vagrant-lxc 1.3.1 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a7961d3375120bd894e83e2a4f20ec8b5d3593fb
4
- data.tar.gz: 7cf67804b6cf65040e2135b595614fdfaf9e6c42
3
+ metadata.gz: dfd740ba8ba252e2ad4a24ce265b57835b4099b0
4
+ data.tar.gz: 42e4c5fc8830dbc330956c45de02175d96194701
5
5
  SHA512:
6
- metadata.gz: a21551ff2fd67807a8b2873921f594f48702bb624654bafab005691161d6b64a1b3bef8e358be92cd902eeb57ef6e9e3e145c529cf5d6fe0bb2f7f33f26189e5
7
- data.tar.gz: 9e38552fa5bc9b20c51161d816465268c9d1efc52d47f9be84b39dd1775c9e2d6629dc7b9a8eeff35e185a11a9f97dd72e6cb9e1ca75bd217dbcb25493e286aa
6
+ metadata.gz: 38bde493ef8c7eecd63037bd3b2aa450e7bf78934a55b9d14e38746bffbf054a9b7219642d7604e1d71552ff939debefd0d6860bea239614a784564a1f3d65a2
7
+ data.tar.gz: a99b34ed05309bb29857739c7fad625fba52e596d70752b188f9d7e28ab565066c3fec61a812c78b91a6e20d9a9334ec1508d47b35ac2b26810ba27239ddbbf6
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## [1.4.0](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.1...v1.4.0) (Mar 04, 2018)
2
+
3
+ FEATURES:
4
+ - Add support for unprivileged containers. [[GH-312]]
5
+
6
+ [GH-312]: https://github.com/fgrehm/vagrant-lxc/issues/312
7
+
1
8
  ## [1.3.1](https://github.com/fgrehm/vagrant-lxc/compare/v1.3.0...v1.3.1) (Fev 06, 2018)
2
9
 
3
10
  FIXES:
data/README.md CHANGED
@@ -78,7 +78,7 @@ prior to starting it.
78
78
 
79
79
  For other configuration options, please check the [lxc.conf manpages](http://manpages.ubuntu.com/manpages/precise/man5/lxc.conf.5.html).
80
80
 
81
- ### Private Networks [EXPERIMENTAL]
81
+ ### Private Networks
82
82
 
83
83
  Starting with vagrant-lxc 1.1.0, there is some rudimentary support for configuring
84
84
  [Private Networks](https://docs.vagrantup.com/v2/networking/private_network.html)
@@ -137,25 +137,29 @@ Vagrant.configure("2") do |config|
137
137
  end
138
138
  ```
139
139
 
140
- For old versions of lxc (like 0.7.5 shipped with Ubuntu 12.04 by default) that
141
- does not support `best` for the backingstore option, changing it to `none` is
142
- required and a default for all Vagrant environments can be set from your
143
- `~/.vagrant.d/Vagrantfile` using the same `provider` block:
140
+ ## Unprivileged containers support
141
+
142
+ Since v1.4.0, `vagrant-lxc` gained support for unprivileged containers. For now, since it's a new
143
+ feature, privileged containers are still the default, but you can have your `Vagrantfile` use
144
+ unprivileged containers with the `privileged` flag (which defaults to `true`). Example:
144
145
 
145
146
  ```ruby
146
147
  Vagrant.configure("2") do |config|
147
148
  config.vm.provider :lxc do |lxc|
148
- lxc.backingstore = 'none'
149
+ lxc.privileged = false
149
150
  end
150
151
  end
151
152
  ```
152
153
 
154
+ For unprivileged containers to work with `vagrant-lxc`, you need a properly configured system. On
155
+ some distros, it can be somewhat of a challenge. Your journey to configuring your system can start
156
+ with [Stéphane Graber's blog post about it](https://stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/).
157
+
153
158
  ## Avoiding `sudo` passwords
154
159
 
155
- This plugin requires **a lot** of `sudo`ing since [unprivileged containers](https://github.com/fgrehm/vagrant-lxc/issues/312)
156
- are not supported yet. To work around that, you can use the `vagrant lxc sudoers`
157
- command which will create a file under `/etc/sudoers.d/vagrant-lxc` whitelisting
158
- all commands required by `vagrant-lxc` to run.
160
+ If you're not using unprivileged containers, this plugin requires **a lot** of `sudo`ing To work
161
+ around that, you can use the `vagrant lxc sudoers` command which will create a file under
162
+ `/etc/sudoers.d/vagrant-lxc` whitelisting all commands required by `vagrant-lxc` to run.
159
163
 
160
164
  If you are interested on what will be generated by that command, please check
161
165
  [this code](lib/vagrant-lxc/command/sudoers.rb).
@@ -19,10 +19,14 @@ module Vagrant
19
19
  container_name = generate_container_name(env)
20
20
  end
21
21
 
22
+ backingstore = config.backingstore
23
+ if backingstore.nil?
24
+ backingstore = config.privileged ? "best" : "dir"
25
+ end
22
26
  driver = env[:machine].provider.driver
23
27
  driver.create(
24
28
  container_name,
25
- config.backingstore,
29
+ backingstore,
26
30
  config.backingstore_options,
27
31
  env[:lxc_template_src],
28
32
  env[:lxc_template_config],
@@ -24,6 +24,12 @@ module Vagrant
24
24
 
25
25
  attr_accessor :fetch_ip_tries
26
26
 
27
+ # Whether the container needs to be privileged. Defaults to true (unprivileged containers
28
+ # is a very new feature in vagrant-lxc). If false, will try creating an unprivileged
29
+ # container. If it can't, will revert to the old "sudo wrapper" method to create a privileged
30
+ # container.
31
+ attr_accessor :privileged
32
+
27
33
  def initialize
28
34
  @customizations = []
29
35
  @backingstore = UNSET_VALUE
@@ -31,6 +37,7 @@ module Vagrant
31
37
  @container_name = UNSET_VALUE
32
38
  @tmpfs_mount_size = UNSET_VALUE
33
39
  @fetch_ip_tries = UNSET_VALUE
40
+ @privileged = UNSET_VALUE
34
41
  end
35
42
 
36
43
  # Customize the container by calling `lxc-start` with the given
@@ -55,10 +62,11 @@ module Vagrant
55
62
 
56
63
  def finalize!
57
64
  @container_name = nil if @container_name == UNSET_VALUE
58
- @backingstore = "best" if @backingstore == UNSET_VALUE
65
+ @backingstore = nil if @backingstore == UNSET_VALUE
59
66
  @existing_container_name = nil if @existing_container_name == UNSET_VALUE
60
67
  @tmpfs_mount_size = '2G' if @tmpfs_mount_size == UNSET_VALUE
61
68
  @fetch_ip_tries = 10 if @fetch_ip_tries == UNSET_VALUE
69
+ @privileged = true if @privileged == UNSET_VALUE
62
70
  end
63
71
  end
64
72
  end
@@ -20,9 +20,9 @@ module Vagrant
20
20
  attr_reader :container_name,
21
21
  :customizations
22
22
 
23
- def initialize(container_name, sudo_wrapper = nil, cli = nil)
23
+ def initialize(container_name, sudo_wrapper = nil, cli = nil, privileged: true)
24
24
  @container_name = container_name
25
- @sudo_wrapper = sudo_wrapper || SudoWrapper.new()
25
+ @sudo_wrapper = sudo_wrapper || SudoWrapper.new(privileged: privileged)
26
26
  @cli = cli || CLI.new(@sudo_wrapper, container_name)
27
27
  @logger = Log4r::Logger.new("vagrant::provider::lxc::driver")
28
28
  @customizations = []
@@ -266,12 +266,21 @@ module Vagrant
266
266
  end
267
267
 
268
268
  def write_config(contents)
269
- Tempfile.new('lxc-config').tap do |file|
270
- file.chmod 0644
271
- file.write contents
272
- file.close
273
- @sudo_wrapper.run 'cp', '-f', file.path, config_path
274
- @sudo_wrapper.run 'chown', 'root:root', config_path
269
+ confpath = base_path.join('config').to_s
270
+ begin
271
+ File.open(confpath, File::RDWR) do |file|
272
+ file.write contents
273
+ end
274
+ rescue
275
+ # We don't have permissions to write in the conf file. That's probably because it's a
276
+ # privileged container. Work around that through sudo_wrapper.
277
+ Tempfile.new('lxc-config').tap do |file|
278
+ file.chmod 0644
279
+ file.write contents
280
+ file.close
281
+ @sudo_wrapper.run 'cp', '-f', file.path, confpath
282
+ @sudo_wrapper.run 'chown', 'root:root', confpath
283
+ end
275
284
  end
276
285
  end
277
286
  end
@@ -2,7 +2,6 @@ require "log4r"
2
2
 
3
3
  require "vagrant-lxc/action"
4
4
  require "vagrant-lxc/driver"
5
- require "vagrant-lxc/sudo_wrapper"
6
5
 
7
6
  module Vagrant
8
7
  module LXC
@@ -27,7 +26,7 @@ module Vagrant
27
26
 
28
27
  def ensure_lxc_installed!
29
28
  begin
30
- SudoWrapper.new().run("which", "lxc-create")
29
+ SudoWrapper.new(privileged: @machine.provider_config.privileged).run("which", "lxc-create")
31
30
  rescue Vagrant::LXC::Errors::ExecuteError
32
31
  raise Errors::LxcNotInstalled
33
32
  end
@@ -40,7 +39,7 @@ module Vagrant
40
39
 
41
40
  begin
42
41
  @logger.debug("Instantiating the container for: #{id.inspect}")
43
- @driver = Driver.new(id)
42
+ @driver = Driver.new(id, privileged: @machine.provider_config.privileged)
44
43
  @driver.validate!
45
44
  rescue Driver::ContainerNotFound
46
45
  # The container doesn't exist, so we probably have a stale
@@ -10,8 +10,9 @@ module Vagrant
10
10
  "/usr/local/bin/vagrant-lxc-wrapper"
11
11
  end
12
12
 
13
- def initialize()
13
+ def initialize(privileged: true)
14
14
  @wrapper_path = Pathname.new(SudoWrapper.dest_path).exist? && SudoWrapper.dest_path || nil
15
+ @privileged = privileged
15
16
  @logger = Log4r::Logger.new("vagrant::lxc::sudo_wrapper")
16
17
  end
17
18
 
@@ -27,11 +28,15 @@ module Vagrant
27
28
  File.umask(old_mask & 022) # allow all `r` and `x` bits
28
29
 
29
30
  begin
30
- if @wrapper_path && !options[:no_wrapper]
31
- command.unshift @wrapper_path
32
- execute *(['sudo'] + command)
31
+ if @privileged
32
+ if @wrapper_path && !options[:no_wrapper]
33
+ command.unshift @wrapper_path
34
+ execute *(['sudo'] + command)
35
+ else
36
+ execute *(['sudo', '/usr/bin/env'] + command)
37
+ end
33
38
  else
34
- execute *(['sudo', '/usr/bin/env'] + command)
39
+ execute *(['/usr/bin/env'] + command)
35
40
  end
36
41
  ensure
37
42
  File.umask(old_mask)
@@ -1,5 +1,5 @@
1
1
  module Vagrant
2
2
  module LXC
3
- VERSION = "1.3.1"
3
+ VERSION = "1.4.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vagrant-lxc
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.1
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabio Rehm
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-07 00:00:00.000000000 Z
11
+ date: 2018-03-04 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Linux Containers provider for Vagrant
14
14
  email: