--- /dev/null
+#lxc.utsname = $UTSNAME
+lxc.utsname = ve2lxc
+lxc.tty = 4
+lxc.pts = 1024
+lxc.network.type = veth
+lxc.network.flags = up
+lxc.network.link = br0
+lxc.network.name = eth0
+lxc.network.mtu = 1500
+#lxc.mount = $MNTFILE
+#lxc.rootfs = /mlin/clone/212226-60017
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
--- /dev/null
+#!/bin/sh -x
+
+test -z "$1" && echo "usage: $0 /path/to/ve/private" && exit
+
+dir=$1
+
+path=/$dir/etc/inittab
+tmp=/tmp/inittab
+
+cp $path $tmp || exit
+
+function append() {
+ if ! grep "$1" $path ; then
+ echo "$1" >> $tmp
+ fi
+}
+
+append "z6:6:respawn:/sbin/sulogin"
+append "1:2345:respawn:/sbin/getty 38400 console"
+append "c1:12345:respawn:/sbin/getty 38400 tty1 linux"
+append "c2:12345:respawn:/sbin/getty 38400 tty2 linux"
+append "c3:12345:respawn:/sbin/getty 38400 tty3 linux"
+append "c4:12345:respawn:/sbin/getty 38400 tty4 linux"
+
+if ! diff -uw $path $tmp ; then
+ cp $path $path.old && mv $tmp $path
+fi
+
+conf=/tmp/ve2lxc.conf
+cp ve2lxc.conf $conf || exit
+echo "lxc.rootfs = $dir" >> $conf
+
+lxc-stop -n ve2lxc
+lxc-destroy -n ve2lxc
+
+test -d /cgroup || mkdir /cgroup
+if ! grep /cgroup /etc/fstab ; then
+ echo "cgroup /cgroup cgroup rw 0 0" >> /etc/fstab
+fi
+
+mount | grep /cgroup || mount /cgroup || exit
+
+lxc-create -n ve2lxc -f $conf && read && lxc-start -n ve2lxc
projects / sysadmin-cookbook / commitdiff