Commit graph

425 commits

Author SHA1 Message Date
Cam Cope
2accd886fa remove /tmp cleanup, fixes lvm rootfs 2015-08-28 14:58:16 +02:00
Robin Gloster
993e430ccc Use /usr/bin/env CMD instead of hardcoded paths
This fixes commands that currently rely on hardcoded paths and break
on systems like NixOS that don't have all binaries in /usr/bin etc.
2015-08-28 14:58:16 +02:00
Robin Gloster
611a86ce84 do not copy the lxc template instead use the full path 2015-08-28 14:58:16 +02:00
Antonio Terceiro
64f561073c forward_ports: bind to localhost only by default
This has been raised as security concern on vagrant itself, and fixed
there some time ago.
2015-08-28 14:58:16 +02:00
Michael Stucki
7eb3be37de driver.rb: Check for correct bridge device name 2015-08-25 10:20:21 +02:00
Michael Stucki
31bb4eadf9 Move away from using ifconfig to ip link for enabling / disabling bridge devices 2015-08-25 10:18:14 +02:00
Michael Stucki
c3508870fd Private networking: Create bridge if it is missing 2015-07-06 18:01:18 +02:00
Michael Stucki
fb661300e7 Move bridge_exists check into a function 2015-07-06 18:01:15 +02:00
Fabio Rehm
52cca8e7f6 Merge pull request #355 from lfaraone/use-current-ruby
vagrant-lxc-wrapper: Use correct ruby interpreter
2015-04-06 10:58:53 -03:00
Fabio Rehm
55bbadef6f Merge pull request #352 from ccope/private_dhcp
Support private networking using DHCP
2015-04-06 10:56:38 -03:00
Fabio Rehm
8cb0afeb39 Merge pull request #357 from agriffis/fedora-host-selinux-ro
Mount the selinux sys dir read-only [GH-301]
2015-04-06 10:51:30 -03:00
Cam Cope
caa3c53a8f move mountpoint creation to lxc template for lvm rootfs support 2015-04-05 17:46:22 -07:00
Aron Griffis
7d017ada1e Mount the selinux sys dir read-only [GH-301] 2015-03-24 17:42:11 -04:00
Luke Faraone
05fdb3e000 vagrant-lxc-wrapper: Use correct ruby interpreter
Previously, we hardcoded to using the ruby binary in /opt/vagrant[..].
On some systems, this path is incorrect, so instead we use the
path of the interpreter that is executing the `vagrant lxc sudoers`
command.
2015-03-19 16:22:00 -07:00
Cam Cope
5da3fc8be5 support containers with dhcp private networking 2015-03-08 19:58:29 -07:00
Fabio Rehm
3b45b92d1a v1.1.0 2015-01-14 21:44:28 -02:00
Fabio Rehm
156bc015c8 Allow backingstore options to be used along with the sudo wrapper script [GH-310] 2015-01-14 21:07:35 -02:00
Fabio Rehm
fb23e606cc action/create: Trim automatically generated container names to 64 chars
Fixes GH-337
2015-01-11 21:30:11 -02:00
Fabio Rehm
ef06ea622e Remove blank file 2015-01-11 21:18:56 -02:00
Fabio Rehm
555499d04a Merge branch 'master' of https://github.com/pruby/vagrant-lxc into next
Closes GH-329
2015-01-11 21:06:46 -02:00
Fabio Rehm
447d0dfc42 Experimental support for private networking [GH-298] 2015-01-11 20:59:38 -02:00
Fabio Rehm
bf3a9a5039 action: Some more tweaks around private networking + new pipework code [GH-298] 2015-01-08 03:57:49 -02:00
Fabio Rehm
28bdbe371d Merge remote-tracking branch 'origin/private-networks' into next 2015-01-08 02:28:45 -02:00
Fabio Rehm
758703ea6b provider: Use full which path when checking whether the lxc-create command is available
Fixes GH-322
2015-01-08 02:26:25 -02:00
Fabio Rehm
8b37056294 provider: Show an user friendly message when trying to use the plugin on non-Linux environments 2015-01-08 02:17:32 -02:00
Fabio Rehm
2a667b88b6 plugin: Give the provider a higher priority over Vagrant's builtin VBox provider 2015-01-08 00:55:19 -02:00
Fabio Rehm
2a48f366d4 Merge branch 'tempfile_problem' of https://github.com/stefan-langenmaier/vagrant-lxc into next 2015-01-08 02:07:02 +00:00
Fabio Rehm
67523019aa 👋 to support for Vagrant < 1.5 2015-01-07 23:48:10 -02:00
Tim Goddard
fe532525c8 Support for formatted overlayfs path spec when finding the root FS path
We're using snapshots in a CI set-up so that a Vagrant cluster can be built
once, then each push to the repository only checked as an incremental
update to the cluster. We copy each LXC VM to a master image, then re-create
the original names as snapshots.

This change corrects a method which assumes the LXC root path in the config
file is a simple directory name, which is only true for directory-backed
instances.

Conflicts:
	spec/unit/driver_spec.rb
2014-11-12 15:21:28 +13:00
Stefan Langenmaier
188a1eb089 uninitialized constant Tempfile 2014-11-05 08:50:46 -05:00
Fabio Rehm
71e210f683 v1.0.1 2014-10-15 01:04:37 -03:00
Fabio Rehm
186d453621 Prefix action to fetch containers IP with ssh so that vagrant does not lock around its execution
Closes GH-321
2014-10-15 01:02:52 -03:00
Fabio Rehm
80ca559258 Tweaks to get the changes introduced on GH-317 to work with the sudo wrapper 2014-10-15 01:01:43 -03:00
Fabio Rehm
b4a642bc8a Merge pull request #318 from rtkrruvinskiy/lock_race
Work around WaitForCommunicator lock race condition
2014-10-15 00:31:10 -03:00
Ray Ruvinskiy
dc55c914e4 Work around WaitForCommunicator lock race condition
The LXC provider issues the "fetch_ip" action to look up the IP address
of the container as part of its "ssh_info" action.
Vagrant::LXC::Action.action_fetch_ip checks the machine state using
Builtin::IsState, which calls Vagrant::Machine.state, which also updates
the state in the machine index and acquires a machine index entry lock to do that.
A race condition ensues in WaitForCommunicator.call, where ready_thr tries
to acquire the machine index lock while running ssh_info, and states_thr tries
to acquire the same lock doing its own state look up (env[:machine].state.id).
If they both try to acquire the lock at the same time, one will fail, and
an exception will be raised.

Work around this issue by checking for the desired machine state (:running) in
Vagrant::LXC::Provider.ssh_info, which can get the state from
Vagrant::LXC::Provider.state, which in turn does not write out the state into
the index file and does not acquire the index entry lock.
2014-09-29 16:47:29 -04:00
Azamat Khudaygulov
f454924a59 The path of storage containers taken from lxc-config, instead of using a constant for lxc>=1.0.0.
* for lxc to 1.0.0 using constant Vagrant::LXC::Driver::DEFAULT_CONTAINERS_PATH
 * change method Vagrant::LXC::Driver::CLI#version to call lxc-create if lxc-version command not exists (to lxc version 1.0.0)
2014-09-23 16:07:03 +04:00
Fabio Rehm
e76a18185c 🎆 v1.0.0 🎆 2014-09-23 01:03:48 -03:00
Fabio Rehm
5fa6f0dd09 synced_folder: Emit vagrant-mounted upstart event when starting containers
Closes GH-302
2014-09-22 23:44:01 -03:00
Fabio Rehm
8ffc9ef92a Remove version suffix from generated sudoers commands 2014-09-22 23:07:12 -03:00
Franz Pletz
ec4a52559a Add check for box updates to start action
This action apparently needs to be added to every provider. See
lib/vagrant/plugins/providers/virtualbox/action.rb from the Vagrant
source for reference how the virtualbox provider is doing it.
2014-09-05 20:52:03 +02:00
Fabio Rehm
3f7c7ecabf v1.0.0.alpha.3 2014-08-09 16:37:40 -03:00
Fabio Rehm
aac8c31410 driver: Remove calls to in favor of Vagrant's built in graceful halt 2014-07-24 21:58:04 -03:00
Fabio Rehm
d0642c95fd command/sudoers: Move wrapper string out to a template and use the full path to the scripts in order to make things work properly across different distros
Closes GH-304
Closes GH-305
2014-07-24 21:58:04 -03:00
Fabio Rehm
d3b9d53097 driver/cli: Deal with namespaces args for lxc-attach when the sudo wrapper script is in place [GH-300] 2014-07-24 21:58:04 -03:00
Fabio Rehm
752fa9b4e5 action/fetch_ip_with_lxc_attach: Attach to the MOUNT namespace in order to fix GH-300 2014-07-24 21:58:04 -03:00
Fabio Rehm
5232f2c7b1 Begin work on supporting private networks 2014-06-09 00:48:52 -03:00
Fabio Rehm
09f855dc76 command/sudoers: Remove Cmnd_Alias from sudoers file
Since the wrapper is versioned, we would end up having multiple `LXC`
command aliases, making `sudo` unusable:

```
>>> /etc/sudoers.d/vagrant-lxc-1-0-0-alpha-3-dev: Alias `LXC' already
>>> defined near line 2 <<<
sudo: parse error in /etc/sudoers.d/vagrant-lxc-1-0-0-alpha-3-dev near
line 2
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
```
2014-06-08 23:44:02 -03:00
Fabio Rehm
b4376ef995 command/sudoers: Use Vagrant's ruby for the sudoers file
This makes things work on systems that don't have a global ruby
installation in place and fix GH-289
2014-06-08 23:36:29 -03:00
Fabio Rehm
3e22f424e6 driver: Escape synced folders with spaces
Fix GH-291
2014-06-08 23:27:27 -03:00
Fabio Rehm
a284d66f9e Lets release another alpha before going to beta 2014-06-08 22:52:33 -03:00
Fabio Rehm
f49585db51 driver/cli: Improved lxc-attach check [GH-294] 2014-06-08 22:52:33 -03:00
Kristof Willaert
a4768c26ca Add fallback mechanism for platforms without attach support
Some platforms (most notably CentOS and RHEL) use a kernel without
'attach' support. This patch detects this absence and falls back
to the alternative ways of doing things like detection of IP address
and halting the container.
It does so by running the command "true" through lxc-attach.
2014-06-03 17:53:26 +02:00
Fabio Rehm
3a4c0ca79d Up dev version 2014-05-13 00:29:42 -03:00
Fabio Rehm
7bccdd2f71 v1.0.0.alpha.2 2014-05-13 00:25:53 -03:00
Fabio Rehm
2db9aa89a1 action/ip_from_dnsmasq: Handle nil container hwaddr value 2014-05-12 23:56:39 -03:00
Fabio Rehm
d7935e55f3 action/boot: Bind mount /sys/fs/pstore to same path on containers to fix some apparmor issues when starting Ubuntu 14.04 containers
Fix GH-278
2014-05-12 23:27:14 -03:00
Fabio Rehm
9111261f79 driver: Do not show a stacktrace to the user if no network.hwaddr is present on container configs
This is enough to close GH-266 since Vagrant will take care of showing
an error informing the user that it was unable to connect to the
machine.
2014-05-12 23:21:41 -03:00
Fabio Rehm
c580865ab2 driver: Fix lxc config customizations prunning [GH-279] 2014-05-12 23:06:45 -03:00
Fabio Rehm
1cf8ce50e4 command/sudoers: Fix whitelisting to take GH-277 into account 2014-05-12 23:05:42 -03:00
Kristof Willaert
6b5c00089d Make MAC address regex check case insensitive
The regex check for the container MAC address presence in the
dnsmasq leases file is case sensitive. Dnsmasq outputs uppercase
addresses in the leases file.

As MAC addresses are generally considered case insensitive, it
makes sense to relax the regular expression check to allow for this.
2014-05-08 14:30:14 +02:00
Fabio Rehm
5eef1524d7 driver: Use relative guest paths for synced folders
Closes GH-258
2014-05-04 20:52:00 -03:00
Fabio Rehm
856a847bc8 config: Switch default backingstore to "best" [GH-277] 2014-05-04 20:37:09 -03:00
Fabio Rehm
4c3143aa34 Merge branch 'backingstore_options' of https://github.com/tailhook/vagrant-lxc
Conflicts:
	lib/vagrant-lxc/config.rb
2014-05-03 23:42:39 -03:00
Fabio Rehm
7870d59184 Merge branch 'fix_mounts' of https://github.com/tailhook/vagrant-lxc 2014-05-03 23:36:23 -03:00
Fabio Rehm
a0fe2f9cf0 action/clear_forwarded_ports: Fix privileged port detection and simplify code [GH-259] 2014-05-03 23:28:59 -03:00
Fabio Rehm
84bdb5cb22 Fix code indentation 2014-05-03 23:28:04 -03:00
Fabio Rehm
ee63d2b2ae Merge branch 'sudo-for-redir' of https://github.com/guerremdq/vagrant-lxc 2014-05-03 23:14:29 -03:00
guerremdq
0b1fffc6e3 clean redir pid with sudo only if port is < than 1024 2014-04-29 00:02:16 -03:00
Cam Cope
a9248cb697 add backingstore parameters 2014-04-28 17:17:59 +03:00
Eric Hartmann
3b311ad840 Fix sudoers for multiple users 2014-04-23 17:49:04 +02:00
Eric Hartmann
2666f9e38d Fix argument parsing 2014-04-23 16:27:33 +02:00
Jef Mathiot
0eae5c0926 Removed unsecure calls to SudoWrapper#su_c. 2014-04-17 12:56:56 +02:00
Jef Mathiot
94e175dc07 sudoers command now creates a safe wrapper script.
Sudoers now creates a safe wrapper script that performs sanity checks on sudo :
* wrapper generated in /usr/local/bin (name includes version to allow multiple wrappers on the same system)
* sudoers command now generates a one-line file in /etc/sudoers.d
* SudoWrapper use the new wrapper
* Removed unused Config#validate method
2014-04-09 15:53:20 +02:00
Paul Colomiets
9f9cb1c791 Implement sorting of synced_folders
It's useful if you want to mount something inside /vagrant or if you
have some another mount in some synced folder.

This piece of code is extracted from virtualbox driver.
2014-04-09 16:16:56 +03:00
Fabio Rehm
47cf361b98 Up dev version 2014-04-06 18:52:19 -03:00
Fabio Rehm
bc6e2e9d7c v1.0.0.alpha.1 2014-04-04 16:28:57 -03:00
Fabio Rehm
7e9d790f6a command/sudoers: Minor tweaks to make the generated file work with latest changes 2014-03-27 20:04:38 -03:00
Fabio Rehm
328477172e command/sudoers: Add missing -p to mkdir command 2014-03-24 23:50:38 -03:00
guerremdq
697d8bde08 only use sudo with redir when port number is lower than 1024 2014-03-23 13:39:42 -03:00
Jef Mathiot
5a56b72360 * Ruby >1.9 hash syntax
* Improved comment on Vagrant::Registry.keys
2014-03-22 00:58:36 +01:00
Fabio Rehm
8b1573c536 doc: Let everyone know about the new vagrant lxc sudoers command 2014-03-21 20:04:35 -03:00
Fabio Rehm
64de0fca3c command/sudoers: Mention what is the default value for the user and add a REFACTOR note 2014-03-21 19:53:49 -03:00
Fabio Rehm
02fefd10c0 command/sudoers: Nitpick
* Use Ruby 1.9+ hash syntax
* Use % as the BOXES placeholder as it is the same symbol used for I18n placeholders as well
2014-03-21 19:48:36 -03:00
Fabio Rehm
19bccc9ca5 ✂️ whitespace 2014-03-21 19:38:56 -03:00
Fabio Rehm
b7dbfc84af Merge branch 'master' of github.com:jefmathiot/vagrant-lxc
Conflicts:
	lib/vagrant-lxc/plugin.rb
2014-03-21 19:38:35 -03:00
Fabio Rehm
41716e9100 synced_folder: Fix UI warn when group / owner are specified on Vagrantfile 2014-03-21 19:31:14 -03:00
Fabio Rehm
164afc7839 package: Nicely handle optional lxc-template on base boxes when packaging 2014-03-21 19:30:28 -03:00
guerremdq
fd948f8552 Add sudo for redir 2014-03-20 17:01:45 -03:00
Jef Mathiot
8590c87132 Created an "lxc sudoers" command to create sudoers file for a given user (defaults to current one). 2014-03-16 18:59:18 +01:00
Fabio Rehm
4f49be03ad core: Make lxc-template optional [GH-254] 2014-03-14 00:32:03 -03:00
Fabio Rehm
da96e8c1a4 synced_folder: Fix mount_options on Vagrant 1.4+ 2014-03-14 00:21:21 -03:00
Fabio Rehm
d6a22c9f88 synced_folder: Warn in case :group or :owner are specified [GH-196] 2014-03-13 23:48:46 -03:00
Fabio Rehm
20d4547044 synced_folder: Support for mount_options 2014-03-13 23:36:15 -03:00
Fabio Rehm
c9fe9e552e Merge branch 'master' of github.com:vorlock/vagrant-lxc 2014-03-13 23:07:55 -03:00
Fabio Rehm
ad63452651 Nitpick 2014-03-13 23:07:05 -03:00
Fabio Rehm
5df28390e2 Merge branch 'utsname-hostname' of github.com:fpletz/vagrant-lxc 2014-03-13 23:05:47 -03:00
Fabio Rehm
dfd93d087c action: Keep old behavior of erroring on vagrant ssh -c instead of just showing a message 2014-03-13 23:02:18 -03:00
Franz Pletz
be12f11ced Set container utsname to configured hostname per default
Previously, the utsname of a machine was set to the vagrant machine ID.
As the utsname represents the hostname of the machine and is independent
from the name of the actual LXC container, the hostname that was
specified in the Vagrantfile should be used instead. If no hostname is
provided, the machine ID will be used like before.

Additionally, this will trigger the DHCP client in the container to send
the correct hostname to the DHCP server on the first request at boot.
Vagrant sets the configured hostname only after the network is up. If
for example automatic DNS updates are configured, the right DNS record
will be created every time.
2014-03-13 19:06:05 +01:00
Fabio Rehm
7e79d59365 core: Fix vagrant ssh [GH-252] 2014-03-13 09:42:39 -03:00
Marcin Kulisz
e84f9e2b4a Added dnsmasq leases file location for libvirt 2014-03-13 09:49:24 +00:00