan: " && is_enabled CONFIG_VLAN_8021Q
+KVER_MAJOR=$($GREP '^# Linux' $CONFIG | \
+    sed -r 's/.* ([0-9])\.[0-9]{1,2}\.[0-9]{1,3}.*/\1/')
+if [[ $KVER_MAJOR == 2 ]]; then
 KVER_MINOR=$($GREP '^# Linux' $CONFIG | \
-    sed -r 's/.*2.6.([0-9]{2}).*/\1/')
+    sed -r 's/.* 2.6.([0-9]{2}).*/\1/')
+else
+KVER_MINOR=$($GREP '^# Linux' $CONFIG | \
+    sed -r 's/.* [0-9]\.([0-9]{1,3})\.[0-9]{1,3}.*/\1/')
+fi
 echo -n "File capabilities: " &&
-    [[ ${KVER_MINOR} < 33 ]] && is_enabled CONFIG_SECURITY_FILE_CAPABILITIES ||
-    [[ ${KVER_MINOR} > 32 ]] &&  $SETCOLOR_SUCCESS && echo -e "enabled" &&
-    $SETCOLOR_NORMAL
+    ( [[ ${KVER_MAJOR} == 2 && ${KVER_MINOR} < 33 ]] &&
+       is_enabled CONFIG_SECURITY_FILE_CAPABILITIES ) ||
+    ( [[ ( ${KVER_MAJOR} == 2 && ${KVER_MINOR} > 32 ) ||
+         ${KVER_MAJOR} > 2 ]] && $SETCOLOR_SUCCESS && 
+         echo -e "enabled" && $SETCOLOR_NORMAL )
 
 echo
 echo "Note : Before booting a new kernel, you can check its configuration"
-- 
1.7.3.4

++++++ lxc-cleanup-network-on-error.patch ++++++
...
From d8f8e35202d9f84ca69cc4c65aeda0febb934e39 Mon Sep 17 00:00:00 2001
From: Daniel Lezcano <daniel.lezcano@free.fr>
Date: Thu, 5 Jan 2012 22:45:32 +0100
Subject: [PATCH] Fix network cleanup on error
Network cleanup does not cleanup correctly the virtual interfaces
in case of an error.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/conf.c  |   16 +++++++++++-----
 src/lxc/start.c |    1 -
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 41039d7..5e41d38 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1702,13 +1702,19 @@ void lxc_delete_network(struct lxc_list *network)
 		if (netdev->ifindex == 0)
 			continue;
 
-		/* Recent kernels already delete the virtual devices */
-		if (netdev->type != LXC_NET_PHYS)
+		if (netdev->type == LXC_NET_PHYS) {
+			if (lxc_netdev_rename_by_index(netdev->ifindex, netdev->link))
+				WARN("failed to rename to the initial name the " \
+				     "netdev '%s'", netdev->link);
 			continue;
+		}
 
-		if (lxc_netdev_rename_by_index(netdev->ifindex, netdev->link))
-			WARN("failed to rename to the initial name the netdev '%s'",
-			     netdev->link);
+		/* Recent kernel remove the virtual interfaces when the network
+		 * namespace is destroyed but in case we did not moved the
+		 * interface to the network namespace, we have to destroy it
+		 */
+		if (lxc_netdev_delete_by_index(netdev->ifindex))
+			WARN("failed to remove interface '%s'", netdev->name);
 	}
 }
 
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 334262d..18f6878 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -490,7 +490,6 @@ int lxc_spawn(struct lxc_handler *handler)
 		}
 	}
 
-
 	/* Create a process in a new set of namespaces */
 	handler->pid = lxc_clone(do_start, handler, clone_flags);
 	if (handler->pid < 0) {
-- 
1.7.7

++++++ lxc-createconfig.in ++++++
#!/bin/bash

#
# lxc: linux Container library

# Authors:
# Mike Friesenegger <mikef@suse.com>
# Daniel Lezcano <daniel.lezcano@free.fr>

# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.

# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.

# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA


usage() {
    echo "usage: lxc-createconfig -n <name> [-i <ipaddr/cidr>] [-b <bridge>] [-t <template]"
}

help() {
    usage
    echo
    echo "creates a lxc container config file which can be in"
    echo "turn used by lxc-create to create the lxc system object."
    echo
    echo "Options:"
    echo "name         : name of the container"
    echo "ipaddr       : ip address/cidr of the container"
    echo "bridge       : bridge device for container (br0 if undefined)"
    echo "template     : template is an accessible template script (opensuse if undefined)"
}

shortoptions='hn:i:b:t:'
longoptions='help,name:,ipaddr:,bridge:,template:'
lxc_confpath=$HOME
templatedir=@LXCTEMPLATEDIR@
lxc_bridge=br0
lxc_template=opensuse

getopt=$(getopt -o $shortoptions --longoptions  $longoptions -- "$@")
if [ $? != 0 ]; then
    usage
    exit 1;
fi

eval set -- "$getopt"

while true; do
        case "$1" in
            -h|--help)
                help
                exit 1
                ;;
            -n|--name)
                shift
                lxc_name=$1
                lxc_confname=$lxc_name.config
                shift
                ;;
            -i|--ipaddr)
                shift
                lxc_ipaddr=$1
                shift
                ;;
            -b|--bridge)
                shift
                lxc_bridge=$1
                shift
                ;;
            -t|--template)
                shift
                lxc_template=$1
                shift
                ;;
            --)
                shift
                break;;
            *)
                echo $1
                usage
                exit 1
                ;;
        esac
done

if [ -z "$lxc_name" ]; then
    echo "no container name specified"
    usage
    exit 1
fi

if [ -f "$lxc_confpath/$lxc_confname" ]; then
    echo "'$lxc_confname' already exists"
    exit 1
fi

if [ ! -z "$lxc_ipaddr" ]; then
    echo $lxc_ipaddr | grep -E '/(([^C9]{0,1}[0-9])|(3[0-2]))$'
    if [ $? -ne 0 ]; then
        echo "$lxc_ipaddr is missing a cidr"
        usage
        exit 1
    fi
fi

if [ -z "$lxc_ipaddr" ]; then
    lxc_ipaddr=DHCP
fi

if [ ! -z $lxc_bridge ]; then
    brctl show | grep $lxc_bridge >/dev/null
    if [ $? -ne 0 ]; then
        echo "$lxc_bridge not defined"
        exit 1
    fi
fi

if [ ! -z $lxc_template ]; then
    type ${templatedir}/lxc-$lxc_template >/dev/null
    if [ $? -ne 0 ]; then
        echo "unknown template '$lxc_template'"
        exit 1
    fi
fi

echo
echo "Container Name            = " $lxc_name
echo "IP Address                = " $lxc_ipaddr
echo "Bridge                    = " $lxc_bridge
echo
echo -n "Create container config? (n): "
read ANSWER
if [ "$ANSWER" != "y" -a "$ANSWER" != "Y" ]
then
    exit 1
fi
echo
echo "Creating container config $lxc_confpath/$lxc_confname"

# generate a MAC for the IP
lxc_hwaddr="02:00:`(date ; cat /proc/interrupts ) | md5sum | sed -r 's/^(.{8}).*$/\1/;s/([0-9a-f]{2})/\1:/g;s/:$//;'`"

cat >"$lxc_confpath/$lxc_confname" <<%%
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = $lxc_bridge
lxc.network.hwaddr = $lxc_hwaddr
%%
if [ ! $lxc_ipaddr = "DHCP" ]; then
    cat >>"$lxc_confpath/$lxc_confname" <<%%
lxc.network.ipv4 = $lxc_ipaddr
%%
fi
cat >>"$lxc_confpath/$lxc_confname" <<%%
lxc.network.name = eth0
%%

echo
echo "Run 'lxc-create -n $lxc_name -f $lxc_confpath/$lxc_confname -t $lxc_template' to create the lxc system object."
++++++ lxc-fix-warning-already-running.patch ++++++
...
From 97d3756cbe108e564d1a1b6cc23c02d379c3c02e Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Wed, 22 Feb 2012 11:40:16 -0600
Subject: [PATCH] If a container is already running, say so in error msgs.
Otherwise there is no clear indication to the user why the container
startup failed.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/commands.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index f323943..1d488ae 100644
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -271,7 +271,12 @@ extern int lxc_command_mainloop_add(const char *name,
 
 	fd = lxc_af_unix_open(path, SOCK_STREAM, 0);
 	if (fd < 0) {
-		ERROR("failed to create the command service point");
+		ERROR("failed (%d) to create the command service point %s", errno, offset);
+		if (errno == EADDRINUSE) {
+			ERROR("##");
+			ERROR("# The container appears to be already running!");
+			ERROR("##");
+		}
 		return -1;
 	}
 
-- 
1.7.7

++++++ lxc-improve-gateway-detection.patch ++++++
++++ 774 lines (skipped)

++++++ lxc-opensuse-12.1-fixbuild.patch ++++++
Index: lxc-0.7.5/templates/lxc-opensuse.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-opensuse.in
+++ lxc-0.7.5/templates/lxc-opensuse.in
@@ -186,7 +186,7 @@ EOF
 	done
     fi
 
-    CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" /usr/lib/build/init_buildsystem  --clean --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
+    CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" PATH="$PATH:/usr/lib/build" /usr/lib/build/init_buildsystem  --clean --configdir /usr/lib/build/configs --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
     chroot $cache/partial-$arch rpm -e patterns-openSUSE-base
++++++ lxc-opensuse-12.1.patch ++++++
...
From 44ee8a102e3d8052631fbb119f58a55ce678d039 Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Tue, 25 Oct 2011 11:25:18 +0200
Subject: [PATCH 1/2] templates: update openSUSE template for openSUSE 12.1
...
From 594d9ba1043bdbc3bb0bded71e19a6ed3e724e4d Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Wed, 18 Apr 2012 17:17:18 +0200
Subject: [PATCH] various fixes for openSUSE template: - create /etc/hostname
 as symlink to /etc/HOSTNAME (lxc-clone fix) - fix
 inadequate space in lxc.mount config (lxc-clone fix) - fix
 openSUSE 12.1 template creation on x86 platform - disable
 network in container if not configured - configure network
rely on "build" package, to ensure chroot can be created with
distribution older than 12.1

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 templates/lxc-opensuse.in |   75 ++++++++++++++++++++++++++++----------------
 1 files changed, 48 insertions(+), 27 deletions(-)

diff --git a/templates/lxc-opensuse.in b/templates/lxc-opensuse.in
index 811876a..d30147d 100644
--- a/templates/lxc-opensuse.in
+++ b/templates/lxc-opensuse.in
@@ -25,7 +25,7 @@
 # License along with this library; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 
-DISTRO=11.4
+DISTRO=12.1
 
 configure_opensuse()
 {
@@ -106,28 +106,11 @@ cons:2345:respawn:/sbin/mingetty --noclear console screen
 c1:2345:respawn:/sbin/mingetty --noclear tty1 screen
 EOF
 
-    # patch boot script, no longer needed in openSUSE 12.1 / SLE11-SP2
-    patch --quiet -d $rootfs/etc/init.d/ << EOF
---- boot.orig	2011-05-26 16:03:07.000000000 +0200
-+++ boot	2011-05-26 16:03:19.000000000 +0200
-@@ -98,12 +98,12 @@
-     echo "***************************************************************"
-     /sbin/halt -f
-     fi
--    echo -n "Mounting devtmpfs at /dev"
--    mount -n -t devtmpfs -o mode=0755 devtmpfs /dev
--    rc_status -v -r
-+#    echo -n "Mounting devtmpfs at /dev"
-+#    mount -n -t devtmpfs -o mode=0755 devtmpfs /dev
-+#    rc_status -v -r
- fi
-
--cp -axT --remove-destination /lib/udev/devices /dev
-+#cp -axT --remove-destination /lib/udev/devices /dev
-
- if test -d /sys/kernel/debug -a "$HAVE_DEBUGFS" = "1" ; then
-     mount -n -t debugfs debugfs /sys/kernel/debug > /dev/null 2>&1
+    # set /dev/console as securetty
+    cat << EOF >> $rootfs/etc/securetty
+console
 EOF
+
     cat <<EOF >> $rootfs/etc/sysconfig/boot
 # disable root fsck
 ROOTFS_FSCK="0"
@@ -136,7 +119,7 @@ EOF
 
 
     # remove pointless services in a container
-    insserv -r -f -p $rootfs/etc/init.d boot.udev boot.udev_retry boot.md boot.lvm boot.loadmodules boot.device-mapper boot.clock boot.swap boot.klog
+    chroot $rootfs /sbin/insserv -r -f boot.udev boot.loadmodules boot.device-mapper boot.clock boot.swap boot.klog kbd
 
     echo "Please change root-password !"
     echo "root:root" | chroot $rootfs chpasswd
@@ -149,6 +132,12 @@ download_opensuse()
     cache=$1
     arch=$2
 
+    if [ ! -x /usr/bin/build ]; then
+       echo "Could not create openSUSE template :"
+       echo "you need to install \"build\" package"
+       return 1
+    fi
+
     # check the mini opensuse was not already downloaded
     mkdir -p "$cache/partial-$arch"
 
@@ -159,18 +148,50 @@ download_opensuse()
 
     # download a mini opensuse into a cache
     echo "Downloading opensuse minimal ..."
+    mkdir -p "$cache/partial-$arch-packages"
+    zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
+    zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
+    zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update
+    zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base sysvinit-init
+    cat > $cache/partial-$arch-packages/opensuse.conf << EOF
+Preinstall: aaa_base bash coreutils diffutils
+Preinstall: filesystem fillup glibc grep insserv libacl1 libattr1
+Preinstall: libbz2-1 libgcc46 libxcrypt libncurses5 pam
+Preinstall: permissions libreadline6 rpm sed tar zlib libselinux1
+Preinstall: liblzma5 libcap2 libpcre0
+Preinstall: libpopt0 libelf1 liblua5_1
+
+RunScripts: aaa_base
+
+Support: zypper
+Support: patterns-openSUSE-base
+Support: lxc
+Prefer: sysvinit-init
+
+Ignore: patterns-openSUSE-base:patterns-openSUSE-yast2_install_wf
+EOF
+
+    CLEAN_BUILD=1 BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" /usr/lib/build/init_buildsystem  --clean --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch
+    chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
+    chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
+    chroot $cache/partial-$arch rpm -e patterns-openSUSE-base
+    umount $cache/partial-$arch/proc
+#   really clean the image
+    rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
+    rm -fr $cache/partial-$arch/dev
+#    make sure we have a minimal /dev
     mkdir -p "$cache/partial-$arch/dev"
     mknod -m 666 $cache/partial-$arch/dev/null c 1 3
     mknod -m 666 $cache/partial-$arch/dev/zero c 1 5
-    zypper --quiet --root $cache/partial-$arch --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
-    zypper --quiet --root $cache/partial-$arch --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
-    zypper --quiet --root $cache/partial-$arch --non-interactive --gpg-auto-import-keys in --auto-agree-with-licenses -t pattern base
-    zypper --quiet --root $cache/partial-$arch --non-interactive --gpg-auto-import-keys in +lxc -kbd -patterns-openSUSE-base
+#   create mtab symlink
+    rm -f $cache/partial-$arch/etc/mtab
+    ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab
     if [ $? -ne 0 ]; then
 	echo "Failed to download the rootfs, aborting."
 	return 1
     fi
 
+    rm -fr "$cache/partial-$arch-packages"
     mv "$1/partial-$arch" "$1/rootfs-$arch"
     echo "Download complete."
 
-- 
1.7.7


 scripts properly

---
 templates/lxc-opensuse.in |   34 +++++++++++++++++++++++++++++-----
 1 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/templates/lxc-opensuse.in b/templates/lxc-opensuse.in
index 120b2c7..4342150 100644
--- a/templates/lxc-opensuse.in
+++ b/templates/lxc-opensuse.in
@@ -34,8 +34,8 @@ configure_opensuse()
 
    # set network as static, but everything is done by LXC outside the container
    cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
-STARTMODE='auto'
-BOOTPROTO='static'
+STARTMODE='manual'
+BOOTPROTO='none'
 EOF
 
    # set default route
@@ -71,6 +71,8 @@ EOF
     cat <<EOF > $rootfs/etc/HOSTNAME
 $hostname
 EOF
+    # ensure /etc/hostname is available too
+    ln -s -f HOSTNAME $rootfs/etc/hostname
 
     # do not use hostname from HOSTNAME variable
     cat <<EOF >> $rootfs/etc/sysconfig/cron
@@ -156,10 +158,11 @@ download_opensuse()
     cat > $cache/partial-$arch-packages/opensuse.conf << EOF
 Preinstall: aaa_base bash coreutils diffutils
 Preinstall: filesystem fillup glibc grep insserv libacl1 libattr1
-Preinstall: libbz2-1 libgcc46 libxcrypt libncurses5 pam
+Preinstall: libbz2-1 libgcc46 libncurses5 pam
 Preinstall: permissions libreadline6 rpm sed tar zlib libselinux1
 Preinstall: liblzma5 libcap2 libpcre0
 Preinstall: libpopt0 libelf1 liblua5_1
+Preinstall: netcfg
 
 RunScripts: aaa_base
 
@@ -169,9 +172,21 @@ Support: lxc
 Prefer: sysvinit-init
 
 Ignore: patterns-openSUSE-base:patterns-openSUSE-yast2_install_wf
+Ignore: patterns-openSUSE-base:polkit-defaults-privs
+Ignore: patterns-openSUSE-base:openSUSE-build-key
 EOF
+    if [ "$arch" == "i686" ]; then
+        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
+        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i586/*" ; do
+            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
+        done
+        mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686
+        for i in "$cache/partial-$arch-packages/var/cache/zypp/packages/update/i586/*" ; do
+            ln -s $i $cache/partial-$arch-packages/var/cache/zypp/packages/update/i686/
+	done
+    fi
 
-    CLEAN_BUILD=1 BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" /usr/lib/build/init_buildsystem  --clean --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch
+    CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" /usr/lib/build/init_buildsystem  --clean --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
     chroot $cache/partial-$arch rpm -e patterns-openSUSE-base
@@ -254,13 +269,22 @@ copy_configuration()
     rootfs=$2
     name=$3
 
+# only disable network if no network configuration was passed
+grep -q lxc.network.type $path/config
+network_not_configured=$?
+if [ $network_not_configured -eq 1 ]; then
+   cat <<EOF >> $path/config
+lxc.network.type = empty
+EOF
+fi
+
     cat <<EOF >> $path/config
 lxc.utsname = $name
 
 lxc.tty = 4
 lxc.pts = 1024
 lxc.rootfs = $rootfs
-lxc.mount  = $path/fstab
+lxc.mount = $path/fstab
 
 lxc.cgroup.devices.deny = a
 # /dev/null and zero
-- 
1.7.7

++++++ lxc-opensuse-12.2.patch ++++++
Index: lxc-0.7.5/templates/lxc-opensuse.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-opensuse.in
+++ lxc-0.7.5/templates/lxc-opensuse.in
@@ -25,7 +25,7 @@
 # License along with this library; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 
-DISTRO=12.1
+DISTRO=12.2
 
 configure_opensuse()
 {
@@ -34,14 +34,10 @@ configure_opensuse()
 
    # set network as static, but everything is done by LXC outside the container
    cat <<EOF > $rootfs/etc/sysconfig/network/ifcfg-eth0
-STARTMODE='manual'
+STARTMODE='auto'
 BOOTPROTO='none'
 EOF
 
-   # set default route
-   IP=$(/sbin/ip route | awk '/default/ { print $3 }')
-   echo "default $IP - -" > $rootfs/etc/sysconfig/network/routes
-
    # create empty fstab
    touch $rootfs/etc/fstab
 
@@ -121,7 +117,9 @@ EOF
 
 
     # remove pointless services in a container
-    chroot $rootfs /sbin/insserv -r -f boot.udev boot.loadmodules boot.device-mapper boot.clock boot.swap boot.klog kbd
+    chroot $rootfs /sbin/insserv -r -f boot.udev boot.device-mapper boot.clock boot.swap boot.klog kbd >/dev/null 2>&1
+
+    touch $rootfs/etc/sysconfig/kernel
 
     echo "Please change root-password !"
     echo "root:root" | chroot $rootfs chpasswd
@@ -154,26 +152,31 @@ download_opensuse()
     zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss/ repo-oss
     zypper --quiet --root $cache/partial-$arch-packages --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
     zypper --quiet --root $cache/partial-$arch-packages --non-interactive --gpg-auto-import-keys update
-    zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base sysvinit-init
+    zypper --root $cache/partial-$arch-packages --non-interactive in --auto-agree-with-licenses --download-only zypper lxc patterns-openSUSE-base sysvinit-init iputils
     cat > $cache/partial-$arch-packages/opensuse.conf << EOF
 Preinstall: aaa_base bash coreutils diffutils
-Preinstall: filesystem fillup glibc grep insserv libacl1 libattr1
-Preinstall: libbz2-1 libgcc46 libncurses5 pam
+Preinstall: filesystem fillup glibc grep insserv
+Preinstall: libbz2-1 libgcc47 libncurses5 pam
 Preinstall: permissions libreadline6 rpm sed tar zlib libselinux1
-Preinstall: liblzma5 libcap2 libpcre0
+Preinstall: liblzma5 libcap2 libacl1 libattr1
 Preinstall: libpopt0 libelf1 liblua5_1
-Preinstall: netcfg
+Preinstall: libpcre1
 
 RunScripts: aaa_base
 
 Support: zypper
 Support: patterns-openSUSE-base
 Support: lxc
-Prefer: sysvinit-init
+Support: ncurses-utils
+Support: iputils
+Support: udev
+Support: netcfg
+Support: sysvinit-init
+Support: dhcpcd hwinfo insserv module-init-tools openSUSE-release openssh
+Support: pwdutils rpcbind sysconfig rsyslog
 
-Ignore: patterns-openSUSE-base:patterns-openSUSE-yast2_install_wf
-Ignore: patterns-openSUSE-base:polkit-defaults-privs
-Ignore: patterns-openSUSE-base:openSUSE-build-key
+Ignore: rpm:suse-build-key,build-key
+Ignore: systemd:systemd-presets-branding
 EOF
     if [ "$arch" == "i686" ]; then
         mkdir -p $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/i686/
@@ -189,7 +192,6 @@ EOF
     CLEAN_BUILD=1 BUILD_ARCH="$arch" BUILD_ROOT="$cache/partial-$arch" BUILD_DIST="$cache/partial-$arch-packages/opensuse.conf" PATH="$PATH:/usr/lib/build" /usr/lib/build/init_buildsystem  --clean --configdir /usr/lib/build/configs --cachedir $cache/partial-$arch-cache --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/repo-oss/suse/noarch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/$arch --repository $cache/partial-$arch-packages/var/cache/zypp/packages/update/noarch
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/distribution/$DISTRO/repo/oss repo-oss
     chroot $cache/partial-$arch /usr/bin/zypper --quiet --non-interactive ar http://download.opensuse.org/update/$DISTRO/ update
-    chroot $cache/partial-$arch rpm -e patterns-openSUSE-base
     umount $cache/partial-$arch/proc
 #   really clean the image
     rm -fr $cache/partial-$arch/{.build,.guessed_dist,.srcfiles*,installed-pkg}
@@ -274,12 +276,35 @@ copy_configuration()
     name=$3
 
 # only disable network if no network configuration was passed
-grep -q lxc.network.type $path/config
+sed '/^#/d' $path/config | grep -q lxc.network.type
 network_not_configured=$?
 if [ $network_not_configured -eq 1 ]; then
    cat <<EOF >> $path/config
 lxc.network.type = empty
 EOF
+else
+   type=$(sed '/^#/d; /lxc.network.type/!d; s/.*=[ \t]*//' $path/config)
+   sed '/^#/d' $path/config | grep -q lxc.network.*.gateway
+   gateway_not_configured=$?
+   sed '/^#/d' $path/config | grep -q lxc.network.ipv4
+   ipv4_not_configured=$?
+   if [ $gateway_not_configured ]; then
+     [ $ipv4_not_configured -eq 0 ] && ipv4=$(sed '/^#/d; /lxc.network.ipv4/!d; /gateway/d; s/.*=[ \t]*//; s/\([[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\).*/\1/' $path/config)
+     if [ "$type" = "veth" -o "$type" = "macvlan" ]; then
+      if [ $ipv4_not_configured -eq 0 -a "$ipv4" != "0.0.0.0" ]; then
+       # set default route
+       IP=$(/sbin/ip route | awk '/default/ { print $3 }')
+       echo "lxc.network.ipv4.gateway = $IP " >> $path/config
+      else
+	   # set network as dhcp
+	   sed -i -e 's/BOOTPROTO=.*/BOOTPROTO=dhcp/' $rootfs/etc/sysconfig/network/ifcfg-eth0
+      fi
+     fi
+   fi
+   if [ "$type" != "empty" ]; then
+       echo "#remove next line if host DNS configuration should not be available to container" >> $path/config
+       echo "lxc.mount.entry = /etc/resolv.conf etc/resolv.conf none bind,ro 0 0" >> $path/config
+   fi
 fi
 
     cat <<EOF >> $path/config
++++++ lxc-opensuse-tmpfs.patch ++++++
...
From d088de50c551f4941ae24b536057fc57915ee7d7 Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcrozat@suse.com>
Date: Fri, 20 Apr 2012 14:36:53 +0200
Subject: [PATCH] shutdown fixes for openSUSE container
- mount /run on tmpfs outside container
- replace /var/run bind mount on /run by a symlink
---
 templates/lxc-opensuse.in |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/templates/lxc-opensuse.in b/templates/lxc-opensuse.in
index 0946f95..076fe4f 100644
--- a/templates/lxc-opensuse.in
+++ b/templates/lxc-opensuse.in
@@ -201,6 +201,10 @@ EOF
 #   create mtab symlink
     rm -f $cache/partial-$arch/etc/mtab
     ln -sf /proc/self/mounts $cache/partial-$arch/etc/mtab
+
+# ensure /var/run and /run are symlinked
+    rm -fr $cache/partial-$arch/var/run
+    ln -s -f ../run $cache/partial-$arch/var/run
     if [ $? -ne 0 ]; then
 	echo "Failed to download the rootfs, aborting."
 	return 1
@@ -307,6 +311,7 @@ EOF
     cat <<EOF > $path/fstab
 proc            $rootfs/proc         proc	nodev,noexec,nosuid 0 0
 sysfs           $rootfs/sys          sysfs	defaults  0 0
+tmpfs           $rootfs/run          tmpfs	mode=0755,nodev,nosuid 0 0
 EOF
 
     if [ $? -ne 0 ]; then
-- 
1.7.7

++++++ lxc-snapshot-btrfs-lvm.patch ++++++
++++ 1289 lines (skipped)

++++++ pivot-root_shared.patch ++++++
...
From cc28d0b0a66bd956645dc7b8fc85b917711f2472 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@canonical.com>
Date: Wed, 19 Dec 2012 23:58:44 -0600
Subject: [PATCH] Support MS_SHARED /
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
(I'll be out until Jan 2, but in the meantime, here is hopefully a
little newyears gift - this seems to allow lxc-start with / being
MS_SHARED on the host)

When / is MS_SHARED (for instance with f18 and modern arch), lxc-start
fails on pivot_root.  The kernel enforces that, when doing pivot_root,
the parent of current->fs->root (as well as the new root and the putold
location) not be MS_SHARED.

To work around this, check /proc/self/mountinfo for a 'shared:' in
the '/' line.  If it is there, then create a tiny MS_SLAVE tmpfs dir to
serve as parent of /, recursively bind mount / into /root under that dir,
make it rslave, and chroot into it.

Tested with ubuntu raring image after doing 'mount --make-rshared /'.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
---
 src/lxc/conf.c  |  117 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 src/lxc/conf.h  |    3 ++
 src/lxc/start.c |    8 ++++
 3 files changed, 125 insertions(+), 3 deletions(-)

Index: lxc-0.7.5/src/lxc/conf.c
===================================================================
--- lxc-0.7.5.orig/src/lxc/conf.c
+++ lxc-0.7.5/src/lxc/conf.c
@@ -716,8 +716,112 @@ static int setup_rootfs_pivot_root(const
 	return 0;
 }
 
-static int setup_rootfs(const struct lxc_rootfs *rootfs)
+/*
+ * Detect whether / is mounted MS_SHARED.  The only way I know of to
+ * check that is through /proc/self/mountinfo.
+ * I'm only checking for /.  If the container rootfs or mount location
+ * is MS_SHARED, but not '/', then you're out of luck - figuring that
+ * out would be too much work to be worth it.
+ */
+#define LINELEN 4096
+int detect_shared_rootfs(void)
 {
+	char buf[LINELEN], *p;
+	FILE *f;
+	int i;
+	char *p2;
+
+	f = fopen("/proc/self/mountinfo", "r");
+	if (!f)
+		return 0;
+	while ((p = fgets(buf, LINELEN, f))) {
+		INFO("looking at .%s.", p);
+		for (p = buf, i=0; p && i < 4; i++)
+			p = index(p+1, ' ');
+		if (!p)
+			continue;
+		p2 = index(p+1, ' ');
+		if (!p2)
+			continue;
+		*p2 = '\0';
+		INFO("now p is .%s.", p);
+		if (strcmp(p+1, "/") == 0) {
+			// this is '/'.  is it shared?
+			p = index(p2+1, ' ');
+			if (strstr(p, "shared:"))
+				return 1;
+		}
+	}
+	fclose(f);
+	return 0;
+}
+
+/*
+ * I'll forgive you for asking whether all of this is needed :)  The
+ * answer is yes.
+ * pivot_root will fail if the new root, the put_old dir, or the parent
+ * of current->fs->root are MS_SHARED.  (parent of current->fs_root may
+ * or may not be current->fs_root - if we assumed it always was, we could
+ * just mount --make-rslave /).  So,
+ *    1. mount a tiny tmpfs to be parent of current->fs->root.
+ *    2. make that MS_SLAVE
+ *    3. make a 'root' directory under that
+ *    4. mount --rbind / under the $tinyroot/root.
+ *    5. make that rslave
+ *    6. chdir and chroot into $tinyroot/root
+ *    7. $tinyroot will be unmounted by our parent in start.c
+ */
+static int chroot_into_slave(struct lxc_conf *conf)
+{
+	char path[MAXPATHLEN];
+	const char *destpath = conf->rootfs.mount;
+	int ret;
+
+	if (mount(destpath, destpath, NULL, MS_BIND, 0)) {
+		SYSERROR("failed to mount %s bind", destpath);
+		return -1;
+	}
+	if (mount("", destpath, NULL, MS_SLAVE, 0)) {
+		SYSERROR("failed to make %s slave", destpath);
+		return -1;
+	}
+	if (mount("none", destpath, "tmpfs", 0, "size=10000")) {
+		SYSERROR("Failed to mount tmpfs / at %s", destpath);
+		return -1;
+	}
+	ret = snprintf(path, MAXPATHLEN, "%s/root", destpath);
+	if (ret < 0 || ret >= MAXPATHLEN) {
+		ERROR("out of memory making root path");
+		return -1;
+	}
+	if (mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH)) {
+		SYSERROR("Failed to create /dev/pts in container");
+		return -1;
+	}
+	if (mount("/", path, NULL, MS_BIND|MS_REC, 0)) {
+		SYSERROR("Failed to rbind mount / to %s", path);
+		return -1;
+	}
+	if (mount("", destpath, NULL, MS_SLAVE|MS_REC, 0)) {
+		SYSERROR("Failed to make tmp-/ at %s rslave", path);
+		return -1;
+	}
+	if (chdir(path)) {
+		SYSERROR("Failed to chdir into tmp-/");
+		return -1;
+	}
+	if (chroot(path)) {
+		SYSERROR("Failed to chroot into tmp-/");
+		return -1;
+	}
+	INFO("Chrooted into tmp-/ at %s\n", path);
+	return 0;
+}
+
+static int setup_rootfs(struct lxc_conf *conf)
+{
+	const struct lxc_rootfs *rootfs = &conf->rootfs;
+
 	if (!rootfs->path)
 		return 0;
 
@@ -727,6 +831,13 @@ static int setup_rootfs(const struct lxc
 		return -1;
 	}
 
+	if (detect_shared_rootfs()) {
+		if (chroot_into_slave(conf)) {
+			ERROR("Failed to chroot into slave /");
+			return -1;
+		}
+	}
+
 	if (mount_rootfs(rootfs->path, rootfs->mount)) {
 		ERROR("failed to mount rootfs");
 		return -1;
@@ -848,7 +959,7 @@ static int setup_console(const struct lx
 	return 0;
 }
 
-static int setup_cgroup(const char *name, struct lxc_list *cgroups)
+int setup_cgroup(const char *name, struct lxc_list *cgroups)
 {
 	struct lxc_list *iterator;
 	struct lxc_cgroup *cg;
@@ -1846,7 +1957,7 @@ int lxc_setup(const char *name, struct l
 		return -1;
 	}
 
-	if (setup_rootfs(&lxc_conf->rootfs)) {
+	if (setup_rootfs(lxc_conf)) {
 		ERROR("failed to setup rootfs for '%s'", name);
 		return -1;
 	}
Index: lxc-0.7.5/src/lxc/conf.h
===================================================================
--- lxc-0.7.5.orig/src/lxc/conf.h
+++ lxc-0.7.5/src/lxc/conf.h
@@ -227,6 +227,9 @@ extern int lxc_find_gateway_addresses(st
 extern int lxc_create_tty(const char *name, struct lxc_conf *conf);
 extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
 
+extern int setup_cgroup(const char *name, struct lxc_list *cgroups);
+extern int detect_shared_rootfs(void);
+
 /*
  * Configure the container from inside
  */
Index: lxc-0.7.5/src/lxc/start.c
===================================================================
--- lxc-0.7.5.orig/src/lxc/start.c
+++ lxc-0.7.5/src/lxc/start.c
@@ -535,6 +535,14 @@ int lxc_spawn(struct lxc_handler *handle
 	if (lxc_sync_barrier_child(handler, LXC_SYNC_POST_CONFIGURE))
 		return -1;
 
+	if (detect_shared_rootfs())
+		umount2(handler->conf->rootfs.mount, MNT_DETACH);
+
+	if (setup_cgroup(name, &handler->conf->cgroup)) {
+		ERROR("failed to setup the cgroups for '%s'", name);
+		goto out_delete_net;
+	}
+
 	if (handler->ops->post_start(handler, handler->data))
 		goto out_abort;
 
++++++ use-relative-paths-for-container.patch ++++++
...
From 80a881b232b8955b85b360d4def99e6e680ff61b Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Tue, 31 Jul 2012 16:04:33 +0200
Subject: [PATCH] templates: use relative paths when creating containers
At the same time, allow lxc.mount.entry to specify an absolute target
path relative to /var/lib/lxc/CN/rootfs, even if rootfs is a blockdev.
Otherwise all such entries are ignored for blockdev-backed containers.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/conf.c                |   48 +++++++++++++++++++++++++++++++----------
 templates/lxc-debian.in       |    4 ++--
 templates/lxc-fedora.in       |    6 +++---
 templates/lxc-lenny.in        |    4 ++--
 templates/lxc-opensuse.in     |    4 ++--
 templates/lxc-sshd.in         |   16 +++++++-------
 templates/lxc-ubuntu-cloud.in |    4 ++--
 templates/lxc-ubuntu.in       |    6 +++---
 8 files changed, 59 insertions(+), 33 deletions(-)

Index: lxc-0.7.5/src/lxc/conf.c
===================================================================
--- lxc-0.7.5.orig/src/lxc/conf.c
+++ lxc-0.7.5/src/lxc/conf.c
@@ -981,27 +981,50 @@ static inline int mount_entry_on_systemf
 }
 
 static int mount_entry_on_absolute_rootfs(struct mntent *mntent,
-					  const struct lxc_rootfs *rootfs)
+					  const struct lxc_rootfs *rootfs,
+					  const char *lxc_name)
 {
 	char *aux;
 	char path[MAXPATHLEN];
 	unsigned long mntflags;
 	char *mntdata;
-	int ret = 0;
+	int r, ret = 0, offset;
 
 	if (parse_mntopts(mntent->mnt_opts, &mntflags, &mntdata) < 0) {
 		ERROR("failed to parse mount option '%s'", mntent->mnt_opts);
 		return -1;
 	}
 
+	/* if rootfs->path is a blockdev path, allow container fstab to
+	 * use /var/lib/lxc/CN/rootfs as the target prefix */
+	r = snprintf(path, MAXPATHLEN, "/var/lib/lxc/%s/rootfs", lxc_name);
+	if (r < 0 || r >= MAXPATHLEN)
+		goto skipvarlib;
+
+	aux = strstr(mntent->mnt_dir, path);
+	if (aux) {
+		offset = strlen(path);
+		goto skipabs;
+	}
+
+skipvarlib:
 	aux = strstr(mntent->mnt_dir, rootfs->path);
 	if (!aux) {
 		WARN("ignoring mount point '%s'", mntent->mnt_dir);
 		goto out;
 	}
+	offset = strlen(rootfs->path);
+
+skipabs:
 
 	snprintf(path, MAXPATHLEN, "%s/%s", rootfs->mount,
-		 aux + strlen(rootfs->path));
+		 aux + offset);
+	if (r < 0 || r >= MAXPATHLEN) {
+		WARN("pathnme too long for '%s'", mntent->mnt_dir);
+		ret = -1;
+		goto out;
+	}
+
 
 	ret = mount_entry(mntent->mnt_fsname, path, mntent->mnt_type,
 			  mntflags, mntdata);
@@ -1035,7 +1058,8 @@ static int mount_entry_on_relative_rootf
 	return ret;
 }
 
-static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file)
+static int mount_file_entries(const struct lxc_rootfs *rootfs, FILE *file,
+	const char *lxc_name)
 {
 	struct mntent *mntent;
 	int ret = -1;
@@ -1056,7 +1080,7 @@ static int mount_file_entries(const stru
 			continue;
 		}
 
-		if (mount_entry_on_absolute_rootfs(mntent, rootfs))
+		if (mount_entry_on_absolute_rootfs(mntent, rootfs, lxc_name))
 			goto out;
 	}
 
@@ -1067,7 +1091,8 @@ out:
 	return ret;
 }
 
-static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab)
+static int setup_mount(const struct lxc_rootfs *rootfs, const char *fstab,
+	const char *lxc_name)
 {
 	FILE *file;
 	int ret;
@@ -1081,13 +1106,14 @@ static int setup_mount(const struct lxc_
 		return -1;
 	}
 
-	ret = mount_file_entries(rootfs, file);
+	ret = mount_file_entries(rootfs, file, lxc_name);
 
 	endmntent(file);
 	return ret;
 }
 
-static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list *mount)
+static int setup_mount_entries(const struct lxc_rootfs *rootfs, struct lxc_list *mount,
+	const char *lxc_name)
 {
 	FILE *file;
 	struct lxc_list *iterator;
@@ -1107,7 +1133,7 @@ static int setup_mount_entries(const str
 
 	rewind(file);
 
-	ret = mount_file_entries(rootfs, file);
+	ret = mount_file_entries(rootfs, file, lxc_name);
 
 	fclose(file);
 	return ret;
@@ -1825,12 +1851,12 @@ int lxc_setup(const char *name, struct l
 		return -1;
 	}
 
-	if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab)) {
+	if (setup_mount(&lxc_conf->rootfs, lxc_conf->fstab, name)) {
 		ERROR("failed to setup the mounts for '%s'", name);
 		return -1;
 	}
 
-	if (setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list)) {
+	if (setup_mount_entries(&lxc_conf->rootfs, &lxc_conf->mount_list, name)) {
 		ERROR("failed to setup the mount entries for '%s'", name);
 		return -1;
 	}
Index: lxc-0.7.5/templates/lxc-debian.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-debian.in
+++ lxc-0.7.5/templates/lxc-debian.in
@@ -211,8 +211,8 @@ lxc.cgroup.devices.allow = c 5:2 rwm
 lxc.cgroup.devices.allow = c 254:0 rwm
 
 # mounts point
-lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0
-lxc.mount.entry=sysfs $rootfs/sys sysfs defaults  0 0
+lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry=sysfs sys sysfs defaults  0 0
 EOF
 
     if [ $? -ne 0 ]; then
Index: lxc-0.7.5/templates/lxc-fedora.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-fedora.in
+++ lxc-0.7.5/templates/lxc-fedora.in
@@ -224,9 +224,9 @@ lxc.cgroup.devices.allow = c 254:0 rwm
 EOF
 
     cat <<EOF > $config_path/fstab
-+proc            $rootfs_path/proc         proc    nodev,noexec,nosuid 0 0
-+devpts          $rootfs_path/dev/pts      devpts defaults 0 0
-+sysfs           $rootfs_path/sys          sysfs defaults  0 0
+proc            proc         proc    nodev,noexec,nosuid 0 0
+devpts          dev/pts      devpts defaults 0 0
+sysfs           sys          sysfs defaults  0 0
 
     if [ $? -ne 0 ]; then
 	echo "Failed to add configuration"
Index: lxc-0.7.5/templates/lxc-lenny.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-lenny.in
+++ lxc-0.7.5/templates/lxc-lenny.in
@@ -200,8 +200,8 @@ lxc.cgroup.devices.allow = c 5:2 rwm
 lxc.cgroup.devices.allow = c 254:0 rwm
 
 # mounts point
-lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0
-lxc.mount.entry=sysfs $rootfs/sys sysfs defaults  0 0
+lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry=sysfs sys sysfs defaults  0 0
 EOF
 
     if [ $? -ne 0 ]; then
Index: lxc-0.7.5/templates/lxc-opensuse.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-opensuse.in
+++ lxc-0.7.5/templates/lxc-opensuse.in
@@ -310,9 +310,9 @@ lxc.cgroup.devices.allow = c 254:0 rwm
 EOF
 
     cat <<EOF > $path/fstab
-proc            $rootfs/proc         proc	nodev,noexec,nosuid 0 0
-sysfs           $rootfs/sys          sysfs	defaults  0 0
-tmpfs           $rootfs/run          tmpfs	mode=0755,nodev,nosuid 0 0
+proc            proc         proc	nodev,noexec,nosuid 0 0
+sysfs           sys          sysfs	defaults  0 0
+tmpfs           run          tmpfs	mode=0755,nodev,nosuid 0 0
 EOF
 
     if [ $? -ne 0 ]; then
Index: lxc-0.7.5/templates/lxc-sshd.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-sshd.in
+++ lxc-0.7.5/templates/lxc-sshd.in
@@ -100,18 +100,18 @@ cat <<EOF >> $path/config
 lxc.utsname = $name
 lxc.pts = 1024
 lxc.rootfs = $rootfs
-lxc.mount.entry=/dev $rootfs/dev none ro,bind 0 0
-lxc.mount.entry=/lib $rootfs/lib none ro,bind 0 0
-lxc.mount.entry=/bin $rootfs/bin none ro,bind 0 0
-lxc.mount.entry=/usr /$rootfs/usr none ro,bind 0 0
-lxc.mount.entry=/sbin $rootfs/sbin none ro,bind 0 0
-lxc.mount.entry=tmpfs $rootfs/var/run/sshd tmpfs mode=0644 0 0
-lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd $rootfs/sbin/init none bind 0 0
+lxc.mount.entry=/dev dev none ro,bind 0 0
+lxc.mount.entry=/lib lib none ro,bind 0 0
+lxc.mount.entry=/bin bin none ro,bind 0 0
+lxc.mount.entry=/usr usr none ro,bind 0 0
+lxc.mount.entry=/sbin sbin none ro,bind 0 0
+lxc.mount.entry=tmpfs var/run/sshd tmpfs mode=0644 0 0
+lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd sbin/init none bind 0 0
 EOF
 
 if [ "$(uname -m)" = "x86_64" ]; then
     cat <<EOF >> $path/config
-lxc.mount.entry=/lib64 $rootfs/lib64 none ro,bind 0 0
+lxc.mount.entry=/lib64 lib64 none ro,bind 0 0
 EOF
 fi
 }
Index: lxc-0.7.5/templates/lxc-ubuntu.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-ubuntu.in
+++ lxc-0.7.5/templates/lxc-ubuntu.in
@@ -200,8 +200,8 @@ lxc.cgroup.devices.allow = c 10:229 rwm
 EOF
 
     cat <<EOF > $path/fstab
-proc            $rootfs/proc         proc    nodev,noexec,nosuid 0 0
-sysfs           $rootfs/sys          sysfs defaults  0 0
+proc            proc         proc    nodev,noexec,nosuid 0 0
+sysfs           sys          sysfs defaults  0 0
 EOF
 
     if [ $? -ne 0 ]; then
@@ -333,7 +333,7 @@ do_bindhome()
     # bind-mount the user's path into the container's /home
     h=`getent passwd $user | cut -d: -f 6`
     mkdir -p $rootfs/$h
-    echo "$h $rootfs/$h none bind 0 0" >> $path/fstab
+    echo "$h $h none bind 0 0" >> $path/fstab
 
     # copy /etc/passwd, /etc/shadow, and /etc/group entries into container
     pwd=`getent passwd $user`
++++++ wait-until-container-is-stopped.patch ++++++
...
From d1252b84255a12cdf7a488fd4b922a4f1b3ac40f Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Tue, 31 Jul 2012 16:04:33 +0200
Subject: [PATCH] lxc-destroy: wait until the container is stopped
Signed-off-by: Timothy Chen <tnachen@gmail.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
 src/lxc/lxc-destroy.in |    1 +
 1 file changed, 1 insertion(+)

Index: lxc-0.7.5/src/lxc/lxc-destroy.in
===================================================================
--- lxc-0.7.5.orig/src/lxc/lxc-destroy.in
+++ lxc-0.7.5/src/lxc/lxc-destroy.in
@@ -87,6 +87,7 @@ lxc-info -n $lxc_name 2>/dev/null | grep
 if [ $? -eq 0 ]; then
 	if [ $force -eq 1 ]; then
 		lxc-stop -n $lxc_name
+		lxc-wait -n $lxc_name -s STOPPED
 	else
 		echo "Container $lxc_name is running, aborting the deletion."
 		exit 1
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org

    

commit lxc.1265 for openSUSE:12.2:Update

root＠hilbert.suse.de