diff options
| author |   dlezcano <dlezcano> | 2008-10-24 20:14:57 +0000 |
|---|---|---|
| committer | dlezcano <dlezcano> | 2008-10-24 20:14:57 +0000 |
| commit | 805415fcebeea70abb27025f8ad0518ead78cc08 (patch) | |
| tree | 9fd1729333eeffb18f94ad44d381cad3637d220f /lxc.spec.in | |
| parent | Exit instead of returning in the child processes, otherwise the execution (diff) | |
| download | lxc-805415fcebeea70abb27025f8ad0518ead78cc08.tar.gz lxc-805415fcebeea70abb27025f8ad0518ead78cc08.tar.bz2 lxc-805415fcebeea70abb27025f8ad0518ead78cc08.zip | |
Give the ability to non-root user to play with the containers. This feature
relies on the file capabilities, when the lxc commands are installed, the
sys/net admin capabilities are given to these files. These capabilities are
not available for the application running inside the container.
Diffstat (limited to 'lxc.spec.in')
| -rw-r--r-- | lxc.spec.in | 58 |
1 files changed, 33 insertions, 25 deletions
diff --git a/lxc.spec.in b/lxc.spec.in index f71a520..9359daa 100644 --- a/lxc.spec.in +++ b/lxc.spec.in @@ -50,16 +50,26 @@ Source: %name/%name-%version.tar.gz BuildRoot: %_tmppath/%name-%version-root %description -%name is a set of command line to manage containers + +The package "%name" provides the command lines to create and manage +containers. It contains a full featured container with the isolation +/ virtualization of the pids, the ipc, the utsname, the mount points, +/proc, /sys, the network and it takes into account the control groups. +It is very light, flexible, and provides a set of tools around the +container like the monitoring with asynchronous events notification, +or the freeze of the container. This package is useful to create +Virtual Private Server, or to run isolated applications like bash or +sshd. %package devel Release: %{rel} Summary: development library for %{name} +Requires: libcap Group: Application/System %description devel -The %{name}-devel package contains header files and library needed for development -of containers +The %{name}-devel package contains header files and library needed for +development of containers %prep %setup -q @@ -72,12 +82,32 @@ make -j$ncpus %install rm -rf %{buildroot} + %makeinstall %clean rm -rf %{buildroot} %post +if [ -d /var/lxc ]; then + for i in $(ls -1 /var/lxc); do + chmod -fR go-rwx /var/lxc/$i + done + mv /var/lxc /var/lxc.rpm-$$ +fi + +mkdir -p /var/lxc + +if [ -d /var/lxc.rpm-$$ ]; then + for i in $(ls -1 /var/lxc.rpm-$$); do + cp -a /var/lxc.rpm-$$/$i /var/lxc + done +fi + +chmod ugo+w /var/lxc + +setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep %{_bindir}/lxc-execute +setcap cap_net_admin,cap_net_raw,cap_sys_admin,cap_dac_override=ep %{_bindir}/lxc-start %files %defattr(-,root,root) @@ -94,28 +124,6 @@ rm -rf %{buildroot} %changelog -* Thu Oct 9 2008 Daniel Lezcano <dlezcano@fr.ibm.com> - Version 0;3.0 -- Added checkpoint/restart API and CLI -- Added cgroup support -- Misc fixes - Details in Changelog file - -* Wed Sep 10 2008 Daniel Lezcano <dlezcano@fr.ibm.com> - Version 0.2.1 -- Added lxc-wait command line -- Added tty support for lxc-start -- Fixed rootfs absolute directory -- Improved system containers - -* Fri Sep 5 2008 Daniel Lezcano <dlezcano@fr.ibm.com> - Version 0.2.0 -- Fix typos in README -- Added empty container configuration -- Added empty network container configuration -- Added bind option for mount configuration -- Merged lxc and liblxc directories -- Changed monitoring mechanism -- Fixed child process should exit instead of returning on error -- Fixed lxc.h headers can be included in C++ code -- A lot of code cleanup and improvements - * Sun Aug 3 2008 Daniel Lezcano <dlezcano@fr.ibm.com> - Version 0.1.0 - Initial RPM release. |