vagrant-lxc 1.3.1 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/README.md +14 -10
- data/lib/vagrant-lxc/action/create.rb +5 -1
- data/lib/vagrant-lxc/config.rb +9 -1
- data/lib/vagrant-lxc/driver.rb +17 -8
- data/lib/vagrant-lxc/provider.rb +2 -3
- data/lib/vagrant-lxc/sudo_wrapper.rb +10 -5
- data/lib/vagrant-lxc/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dfd740ba8ba252e2ad4a24ce265b57835b4099b0
|
4
|
+
data.tar.gz: 42e4c5fc8830dbc330956c45de02175d96194701
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 38bde493ef8c7eecd63037bd3b2aa450e7bf78934a55b9d14e38746bffbf054a9b7219642d7604e1d71552ff939debefd0d6860bea239614a784564a1f3d65a2
|
7
|
+
data.tar.gz: a99b34ed05309bb29857739c7fad625fba52e596d70752b188f9d7e28ab565066c3fec61a812c78b91a6e20d9a9334ec1508d47b35ac2b26810ba27239ddbbf6
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,10 @@
|
|
1
|
+
## [1.4.0](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.1...v1.4.0) (Mar 04, 2018)
|
2
|
+
|
3
|
+
FEATURES:
|
4
|
+
- Add support for unprivileged containers. [[GH-312]]
|
5
|
+
|
6
|
+
[GH-312]: https://github.com/fgrehm/vagrant-lxc/issues/312
|
7
|
+
|
1
8
|
## [1.3.1](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.0...v1.3.1) (Fev 06, 2018)
|
2
9
|
|
3
10
|
FIXES:
|
data/README.md
CHANGED
@@ -78,7 +78,7 @@ prior to starting it.
|
|
78
78
|
|
79
79
|
For other configuration options, please check the [lxc.conf manpages](http://manpages.ubuntu.com/manpages/precise/man5/lxc.conf.5.html).
|
80
80
|
|
81
|
-
### Private Networks
|
81
|
+
### Private Networks
|
82
82
|
|
83
83
|
Starting with vagrant-lxc 1.1.0, there is some rudimentary support for configuring
|
84
84
|
[Private Networks](https://docs.vagrantup.com/v2/networking/private_network.html)
|
@@ -137,25 +137,29 @@ Vagrant.configure("2") do |config|
|
|
137
137
|
end
|
138
138
|
```
|
139
139
|
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
140
|
+
## Unprivileged containers support
|
141
|
+
|
142
|
+
Since v1.4.0, `vagrant-lxc` gained support for unprivileged containers. For now, since it's a new
|
143
|
+
feature, privileged containers are still the default, but you can have your `Vagrantfile` use
|
144
|
+
unprivileged containers with the `privileged` flag (which defaults to `true`). Example:
|
144
145
|
|
145
146
|
```ruby
|
146
147
|
Vagrant.configure("2") do |config|
|
147
148
|
config.vm.provider :lxc do |lxc|
|
148
|
-
lxc.
|
149
|
+
lxc.privileged = false
|
149
150
|
end
|
150
151
|
end
|
151
152
|
```
|
152
153
|
|
154
|
+
For unprivileged containers to work with `vagrant-lxc`, you need a properly configured system. On
|
155
|
+
some distros, it can be somewhat of a challenge. Your journey to configuring your system can start
|
156
|
+
with [Stéphane Graber's blog post about it](https://stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/).
|
157
|
+
|
153
158
|
## Avoiding `sudo` passwords
|
154
159
|
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
all commands required by `vagrant-lxc` to run.
|
160
|
+
If you're not using unprivileged containers, this plugin requires **a lot** of `sudo`ing To work
|
161
|
+
around that, you can use the `vagrant lxc sudoers` command which will create a file under
|
162
|
+
`/etc/sudoers.d/vagrant-lxc` whitelisting all commands required by `vagrant-lxc` to run.
|
159
163
|
|
160
164
|
If you are interested on what will be generated by that command, please check
|
161
165
|
[this code](lib/vagrant-lxc/command/sudoers.rb).
|
@@ -19,10 +19,14 @@ module Vagrant
|
|
19
19
|
container_name = generate_container_name(env)
|
20
20
|
end
|
21
21
|
|
22
|
+
backingstore = config.backingstore
|
23
|
+
if backingstore.nil?
|
24
|
+
backingstore = config.privileged ? "best" : "dir"
|
25
|
+
end
|
22
26
|
driver = env[:machine].provider.driver
|
23
27
|
driver.create(
|
24
28
|
container_name,
|
25
|
-
|
29
|
+
backingstore,
|
26
30
|
config.backingstore_options,
|
27
31
|
env[:lxc_template_src],
|
28
32
|
env[:lxc_template_config],
|
data/lib/vagrant-lxc/config.rb
CHANGED
@@ -24,6 +24,12 @@ module Vagrant
|
|
24
24
|
|
25
25
|
attr_accessor :fetch_ip_tries
|
26
26
|
|
27
|
+
# Whether the container needs to be privileged. Defaults to true (unprivileged containers
|
28
|
+
# is a very new feature in vagrant-lxc). If false, will try creating an unprivileged
|
29
|
+
# container. If it can't, will revert to the old "sudo wrapper" method to create a privileged
|
30
|
+
# container.
|
31
|
+
attr_accessor :privileged
|
32
|
+
|
27
33
|
def initialize
|
28
34
|
@customizations = []
|
29
35
|
@backingstore = UNSET_VALUE
|
@@ -31,6 +37,7 @@ module Vagrant
|
|
31
37
|
@container_name = UNSET_VALUE
|
32
38
|
@tmpfs_mount_size = UNSET_VALUE
|
33
39
|
@fetch_ip_tries = UNSET_VALUE
|
40
|
+
@privileged = UNSET_VALUE
|
34
41
|
end
|
35
42
|
|
36
43
|
# Customize the container by calling `lxc-start` with the given
|
@@ -55,10 +62,11 @@ module Vagrant
|
|
55
62
|
|
56
63
|
def finalize!
|
57
64
|
@container_name = nil if @container_name == UNSET_VALUE
|
58
|
-
@backingstore =
|
65
|
+
@backingstore = nil if @backingstore == UNSET_VALUE
|
59
66
|
@existing_container_name = nil if @existing_container_name == UNSET_VALUE
|
60
67
|
@tmpfs_mount_size = '2G' if @tmpfs_mount_size == UNSET_VALUE
|
61
68
|
@fetch_ip_tries = 10 if @fetch_ip_tries == UNSET_VALUE
|
69
|
+
@privileged = true if @privileged == UNSET_VALUE
|
62
70
|
end
|
63
71
|
end
|
64
72
|
end
|
data/lib/vagrant-lxc/driver.rb
CHANGED
@@ -20,9 +20,9 @@ module Vagrant
|
|
20
20
|
attr_reader :container_name,
|
21
21
|
:customizations
|
22
22
|
|
23
|
-
def initialize(container_name, sudo_wrapper = nil, cli = nil)
|
23
|
+
def initialize(container_name, sudo_wrapper = nil, cli = nil, privileged: true)
|
24
24
|
@container_name = container_name
|
25
|
-
@sudo_wrapper = sudo_wrapper || SudoWrapper.new()
|
25
|
+
@sudo_wrapper = sudo_wrapper || SudoWrapper.new(privileged: privileged)
|
26
26
|
@cli = cli || CLI.new(@sudo_wrapper, container_name)
|
27
27
|
@logger = Log4r::Logger.new("vagrant::provider::lxc::driver")
|
28
28
|
@customizations = []
|
@@ -266,12 +266,21 @@ module Vagrant
|
|
266
266
|
end
|
267
267
|
|
268
268
|
def write_config(contents)
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
269
|
+
confpath = base_path.join('config').to_s
|
270
|
+
begin
|
271
|
+
File.open(confpath, File::RDWR) do |file|
|
272
|
+
file.write contents
|
273
|
+
end
|
274
|
+
rescue
|
275
|
+
# We don't have permissions to write in the conf file. That's probably because it's a
|
276
|
+
# privileged container. Work around that through sudo_wrapper.
|
277
|
+
Tempfile.new('lxc-config').tap do |file|
|
278
|
+
file.chmod 0644
|
279
|
+
file.write contents
|
280
|
+
file.close
|
281
|
+
@sudo_wrapper.run 'cp', '-f', file.path, confpath
|
282
|
+
@sudo_wrapper.run 'chown', 'root:root', confpath
|
283
|
+
end
|
275
284
|
end
|
276
285
|
end
|
277
286
|
end
|
data/lib/vagrant-lxc/provider.rb
CHANGED
@@ -2,7 +2,6 @@ require "log4r"
|
|
2
2
|
|
3
3
|
require "vagrant-lxc/action"
|
4
4
|
require "vagrant-lxc/driver"
|
5
|
-
require "vagrant-lxc/sudo_wrapper"
|
6
5
|
|
7
6
|
module Vagrant
|
8
7
|
module LXC
|
@@ -27,7 +26,7 @@ module Vagrant
|
|
27
26
|
|
28
27
|
def ensure_lxc_installed!
|
29
28
|
begin
|
30
|
-
SudoWrapper.new().run("which", "lxc-create")
|
29
|
+
SudoWrapper.new(privileged: @machine.provider_config.privileged).run("which", "lxc-create")
|
31
30
|
rescue Vagrant::LXC::Errors::ExecuteError
|
32
31
|
raise Errors::LxcNotInstalled
|
33
32
|
end
|
@@ -40,7 +39,7 @@ module Vagrant
|
|
40
39
|
|
41
40
|
begin
|
42
41
|
@logger.debug("Instantiating the container for: #{id.inspect}")
|
43
|
-
@driver = Driver.new(id)
|
42
|
+
@driver = Driver.new(id, privileged: @machine.provider_config.privileged)
|
44
43
|
@driver.validate!
|
45
44
|
rescue Driver::ContainerNotFound
|
46
45
|
# The container doesn't exist, so we probably have a stale
|
@@ -10,8 +10,9 @@ module Vagrant
|
|
10
10
|
"/usr/local/bin/vagrant-lxc-wrapper"
|
11
11
|
end
|
12
12
|
|
13
|
-
def initialize()
|
13
|
+
def initialize(privileged: true)
|
14
14
|
@wrapper_path = Pathname.new(SudoWrapper.dest_path).exist? && SudoWrapper.dest_path || nil
|
15
|
+
@privileged = privileged
|
15
16
|
@logger = Log4r::Logger.new("vagrant::lxc::sudo_wrapper")
|
16
17
|
end
|
17
18
|
|
@@ -27,11 +28,15 @@ module Vagrant
|
|
27
28
|
File.umask(old_mask & 022) # allow all `r` and `x` bits
|
28
29
|
|
29
30
|
begin
|
30
|
-
if @
|
31
|
-
|
32
|
-
|
31
|
+
if @privileged
|
32
|
+
if @wrapper_path && !options[:no_wrapper]
|
33
|
+
command.unshift @wrapper_path
|
34
|
+
execute *(['sudo'] + command)
|
35
|
+
else
|
36
|
+
execute *(['sudo', '/usr/bin/env'] + command)
|
37
|
+
end
|
33
38
|
else
|
34
|
-
execute *(['
|
39
|
+
execute *(['/usr/bin/env'] + command)
|
35
40
|
end
|
36
41
|
ensure
|
37
42
|
File.umask(old_mask)
|
data/lib/vagrant-lxc/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: vagrant-lxc
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Fabio Rehm
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-03-04 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Linux Containers provider for Vagrant
|
14
14
|
email:
|