Description: make non-ubuntu templates work
 busybox: check separately that /usr/lib64.
 debian: don't add network segment to config (that's not for the template
 to do).
 sshd: run dhclient; allow adding a root ssh key
 fedora:
 1. don't add network segment to config; 2. check for 'curl';
 3. don't add $name to $path, it's already in there;
 4. don't add devpts to fstab, that's wrong. 5. $UTSNAME doesn't exist
 6. set root pwd to root.  7. install release-ver package.
 8. add a console on /dev/console.  9. create empty fstab
 10. allow adding a root ssh key.  11. don't mount devpts in rc.sysinit.
 opensuse: not usable until zypper is packaged
 lxc-ubuntu and lxc-ubuntu-cloud: fix inconsistent '--auth_key' option
Author: Serge Hallyn <serge.hallyn@ubuntu.com>
Forwarded: no

Index: lxc-0.7.5/templates/lxc-busybox.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-busybox.in	2011-02-01 08:12:40.000000000 -0600
+++ lxc-0.7.5/templates/lxc-busybox.in	2012-02-17 09:20:38.957886271 -0600
@@ -245,6 +245,11 @@
 if [ -d "/lib64" ] && [ -d "$rootfs/lib64" ]; then
 cat <<EOF >> $path/config
 lxc.mount.entry=/lib64 $rootfs/lib64 none ro,bind 0 0
+EOF
+fi
+
+if [ -d "/usr/lib64" ] && [ -d "$rootfs/usr/lib64" ]; then
+cat <<EOF >> $path/config
 lxc.mount.entry=/usr/lib64 $rootfs/usr/lib64 none ro,bind 0 0
 EOF
 fi
Index: lxc-0.7.5/templates/lxc-debian.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-debian.in	2012-02-17 09:19:14.000000000 -0600
+++ lxc-0.7.5/templates/lxc-debian.in	2012-02-17 09:22:02.442300244 -0600
@@ -261,15 +261,6 @@
 lxc.mount.entry                         = proc $rootfs/proc proc nodev,noexec,nosuid 0 0
 lxc.mount.entry                         = sysfs $rootfs/sys sysfs defaults,ro 0 0
 #lxc.mount.entry                        = /srv/$name $rootfs/srv/$name none defaults,bind 0 0
-
-## Network
-lxc.network.type                        = veth
-lxc.network.flags                       = up
-lxc.network.hwaddr                      = 11:22:33:44:55:66
-lxc.network.link                        = br0
-lxc.network.mtu                         = 1500
-lxc.network.name                        = eth0
-lxc.network.veth.pair                   = veth-$name
 EOF
 
     if [ $? -ne 0 ]; then
Index: lxc-0.7.5/templates/lxc-sshd.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-sshd.in	2012-02-17 09:19:14.000000000 -0600
+++ lxc-0.7.5/templates/lxc-sshd.in	2012-02-17 10:29:01.283073050 -0600
@@ -43,7 +43,7 @@
 
     mkdir -p $tree
     if [ $? -ne 0 ]; then
-	return 1
+        return 1
     fi
 
     return 0
@@ -88,6 +88,18 @@
 PermitEmptyPasswords yes
 ChallengeResponseAuthentication no
 EOF
+
+    if [ -n "$auth_key" -a -f "$auth_key" ]; then
+    	u_path="/root/.ssh"
+    	root_u_path="$rootfs/$u_path"
+    	mkdir -p $root_u_path
+    	cp $auth_key "$root_u_path/authorized_keys"
+    	chown -R 0:0 "$rootfs/$u_path"
+	chmod 700 "$rootfs/$u_path"
+
+    	echo "Inserted SSH public key from $auth_key into /home/ubuntu/.ssh/authorized_keys"
+    fi
+
     return 0
 }
 
@@ -97,7 +109,7 @@
     rootfs=$2
     name=$3
 
-cat <<EOF >> $path/config
+    cat <<EOF >> $path/config
 lxc.utsname = $name
 lxc.pts = 1024
 lxc.rootfs = $rootfs
@@ -108,13 +120,17 @@
 lxc.mount.entry=/sbin $rootfs/sbin none ro,bind 0 0
 lxc.mount.entry=tmpfs $rootfs/var/run/sshd tmpfs mode=0644 0 0
 lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd $rootfs/sbin/init none bind 0 0
+lxc.mount.entry=proc $rootfs/proc proc nodev,noexec,nosuid 0 0
 EOF
 
-if [ "$(uname -m)" = "x86_64" ]; then
-    cat <<EOF >> $path/config
+    # if no .ipv4 section in config, then have the container run dhcp
+    grep -q "^lxc.network.ipv4" $path/config || touch $rootfs/run-dhcp
+
+    if [ "$(uname -m)" = "x86_64" ]; then
+        cat <<EOF >> $path/config
 lxc.mount.entry=/lib64 $rootfs/lib64 none ro,bind 0 0
 EOF
-fi
+    fi
 }
 
 usage()
@@ -125,10 +141,10 @@
     return 0
 }
 
-options=$(getopt -o hp:n: -l help,path:,name: -- "$@")
+options=$(getopt -o hp:n:S: -l help,path:,name:,auth-key: -- "$@")
 if [ $? -ne 0 ]; then
         usage $(basename $0)
-	exit 1
+    exit 1
 fi
 eval set -- "$options"
 
@@ -137,7 +153,8 @@
     case "$1" in
         -h|--help)      usage $0 && exit 0;;
         -p|--path)      path=$2; shift 2;;
-	-n|--name)      name=$2; shift 2;;
+    	-n|--name)      name=$2; shift 2;;
+    	-S|--auth-key)  auth_key=$2; shift 2;;
         --)             shift 1; break ;;
         *)              break ;;
     esac
@@ -152,14 +169,30 @@
 
     type @LXCINITDIR@/lxc-init
     if [ $? -ne 0 ]; then
-	echo "'lxc-init is not accessible on the system"
-	exit 1
+        echo "'lxc-init is not accessible on the system"
+        exit 1
     fi
 
     type sshd
     if [ $? -ne 0 ]; then
-	echo "'sshd' is not accessible on the system "
-	exit 1
+        echo "'sshd' is not accessible on the system "
+        exit 1
+    fi
+
+    # run dhcp?
+    if [ -f /run-dhcp ]; then
+        type dhclient
+        if [ $? -ne 0 ]; then
+            echo "can't find dhclient"
+            exit 1
+        fi
+	touch /etc/fstab
+        rm -f /dhclient.conf
+        cat > /dhclient.conf << EOF
+send host-name "<hostname>";
+EOF
+	ifconfig eth0 up
+        dhclient eth0 -cf /dhclient.conf
     fi
 
     exec @LXCINITDIR@/lxc-init -- /usr/sbin/sshd
Index: lxc-0.7.5/templates/lxc-ubuntu-cloud.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-ubuntu-cloud.in	2012-02-17 09:19:14.000000000 -0600
+++ lxc-0.7.5/templates/lxc-ubuntu-cloud.in	2012-02-17 10:05:48.227320808 -0600
@@ -108,7 +108,7 @@
 Options, mutually exclusive of "-C" and "--cloud":
   [ -i | --hostid ]:    HostID for cloud-init, defaults to random string
   [ -u | --userdata ]:  Cloud-init user-data file to configure container on start
-  [ -S | --auth_key ]:  SSH Public key file to inject into container
+  [ -S | --auth-key ]:  SSH Public key file to inject into container
   [ -L | --nolocales ]: Do not copy host's locales into container
 
 EOF
@@ -166,7 +166,7 @@
     -i|--hostid)       host_id=$2; shift 2;;
     -u|--userdata)     userdata=$2; shift 2;;
     -C|--cloud)        cloud=1; shift 1;;
-    -S|--auth_key)     auth_key=$2; shift 2;;
+    -S|--auth-key)     auth_key=$2; shift 2;;
     -L|--no_locales)   locales=0; shift 2;;
     -T|--tarball)      tarball=$2; shift 2;;
     --)                shift 1; break ;;
Index: lxc-0.7.5/templates/lxc-ubuntu.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-ubuntu.in	2012-02-17 09:19:14.000000000 -0600
+++ lxc-0.7.5/templates/lxc-ubuntu.in	2012-02-17 10:06:05.111404557 -0600
@@ -498,12 +498,12 @@
 {
     cat <<EOF
 $1 -h|--help [-a|--arch] [-b|--bindhome <user>] [--trim]
-   [-F | --flush-cache] [-r|--release <release>] [ -S | --auth_key <keyfile>]
+   [-F | --flush-cache] [-r|--release <release>] [ -S | --auth-key <keyfile>]
 release: lucid | maverick | natty | oneiric | precise
 trim: make a minimal (faster, but not upgrade-safe) container
 bindhome: bind <user>'s home into the container
 arch: amd64 or i386: defaults to host arch
-auth_key: SSH Public key file to inject into container
+auth-key: SSH Public key file to inject into container
 EOF
     return 0
 }
@@ -558,7 +558,7 @@
     -b|--bindhome)  bindhome=$2; shift 2;;
     -a|--arch)      arch=$2; shift 2;;
     -x|--trim)      trim_container=1; shift 1;;
-    -S|--auth_key)  auth_key=$2; shift 2;;
+    -S|--auth-key)  auth_key=$2; shift 2;;
     --)             shift 1; break ;;
         *)              break ;;
     esac
Index: lxc-0.7.5/templates/lxc-fedora.in
===================================================================
--- lxc-0.7.5.orig/templates/lxc-fedora.in	2012-02-17 09:19:14.000000000 -0600
+++ lxc-0.7.5/templates/lxc-fedora.in	2012-02-17 17:26:21.262124172 -0600
@@ -29,9 +29,7 @@
 arch=$(arch)
 cache_base=/var/cache/lxc/fedora/$arch
 default_path=/var/lib/lxc
-root_password=rooter
-lxc_network_type=veth
-lxc_network_link=virbr0
+root_password=root
 
 # is this fedora?
 [ -f /etc/fedora-release ] && is_fedora=true
@@ -52,7 +50,7 @@
 DEVICE=eth0
 BOOTPROTO=dhcp
 ONBOOT=yes
-HOSTNAME=${UTSNAME}
+HOSTNAME=${name}
 NM_CONTROLLED=no
 TYPE=Ethernet
 MTU=${MTU}
@@ -61,7 +59,7 @@
     # set the hostname
     cat <<EOF > ${rootfs_path}/etc/sysconfig/network
 NETWORKING=yes
-HOSTNAME=${UTSNAME}
+HOSTNAME=${name}
 EOF
 
     # set minimal hosts
@@ -71,6 +69,10 @@
 
     sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.sysinit
     sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.d/rc.sysinit
+    # don't mount devpts, for pete's sake
+    sed -i 's/^.*dev.pts.*$/#\0/' ${rootfs_path}/etc/rc.sysinit
+    sed -i 's/^.*dev.pts.*$/#\0/' ${rootfs_path}/etc/rc.d/rc.sysinit
+
     chroot ${rootfs_path} chkconfig udev-post off
     chroot ${rootfs_path} chkconfig network on
 
@@ -97,6 +99,17 @@
     echo "setting root passwd to $root_password"
     echo "root:$root_password" | chroot $rootfs_path chpasswd
 
+    # specifying this in the initial packages doesn't always work.
+    echo "installing fedora-release package"
+    chroot ${rootfs_path} yum --releasever=${release} -y install fedora-release
+
+    # silence some needless startup errors
+    touch ${rootfs_path}/etc/fstab
+
+    # give us a console on /dev/console
+    sed -i 's/ACTIVE_CONSOLES=.*$/ACTIVE_CONSOLES="\/dev\/console \/dev\/tty[1-4]"/' \
+        ${rootfs_path}/etc/sysconfig/init
+
     return 0
 }
 
@@ -114,7 +127,7 @@
     # download a mini fedora into a cache
     echo "Downloading fedora minimal ..."
     YUM="yum --installroot $INSTALL_ROOT -y --nogpgcheck"
-    PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient chkconfig rootfiles policycoreutils"
+    PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient chkconfig rootfiles policycoreutils fedora-release"
     MIRRORLIST_URL="http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$release&arch=$arch"
 
     DOWNLOAD_OK=no
@@ -224,12 +237,6 @@
 lxc.pts = 1024
 lxc.rootfs = $rootfs_path
 lxc.mount  = $config_path/fstab
-#networking
-lxc.network.type = $lxc_network_type
-lxc.network.flags = up
-lxc.network.link = $lxc_network_link
-lxc.network.name = eth0
-lxc.network.mtu = 1500
 #cgroups
 lxc.cgroup.devices.deny = a
 # /dev/null and zero
@@ -251,7 +258,6 @@
 
     cat <<EOF > $config_path/fstab
 proc            $rootfs_path/proc         proc    nodev,noexec,nosuid 0 0
-devpts          $rootfs_path/dev/pts      devpts defaults 0 0
 sysfs           $rootfs_path/sys          sysfs defaults  0 0
 EOF
     if [ $? -ne 0 ]; then
@@ -328,9 +334,20 @@
     exit 0
 fi
 
+needed_pkgs=""
 type yum >/dev/null 2>&1
 if [ $? -ne 0 ]; then
-    echo "'yum' command is missing"
+    needed_pkgs="yum $needed_pkgs"
+fi
+
+type curl >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    needed_pkgs="curl $needed_pkgs"
+fi
+
+if [ -n "$needed_pkgs" ]; then
+    echo "Missing commands: $needed_pkgs"
+    echo "Please install these using \"sudo apt-get install $needed_pkgs\""
     exit 1
 fi
 
@@ -353,7 +370,7 @@
 fi
 
 
-rootfs_path=$path/$name/rootfs
+rootfs_path=$path/rootfs
 config_path=$default_path/$name
 cache=$cache_base/$release
 
@@ -394,4 +411,3 @@
     exit 0
 fi
 echo "container rootfs and config created"
-echo "container is configured for lxc.network.type=veth and lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
