vagrant-lxd 0.4.4 → 0.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81d3c5f71aaa0fb4f5fd3128722bf0d045619f7b56f2f6056f87ab396548d18f
-  data.tar.gz: 966e0817b7bb8fd94b7a865e2799b468a92b4522de5218a088e7502f75d218be
+  metadata.gz: b89636a6a97535b4de4e9e3cfb4fcc458fb06f70ca3d55ff7bc62c9bea14c74a
+  data.tar.gz: a3fe8906086a40e8b9ed66840834990832a401569a70373d99ee8b81281e47a8
 SHA512:
-  metadata.gz: f222d710cf807b6cbba3a5aae4dc0fb69df34c4a6d7112ef2df727f9218fd5296d8d3ed0a17fcecd8c68e3243bc982ea82a2fcdfedeb0932257bd7f08f940a9d
-  data.tar.gz: 9a0c720fd7130f77bf60663b5e1d7c2f8bc4da4bf74683214e3b4ec1e632334f704085053ae3e564d0cc967a6861d2b7597443fed20be33d8fad38cf13e49445
+  metadata.gz: d0289b302cb01183cea109c3dc80aa61ea0d54350b9d9ae1539bed266f784f37f12b4ce64711afe9cc17cedcac87d0825ad51df1aa66fe90a1df750fa9e9a9e9
+  data.tar.gz: 180e12636dd09fed787989067229a4f501120dfcdfac46ec6cdeb1d799254ddd4e5f305b51a272c4b8e10b30fd68efdaf9280088299c25294655e2c95eef5736

data/.gitignore

@@ -1,5 +1,6 @@
 /.bundle/
+/.tool-versions
 /.vagrant/
-/pkg/
 /Vagrantfile
+/pkg/
 /vendor/

data/.gitlab-ci.yml

@@ -1,4 +1,4 @@
-image: "ruby:2.3"
+image: ruby:2.5
 
 before_script:
   - apt-get -y update

data/Gemfile

@@ -1,12 +1,13 @@
 source 'https://rubygems.org/'
 
 group :development do
+  require 'pp' # avoid superclass mismatch error
   gem 'fakefs'
   gem 'rake'
   gem 'rspec'
   gem 'rspec-its'
   gem 'rspec-mocks'
-  gem 'vagrant', :git => 'https://github.com/mitchellh/vagrant.git'
+  gem 'vagrant', git: 'https://github.com/mitchellh/vagrant.git'
 end
 
 group :plugins do

data/Gemfile.lock

@@ -1,41 +1,42 @@
 GIT
   remote: https://github.com/mitchellh/vagrant.git
-  revision: 1dda6cc14c2d221a8e2e7b5091fed2fca9ba1ecf
+  revision: f19eb286e4cc2aeae06b632ef1fa44db499df403
   specs:
-    vagrant (2.2.6.dev)
+    vagrant (2.2.11.dev)
       bcrypt_pbkdf (~> 1.0.0)
-      childprocess (~> 0.6.0)
+      childprocess (~> 4.0.0)
       ed25519 (~> 1.2.4)
-      erubis (~> 2.7.0)
+      erubi
       hashicorp-checkpoint (~> 0.1.5)
-      i18n (~> 1.1.1)
-      listen (~> 3.1.5)
+      i18n (~> 1.8)
+      listen (~> 3.1)
       log4r (~> 1.1.9, < 1.1.11)
+      mime (~> 0.4.4)
       net-scp (~> 1.2.0)
-      net-sftp (~> 2.1)
-      net-ssh (~> 5.1.0)
+      net-sftp (~> 3.0)
+      net-ssh (~> 6.0)
       rb-kqueue (~> 0.2.0)
       rest-client (>= 1.6.0, < 3.0)
       ruby_dep (<= 1.3.1)
-      rubyzip (~> 1.2.2)
-      vagrant_cloud (~> 2.0.2)
+      rubyzip (~> 2.0)
+      vagrant_cloud (~> 2.0.3)
       wdm (~> 0.1.0)
-      winrm (~> 2.1)
-      winrm-elevated (~> 1.1)
-      winrm-fs (~> 1.0)
+      winrm (>= 2.3.4, < 3.0)
+      winrm-elevated (>= 1.2.1, < 2.0)
+      winrm-fs (>= 1.3.4, < 2.0)
 
 PATH
   remote: .
   specs:
-    vagrant-lxd (0.4.4)
+    vagrant-lxd (0.5.3)
       activesupport (~> 5.2.3)
       faraday (~> 0.17)
-      hyperkit (~> 1.2.0)
+      hyperkit (~> 1.3.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.2.4.1)
+    activesupport (5.2.4.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -43,19 +44,18 @@ GEM
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     bcrypt_pbkdf (1.0.1)
-    builder (3.2.3)
-    childprocess (0.6.3)
-      ffi (~> 1.0, >= 1.0.11)
-    concurrent-ruby (1.1.5)
-    diff-lcs (1.3)
+    builder (3.2.4)
+    childprocess (4.0.0)
+    concurrent-ruby (1.1.7)
+    diff-lcs (1.4.4)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
     ed25519 (1.2.4)
-    erubis (2.7.0)
-    fakefs (0.20.1)
+    erubi (1.9.0)
+    fakefs (1.2.2)
     faraday (0.17.3)
       multipart-post (>= 1.2, < 3)
-    ffi (1.11.1)
+    ffi (1.13.1)
     gssapi (1.3.0)
       ffi (>= 1.0.1)
     gyoku (1.3.1)
@@ -64,37 +64,37 @@ GEM
     http-cookie (1.0.3)
       domain_name (~> 0.5)
     httpclient (2.8.3)
-    hyperkit (1.2.0)
+    hyperkit (1.3.0)
       activesupport (>= 4.2.6)
       sawyer
-    i18n (1.1.1)
+    i18n (1.8.5)
       concurrent-ruby (~> 1.0)
-    listen (3.1.5)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
-      ruby_dep (~> 1.2)
+    listen (3.2.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
     little-plugger (1.1.4)
     log4r (1.1.10)
-    logging (2.2.2)
+    logging (2.3.0)
       little-plugger (~> 1.1)
-      multi_json (~> 1.10)
-    mime-types (3.2.2)
+      multi_json (~> 1.14)
+    mime (0.4.4)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.0331)
-    minitest (5.13.0)
-    multi_json (1.13.1)
+    mime-types-data (3.2020.0512)
+    minitest (5.14.2)
+    multi_json (1.15.0)
     multipart-post (2.1.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
-    net-sftp (2.1.2)
-      net-ssh (>= 2.6.5)
-    net-ssh (5.1.0)
+    net-sftp (3.0.0)
+      net-ssh (>= 5.0.0, < 7.0.0)
+    net-ssh (6.1.0)
     netrc (0.11.0)
     nori (2.6.0)
-    public_suffix (4.0.3)
-    rake (12.3.3)
-    rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    public_suffix (4.0.6)
+    rake (13.0.1)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
       ffi (~> 1.0)
     rb-kqueue (0.2.5)
       ffi (>= 0.5.0)
@@ -102,53 +102,54 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.2)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.3)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
+      rspec-support (~> 3.9.0)
     rspec-its (1.3.0)
       rspec-core (>= 3.0.0)
       rspec-expectations (>= 3.0.0)
-    rspec-mocks (3.8.1)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
     ruby_dep (1.3.1)
     rubyntlm (0.6.2)
-    rubyzip (1.2.3)
+    rubyzip (2.3.0)
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
     thread_safe (0.3.6)
-    tzinfo (1.2.6)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    vagrant_cloud (2.0.2)
+    unf_ext (0.0.7.7)
+    vagrant_cloud (2.0.3)
       rest-client (~> 2.0.2)
     wdm (0.1.1)
-    winrm (2.3.2)
+    winrm (2.3.4)
       builder (>= 2.1.2)
-      erubis (~> 2.7)
+      erubi (~> 1.8)
       gssapi (~> 1.2)
       gyoku (~> 1.0)
       httpclient (~> 2.2, >= 2.2.0.2)
       logging (>= 1.6.1, < 3.0)
       nori (~> 2.0)
       rubyntlm (~> 0.6.0, >= 0.6.1)
-    winrm-elevated (1.1.1)
+    winrm-elevated (1.2.2)
+      erubi (~> 1.8)
       winrm (~> 2.0)
       winrm-fs (~> 1.0)
-    winrm-fs (1.3.2)
-      erubis (~> 2.7)
+    winrm-fs (1.3.5)
+      erubi (~> 1.8)
       logging (>= 1.6.1, < 3.0)
-      rubyzip (~> 1.1)
+      rubyzip (~> 2.0)
       winrm (~> 2.0)
 
 PLATFORMS
@@ -164,4 +165,4 @@ DEPENDENCIES
   vagrant-lxd!
 
 BUNDLED WITH
-   2.0.2
+   2.1.4

data/README.md

@@ -148,7 +148,7 @@ is passed through to LXD. The hash values should all be strings:
       recursive: 'false',
     }
 
-[disk]: https://lxd.readthedocs.io/en/latest/containers/#type-disk
+[disk]: https://lxd.readthedocs.io/en/latest/instances/#type-disk
 
 ### Shared LXD Containers
 
@@ -234,7 +234,7 @@ to run graphical applications transparently from within the guest:
 Note that disk devices should be configured as [synced
 folders](#synced-folders) rather than ad-hoc devices.
 
-[device-config]: https://lxd.readthedocs.io/en/latest/containers/#device-configuration
+[device-config]: https://lxd.readthedocs.io/en/latest/instances/#devices-configuration
 
 ## Hacking
 

data/doc/setting-up-lxd.md

@@ -9,7 +9,46 @@ Specifically, the following settings need to be applied:
  3. Your user must be in the "lxd" group.
  4. Your user must have a client certificate registered with LXD.
 
-## Xenial
+## Ubuntu Focal and Later
+
+On Ubuntu 20.04 and later, LXD is installed as a [Snap][]. To install
+and configure it as described above, you can use the following commands:
+
+```sh
+# install lxd
+sudo apt install -y lxd
+
+# enable https api access
+sudo lxd init --auto --network-address=127.0.0.1 --network-port=8443
+
+# add your user to the lxd group
+sudo usermod -a -G lxd $(whoami)
+
+# apply the new group membership
+newgrp lxd
+```
+
+Then, the first time you run Vagrant in a project that uses the LXD
+provider, it will generate a client certificate for the plugin to use
+and instruct you to add it to LXD with the following message:
+
+```
+You may need configure LXD to allow requests from this machine. The
+easiest way to do this is to add your LXC client certificate to LXD's
+list of trusted certificates. This can typically be done with the
+following command:
+
+    $ lxc config trust add ~/.vagrant.d/data/lxd/client.crt
+
+You can find more information about configuring LXD at:
+
+    https://linuxcontainers.org/lxd/getting-started-cli/#initial-configuration
+```
+
+Once you run that command as instructed, everything should be set up for
+the plugin to work correctly.
+
+## Ubuntu Xenial
 
 To install LXD and configure it as described above on Ubuntu 16.04, you
 can use the following commands:
@@ -25,7 +64,7 @@ sudo lxd init --auto --network-address=127.0.0.1 --network-port=8443
 sudo dpkg-reconfigure -p medium lxd
 
 # add your user to the lxd group
-sudo usermod -a lxd -G $(whoami)
+sudo usermod -a -G lxd $(whoami)
 ```
 
 Once LXD is configured, you should register a client certificate for
@@ -37,7 +76,7 @@ automatically generate the certificate for you):
 newgrp lxd
 
 # create and add a client certificate
-lxc config trust add /home/ubuntu/.config/lxc/client.crt
+lxc config trust add ~/.config/lxc/client.crt
 ```
 
 At this point everything should be set up for the plugin to work
@@ -53,5 +92,6 @@ If you're using the plugin on another platform, please feel free to
 propose an addition to this document or add instructions to the
 project's [wiki][] for others to follow.
 
+[Snap]: https://snapcraft.io/
 [getting-started-cli]: https://linuxcontainers.org/lxd/getting-started-cli/
 [wiki]: https://gitlab.com/catalyst-it/vagrant-lxd/wikis

data/lib/vagrant-lxd/capability.rb

@@ -29,14 +29,33 @@ module VagrantLXD
     def Capability.synced_folders(env)
       logger = Log4r::Logger.new('vagrant::lxd::capability')
       logger.debug "Checking synced folders support for effective UID/GID #{Process.uid}/#{Process.gid}..."
-      result = %w(uid gid).all? do |type|
+      %w(uid gid).all? do |type|
         begin
-          File.readlines("/etc/sub#{type}").grep(/^root:#{Process.send(type)}:[1-9]/).any?
+          id = Process.send(type)
+          id_map = File.readlines("/etc/sub#{type}")
+          id_in_sub_id?(id, id_map)
         rescue StandardError => e
           logger.warn "Cannot read subordinate permissions file: #{e.message}"
           false
         end
       end
     end
+
+    # Determines whether the given numerical `id` is included in the
+    # subordinate map `id_map`, which should be an array of lines from
+    # the file /etc/subuid or /etc/subgid.
+    #
+    # Invalid lines, and any lines for a user or group other than root,
+    # are ignored. See subuid(5) and subgid(5) for details about these
+    # files, and the expected format of their entries.
+    def Capability.id_in_sub_id?(id, id_map)
+      id_map.any? do |line|
+        if line.match(/^(root|0):(\d+):(\d+)/)
+          range_min = $2.to_i
+          range_max = range_min + $3.to_i
+          id.between?(range_min, range_max)
+        end
+      end
+    end
   end
 end

data/lib/vagrant-lxd/driver.rb

@@ -119,15 +119,6 @@ module VagrantLXD
       end
     end
 
-    module Hyperkit::Client::Containers
-      alias extract_container_options_without_devices extract_container_options
-
-      def extract_container_options(name, options)
-        opts = extract_container_options_without_devices(name, options)
-        options.slice(:devices).merge(opts)
-      end
-    end
-
     NOT_CREATED = Vagrant::MachineState::NOT_CREATED_ID
 
     attr_reader :api_endpoint
@@ -170,11 +161,11 @@ module VagrantLXD
 
     def synced_folders_usable?
       # Check whether we've registered an idmap for the current user.
-      raw_idmap = container[:config][:'raw.idmap']
+      raw_idmap = config[:'raw.idmap']
       begin
         raw_idmap and
-        raw_idmap =~ /^uid #{Process.uid} #{vagrant_uid}$/ and
-        raw_idmap =~ /^gid #{Process.gid} #{vagrant_gid}$/
+        id_in_map?(Process.uid, 'uid', raw_idmap) and
+        id_in_map?(Process.gid, 'gid', raw_idmap)
       end
     rescue Vagrant::Errors::ProviderNotUsable
       false
@@ -403,7 +394,7 @@ module VagrantLXD
       end
     end
 
-  private
+    private
 
     #
     # The remaining methods are just conveniences, not part of the API
@@ -539,6 +530,8 @@ module VagrantLXD
       # If the user has already specified a 'raw.idmap', leave it alone.
       if config.include?(:'raw.idmap')
         # Manually specified, carry on.
+      elsif @machine.config.vm.synced_folders.reject { |_, f| f[:disabled] }.empty?
+        # No synced folders configured, carry on.
       elsif @machine.env.host.capability(:synced_folders)
         config[:'raw.idmap'] = ''
         config[:'raw.idmap'] << "uid #{Process.uid} #{vagrant_uid}\n"
@@ -550,11 +543,27 @@ module VagrantLXD
       config
     end
 
+    # Determines whether the numerical `id` of the specified `type` is
+    # included in the given idmap. These values should follow the format
+    # of the "raw.idmap" property specified here:
+    #
+    #   https://lxd.readthedocs.io/en/latest/userns-idmap/#custom-idmaps
+    #
+    def id_in_map?(id, type, map)
+      range_types = ['both', type]
+      map.each_line.any? do |line|
+        range_type, range_values = line.split
+        range = range_values.split('-')
+        begin
+          range_types.include?(range_type) and
+          id.between?(range.first.to_i, range.last.to_i)
+        end
+      end
+    end
+
     def locate_or_generate_client_certificate
       vagrant_path = @machine.env.data_dir / 'lxd'
-      default_path = Certificate.default_path / 'lxc'
-
-      search_paths = [vagrant_path, default_path]
+      search_paths = [vagrant_path] + Certificate.default_paths
 
       Certificate.locate(search_paths) or
       Certificate.generate(vagrant_path)

data/lib/vagrant-lxd/driver/certificate.rb

@@ -33,8 +33,11 @@ module VagrantLXD
 
       @logger = Log4r::Logger.new('vagrant::lxd::driver::certificate')
 
-      def Certificate.default_path
-        Pathname.new('~/.config').expand_path
+      def Certificate.default_paths
+        [
+          Pathname.new('~/.config/lxc').expand_path,
+          Pathname.new('~/snap/lxd/current/.config/lxc').expand_path,
+        ]
       end
 
       def Certificate.issuer_name

data/lib/vagrant-lxd/synced_folder.rb

@@ -24,6 +24,7 @@ module VagrantLXD
 
     def usable?(machine, raise_error = false)
       return false unless machine.provider_name == :lxd
+      return false unless machine.env.host.capability(:synced_folders)
 
       @driver ||= Driver.new(machine)
 

data/lib/vagrant-lxd/version.rb

@@ -20,7 +20,7 @@
 module VagrantLXD
   module Version
     NAME = 'vagrant-lxd'
-    VERSION = '0.4.4'
+    VERSION = '0.5.3'
     DESCRIPTION = 'Vagrant LXD provider'
   end
 end

data/vagrant-lxd.gemspec

@@ -36,7 +36,7 @@ Gem::Specification.new do |spec|
   end
 
   spec.add_runtime_dependency 'activesupport', '~> 5.2.3'
-  spec.add_runtime_dependency 'hyperkit', '~> 1.2.0'
+  spec.add_runtime_dependency 'hyperkit', '~> 1.3.0'
 
   # NOTE fixed to preserve ruby 1.x compatibility, versions after 1.0
   # use the safe navigation operator and thus need ruby 2.3 or newer

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vagrant-lxd
 version: !ruby/object:Gem::Version
-  version: 0.4.4
+  version: 0.5.3
 platform: ruby
 authors:
 - Evan Hanson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-01-06 00:00:00.000000000 Z
+date: 2020-10-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 1.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 1.3.0
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -99,8 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Vagrant LXD provider