diff options
Diffstat (limited to 'app-containers/lxd/files')
12 files changed, 478 insertions, 0 deletions
diff --git a/app-containers/lxd/files/lxd-4.0.0.confd b/app-containers/lxd/files/lxd-4.0.0.confd new file mode 100644 index 000000000000..68cf344995be --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.0.confd @@ -0,0 +1,23 @@ +# Group which owns the shared socket +LXD_OPTIONS+=" --group lxd" + +# Enable cpu profiling into the specified file +#LXD_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#LXD_OPTIONS+=" --memprofile /tmp/lxc_mem_profile" + +# Enable debug mode +#LXD_OPTIONS+=" --debug" + +# For debugging, print a complete stack trace every n seconds +#LXD_OPTIONS+=" --print-goroutines-every 5" + +# Enable verbose mode +#LXD_OPTIONS+=" -v" + +# Logfile to log to +#LXD_OPTIONS+=" --logfile /var/log/lxd/lxd.log" + +# Enable syslog logging +#LXD_OPTIONS+=" --syslog" diff --git a/app-containers/lxd/files/lxd-4.0.0.socket b/app-containers/lxd/files/lxd-4.0.0.socket new file mode 100644 index 000000000000..3207c9453d11 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.0.socket @@ -0,0 +1,12 @@ +[Unit] +Description=LXD - unix socket +Documentation=man:lxd(1) + +[Socket] +ListenStream=/var/lib/lxd/unix.socket +SocketGroup=lxd +SocketMode=0660 +Service=lxd.service + +[Install] +WantedBy=sockets.target diff --git a/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch b/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch new file mode 100644 index 000000000000..d05ff2c81bd9 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch @@ -0,0 +1,74 @@ +From cc7bab602e6b967fdd31c5feed0f3f6321c0a0a7 Mon Sep 17 00:00:00 2001 +From: Luca Barbato <lu_zero@gentoo.org> +Date: Fri, 13 Jan 2023 21:43:22 +0000 +Subject: [PATCH] Fix syscall wrappers + +--- + lxd/include/syscall_wrappers.h | 7 ++++--- + lxd/main_nsexec.go | 2 +- + shared/idmap/shift_linux.go | 2 +- + 3 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/lxd/include/syscall_wrappers.h b/lxd/include/syscall_wrappers.h +index 2c28133a8..a6975ab4d 100644 +--- a/lxd/include/syscall_wrappers.h ++++ b/lxd/include/syscall_wrappers.h +@@ -26,10 +26,10 @@ static inline int lxd_close_range(unsigned int fd, unsigned int max_fd, unsigned + return syscall(__NR_close_range, fd, max_fd, flags); + } + +-static inline int open_tree(int dfd, const char *filename, unsigned int flags) ++/* static inline int open_tree(int dfd, const char *filename, unsigned int flags) + { + return syscall(__NR_open_tree, dfd, filename, flags); +-} ++}*/ + + /* + * mount_setattr() +@@ -40,7 +40,7 @@ struct lxc_mount_attr { + __u64 propagation; + __u64 userns_fd; + }; +- ++/* + static inline int mount_setattr(int dfd, const char *path, unsigned int flags, + struct lxc_mount_attr *attr, size_t size) + { +@@ -53,6 +53,7 @@ static inline int move_mount(int from_dfd, const char *from_pathname, int to_dfd + return syscall(__NR_move_mount, from_dfd, from_pathname, to_dfd, + to_pathname, flags); + } ++*/ + + /* arg1 of prctl() */ + #ifndef PR_SCHED_CORE +diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go +index f11c0d4cb..753024283 100644 +--- a/lxd/main_nsexec.go ++++ b/lxd/main_nsexec.go +@@ -298,7 +298,7 @@ static char *file_to_buf(char *path, ssize_t *length) + int mount_detach_idmap(const char *path, int fd_userns) + { + __do_close int fd_tree = -EBADF; +- struct lxc_mount_attr attr = { ++ struct mount_attr attr = { + .attr_set = MOUNT_ATTR_IDMAP, + + }; +diff --git a/shared/idmap/shift_linux.go b/shared/idmap/shift_linux.go +index daaf37275..e219ac01c 100644 +--- a/shared/idmap/shift_linux.go ++++ b/shared/idmap/shift_linux.go +@@ -314,7 +314,7 @@ static int get_userns_fd(void) + static int create_detached_idmapped_mount(const char *path) + { + __do_close int fd_tree = -EBADF, fd_userns = -EBADF; +- struct lxc_mount_attr attr = { ++ struct mount_attr attr = { + .attr_set = MOUNT_ATTR_IDMAP, + .propagation = MS_SLAVE, + +-- +2.39.0 + diff --git a/app-containers/lxd/files/lxd-4.0.9-r1.service b/app-containers/lxd/files/lxd-4.0.9-r1.service new file mode 100644 index 000000000000..480940dab7a3 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9-r1.service @@ -0,0 +1,23 @@ +[Unit] +Description=LXD - main daemon +After=network-online.target lxcfs.service lxd.socket +Requires=network-online.target lxcfs.service lxd.socket +Documentation=man:lxd(1) + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/lxd --group lxd --syslog +ExecStartPost=/usr/sbin/lxd waitready --timeout=600 +ExecStartPre=/bin/mkdir -p /var/log/lxd +ExecStartPre=/bin/chown -R root:lxd /var/log/lxd +KillMode=process +PermissionsStartOnly=true +TimeoutStartSec=600s +TimeoutStopSec=30s +Restart=on-failure +LimitNOFILE=1048576 +LimitNPROC=infinity +TasksMax=infinity + +[Install] +Also=lxd-containers.service lxd.socket diff --git a/app-containers/lxd/files/lxd-4.0.9.initd b/app-containers/lxd/files/lxd-4.0.9.initd new file mode 100644 index 000000000000..7b3d464ea367 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9.initd @@ -0,0 +1,49 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/lxd +PIDFILE=/run/lxd.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting lxd service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/lxd and make sure it exists. + # Create a log directory for lxd with correct permissions. + install -d /var/lib/lxd --group lxd --owner root --mode 0775 + install -d /var/log/lxd --group lxd --owner root + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${LXD_OPTIONS} + eend ${?} +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping lxd service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to LXD that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping lxd service and containers, waiting 40s" + # SIGPWR indicates to LXD that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for LXD. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/lxd/files/lxd-5.0.2-r1.initd b/app-containers/lxd/files/lxd-5.0.2-r1.initd new file mode 100644 index 000000000000..7c74c0fdc308 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.2-r1.initd @@ -0,0 +1,59 @@ +#!/sbin/openrc-run +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/lxd +PIDFILE=/run/lxd.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting lxd service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/lxd and make sure it exists. + # Create a log directory for lxd with correct permissions. + install -d /var/lib/lxd --group lxd --owner root --mode 0775 + install -d /var/log/lxd --group lxd --owner root + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${LXD_OPTIONS} + eend ${?} + + # Create necessary systemd paths in order for systemd containers to work on openrc host. + # /etc/rc.conf should have following values: + # rc_cgroup_mode="hybrid" + if [ -d /sys/fs/cgroup/unified ] && + [ ! -d /sys/fs/cgroup/systemd ]; then + install -d /sys/fs/cgroup/systemd --group lxd --owner root + mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd + fi +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping lxd service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to LXD that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping lxd service and containers, waiting 40s" + # SIGPWR indicates to LXD that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for LXD. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch b/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch new file mode 100644 index 000000000000..a8e457387ee6 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch @@ -0,0 +1,32 @@ +diff -Naur a/Makefile b/Makefile +--- a/Makefile 2023-01-16 21:10:45.000000000 -0000 ++++ b/Makefile 2023-01-19 14:52:28.488204725 -0000 +@@ -248,28 +248,6 @@ + .PHONY: build-mo + build-mo: $(MOFILES) + +-.PHONY: static-analysis +-static-analysis: +-ifeq ($(shell command -v golangci-lint 2> /dev/null),) +- go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.2 +-endif +-ifeq ($(shell command -v shellcheck 2> /dev/null),) +- echo "Please install shellcheck" +- exit 1 +-endif +-ifneq "$(shell shellcheck --version | grep version: | cut -d ' ' -f2)" "0.8.0" +- @echo "WARN: shellcheck version is not 0.8.0" +-endif +-ifeq ($(shell command -v flake8 2> /dev/null),) +- echo "Please install flake8" +- exit 1 +-endif +- golangci-lint run --timeout 5m +- flake8 test/deps/import-busybox +- shellcheck --shell sh test/*.sh test/includes/*.sh test/suites/*.sh test/backends/*.sh test/lint/*.sh +- shellcheck test/extras/*.sh +- run-parts --regex '.sh' test/lint +- + .PHONY: tags + tags: *.go lxd/*.go shared/*.go lxc/*.go + find . -type f -name '*.go' | xargs gotags > tags diff --git a/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch b/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch new file mode 100644 index 000000000000..4e993b7e7054 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch @@ -0,0 +1,52 @@ +From e7c852e43c0479060e630adb50342d2552a6cdad Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Tue, 7 Feb 2023 10:04:27 +0000 +Subject: [PATCH] lxd/storage/drivers/driver/btrfs/utils: Only check for + minimum number of columns in `btrfs qgroup show` command + +Previously we expected 4 columns, but in btrfs-progs >= 6.0 this has changed to 5 columns. + +E.g. in Jammy btrfs-progs v5.16.2: + +``` +sudo btrfs qgroup show /var/lib/lxd/storage-pools/btrfs +qgroupid rfer excl +-------- ---- ---- +0/5 16.00KiB 16.00KiB +0/256 9.66MiB 400.00KiB +0/257 9.66MiB 392.00KiB +``` + +And in Lunar btrfs-progs v6.1.3: + +``` +btrfs qgroup show /var/lib/lxd/storage-pools/btrfs +Qgroupid Referenced Exclusive Path +-------- ---------- --------- ---- +0/5 16.00KiB 16.00KiB <toplevel> +0/256 9.63MiB 400.00KiB images/1f81470478d136f0008c856e3a47369e0ac863f0402ce0e31c56dd29e9fdd4d7 +0/257 9.64MiB 404.00KiB containers/c1 +``` + +Fixes #11210 + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +--- + lxd/storage/drivers/driver_btrfs_utils.go | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/lxd/storage/drivers/driver_btrfs_utils.go b/lxd/storage/drivers/driver_btrfs_utils.go +index e1468e4b1a59..722a2de20978 100644 +--- a/lxd/storage/drivers/driver_btrfs_utils.go ++++ b/lxd/storage/drivers/driver_btrfs_utils.go +@@ -253,7 +253,9 @@ func (d *btrfs) getQGroup(path string) (string, int64, error) { + } + + fields := strings.Fields(line) +- if len(fields) != 4 { ++ ++ // The BTRFS tooling changed the number of columns between versions so we only check for minimum. ++ if len(fields) < 3 { + continue + } + diff --git a/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch b/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch new file mode 100644 index 000000000000..768e4d160132 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch @@ -0,0 +1,79 @@ +From fe71f2135bdc3aa6ea28de7ed1ac324f7d689ed6 Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Wed, 7 Feb 2024 16:53:29 +0000 +Subject: [PATCH 1/2] shared/simplestreams/products: Fix regression in parsing + version files + +Don't stop when finding first matching version file because the index is parsed +in random order and LXD calls it multiple times when figuring out which image +file to download and so stopping early can cause mismatches when trying to match +a converted alias to a specific file fingerprint. + +Introduced with 3e9acc4 + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +(cherry picked from commit 3681d5e54649fcc2fc9375b6820c1133f140228d) +--- + shared/simplestreams/products.go | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/shared/simplestreams/products.go b/shared/simplestreams/products.go +index a07e4d5b1b5b..542051403899 100644 +--- a/shared/simplestreams/products.go ++++ b/shared/simplestreams/products.go +@@ -279,8 +279,6 @@ func (s *Products) ToLXD() ([]api.Image, map[string][][]string) { + if err != nil { + continue + } +- +- break // Stop at first compatible item found. + } else if shared.StringInSlice(item.FileType, lxdCompatItems) { + // Locate the root files + for _, subItem := range version.Items { +@@ -291,8 +289,6 @@ func (s *Products) ToLXD() ([]api.Image, map[string][][]string) { + } + } + } +- +- break // Stop at first compatible item found. + } + } + } + +From d3253e4cbc85b97e3bc6dba9a27fd2ab0c4d8685 Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Wed, 7 Feb 2024 10:28:36 +0000 +Subject: [PATCH 2/2] shared/simplestreams/simplestreams: Improve error + messages + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +(cherry picked from commit 56364f5a97373155d5e6a5a6b10d06d16a25fb3c) +--- + shared/simplestreams/simplestreams.go | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/shared/simplestreams/simplestreams.go b/shared/simplestreams/simplestreams.go +index 3f3255cac913..68e1d96278a3 100644 +--- a/shared/simplestreams/simplestreams.go ++++ b/shared/simplestreams/simplestreams.go +@@ -377,7 +377,7 @@ func (s *SimpleStreams) GetFiles(fingerprint string) (map[string]DownloadableFil + } + } + +- return nil, fmt.Errorf("Couldn't find the requested image") ++ return nil, fmt.Errorf("Couldn't find the requested image for fingerprint %q", fingerprint) + } + + // ListAliases returns a list of image aliases for the provided image fingerprint. +@@ -501,9 +501,9 @@ func (s *SimpleStreams) GetImage(fingerprint string) (*api.Image, error) { + } + + if len(matches) == 0 { +- return nil, fmt.Errorf("The requested image couldn't be found") ++ return nil, fmt.Errorf("The requested image couldn't be found for fingerprint %q", fingerprint) + } else if len(matches) > 1 { +- return nil, fmt.Errorf("More than one match for the provided partial fingerprint") ++ return nil, fmt.Errorf("More than one match for the provided partial fingerprint %q", fingerprint) + } + + return &matches[0], nil diff --git a/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch b/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch new file mode 100644 index 000000000000..76a6a1476de8 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch @@ -0,0 +1,26 @@ +From 55bd4024dbfc315c0f57da57f2f9bd9c5c97dad1 Mon Sep 17 00:00:00 2001 +From: Din Music <din.music@canonical.com> +Date: Thu, 18 Jan 2024 17:08:36 +0100 +Subject: [PATCH] shared/simplestreams/products: Search only for lxd archives + +Signed-off-by: Din Music <din.music@canonical.com> +(cherry picked from commit 0c9253da9448475e6de60dd345c67c0179884f13) +--- + shared/simplestreams/products.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/shared/simplestreams/products.go b/shared/simplestreams/products.go +index 542051403899..d80d8e7be251 100644 +--- a/shared/simplestreams/products.go ++++ b/shared/simplestreams/products.go +@@ -10,8 +10,8 @@ import ( + "github.com/canonical/lxd/shared/osarch" + ) + +-var lxdCompatCombinedItems = []string{"lxd_combined.tar.gz", "incus_combined.tar.gz"} +-var lxdCompatItems = []string{"lxd.tar.xz", "incus.tar.xz"} ++var lxdCompatCombinedItems = []string{"lxd_combined.tar.gz"} ++var lxdCompatItems = []string{"lxd.tar.xz"} + + // Products represents the base of download.json. + type Products struct { diff --git a/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch b/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch new file mode 100644 index 000000000000..d3efd72ecb37 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch @@ -0,0 +1,33 @@ +diff --git a/Makefile b/Makefile +index 8061227..c9b85d2 100644 +--- a/Makefile ++++ b/Makefile +@@ -258,28 +258,6 @@ endif + .PHONY: build-mo + build-mo: $(MOFILES) + +-.PHONY: static-analysis +-static-analysis: +-ifeq ($(shell command -v golangci-lint),) +- curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin +-endif +-ifeq ($(shell command -v shellcheck),) +- echo "Please install shellcheck" +- exit 1 +-else +-ifneq "$(shell shellcheck --version | grep version: | cut -d ' ' -f2)" "0.8.0" +- @echo "WARN: shellcheck version is not 0.8.0" +-endif +-endif +-ifeq ($(shell command -v flake8),) +- echo "Please install flake8" +- exit 1 +-endif +- flake8 test/deps/import-busybox +- shellcheck --shell sh test/*.sh test/includes/*.sh test/suites/*.sh test/backends/*.sh test/lint/*.sh +- shellcheck test/extras/*.sh +- run-parts --exit-on-error --regex '.sh' test/lint +- + .PHONY: staticcheck + staticcheck: + ifeq ($(shell command -v staticcheck),) diff --git a/app-containers/lxd/files/lxd-containers-4.0.0.service b/app-containers/lxd/files/lxd-containers-4.0.0.service new file mode 100644 index 000000000000..894760c3506b --- /dev/null +++ b/app-containers/lxd/files/lxd-containers-4.0.0.service @@ -0,0 +1,16 @@ +[Unit] +Description=LXD - container startup/shutdown +Documentation=man:lxd(1) +After=lxd.socket lxd.service +Requires=lxd.socket + +[Service] +Type=oneshot +ExecStart=/usr/sbin/lxd activateifneeded +ExecStop=/usr/sbin/lxd shutdown +TimeoutStartSec=600s +TimeoutStopSec=600s +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target |