Skip to content

Commit

Permalink
layer: openxt- machine integration
Browse files Browse the repository at this point in the history 
Changes in this patch are required to use differently named machines and
images than then xenclient- prefixed ones.

Signed-off-by: Eric Chanudet <[email protected]>
  • Loading branch information
Eric Chanudet committed Dec 18, 2020
1 parent 97aeb9e commit a699b34
Show file tree
Hide file tree
Showing 20 changed files with 577 additions and 1 deletion.
10 changes: 10 additions & 0 deletions recipes-core/base-files/base-files_3.%.bbappend
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,23 @@ dirs755_append_xenclient-dom0 = " \
/storage \
${localstatedir}/cores \
"
dirs755_append_openxt-dom0 = " \
/storage \
${localstatedir}/cores \
"
# OpenXT: UIVM has only root as user, pre-create local conf directories.
dirs755_append_xenclient-uivm = " \
/root/.gconf \
/root/.gnome2 \
/root/.cache \
/root/.ssh \
"
dirs755_append_openxt-uivm = " \
/root/.gconf \
/root/.gnome2 \
/root/.cache \
/root/.ssh \
"

volatiles = ""
conffiles = " \
Expand Down
45 changes: 45 additions & 0 deletions recipes-core/base-files/files/openxt-dom0/fstab
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# proc is presumably mounted by /etc/init.d/rcS script.
# /etc/init.d/rcS might use this file, so match this entry with
# /etc/fstab.early.
proc /proc proc nosuid,noexec,nodev 0 0

# OpenXT read-only root tmpfs:
# These have to be either absent from this file or match /etc/fstab.early
# exactly for mountearly.sh and mountall.sh to work correctly.
sysfs /sys sysfs nosuid,noexec,nodev 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
tmpfs /run tmpfs defaults,rootcontext=system_u:object_r:var_run_t:s0,size=5M 0 0
tmpfs /tmp tmpfs defaults,rootcontext=system_u:object_r:tmp_t:s0,size=100M 0 0

tmpfs /var/volatile tmpfs defaults,rootcontext=system_u:object_r:var_t:s0,size=2M 0 0
tmpfs /var/cache tmpfs defaults,rootcontext=system_u:object_r:var_t:s0,size=100M 0 0

# OpenXT read-only root:
# mountall.sh should take care of these.
rootfs / auto defaults,ro,noatime 1 1

securityfs /sys/kernel/security securityfs defaults 0 0

devpts /dev/pts devpts mode=0620,gid=5 0 0
tmpfs /dev/shm tmpfs mode=0777,size=1M 0 0

xenfs /proc/xen xenfs defaults 0 0

tmpfs /var/lib/ovf tmpfs defaults,rootcontext=system_u:object_r:xc_ovf_var_lib_t:s0,size=100M 0 0
tmpfs /var/lib/dbus tmpfs defaults,rootcontext=system_u:object_r:system_dbusd_var_lib_t:s0,size=1M 0 0
tmpfs /var/lib/xen tmpfs defaults,rootcontext=system_u:object_r:xend_var_lib_t:s0,size=1M 0 0

tmpfs /root/.ssh tmpfs defaults,rootcontext=system_u:object_r:ssh_home_t:s0,size=1M 0 0
tmpfs /mnt/upgrade tmpfs defaults,size=1M 0 0
ramfs /mnt/secure ramfs context=system_u:object_r:xc_secure_t:s0,size=1M 0 0

/dev/mapper/log /var/log ext4 errors=remount-ro,noatime 1 2
/dev/mapper/cores /var/cores ext4 errors=remount-ro,noatime,rootcontext=system_u:object_r:var_core_t:s0 1 3
/dev/mapper/xenclient-boot /boot/system ext4 errors=remount-ro,noatime 1 4
/dev/mapper/xenclient-storage /storage ext4 errors=remount-ro,user_xattr,noatime 1 5
/dev/mapper/swap none swap sw 0 0

# OpenXT: The following mount will fail on non-UEFI installs.
# For some reason, at boot time, that usually results in the rest of this file getting ignored.
# Having it be the last one makes it a non-issue.
efivarfs /sys/firmware/efi/efivars efivarfs ro,nosuid,nodev,noexec,noatime 0 0
12 changes: 12 additions & 0 deletions recipes-core/base-files/files/openxt-live-installer/fstab
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
proc /proc proc nosuid,noexec,nodev 0 0

sysfs /sys sysfs nosuid,noexec,nodev 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
devpts /dev/pts devpts mode=0620,gid=5 0 0

rootfs / auto rw,defaults,noatime 1 1

securityfs /sys/kernel/security securityfs defaults 0 0
xenfs /proc/xen xenfs defaults 0 0

efivarfs /sys/firmware/efi/efivars efivarfs rw,nosuid,nodev,noexec,noatime,nofail 0 0
37 changes: 37 additions & 0 deletions recipes-core/base-files/files/openxt-ndvm/fstab
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# proc is presumably mounted by /etc/init.d/rcS script.
# /etc/init.d/rcS might use this file, so match this entry with
# /etc/fstab.early.
proc /proc proc nosuid,noexec,nodev 0 0

# OpenXT read-only root tmpfs:
# These have to be either absent from this file or match /etc/fstab.early
# exactly for mountearly.sh and mountall.sh to work correctly.
sysfs /sys sysfs nosuid,noexec,nodev 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
tmpfs /run tmpfs defaults,rootcontext=system_u:object_r:var_run_t:s0,size=5M 0 0
tmpfs /tmp tmpfs defaults,rootcontext=system_u:object_r:tmp_t:s0,size=100M 0 0

tmpfs /var/volatile tmpfs defaults,rootcontext=system_u:object_r:var_t:s0,size=2M 0 0
tmpfs /var/cache tmpfs defaults,rootcontext=system_u:object_r:var_t:s0,size=100M 0 0

# OpenXT read-only root:
# mountall.sh should take care of these.
rootfs / auto defaults,ro,noatime 1 1

devpts /dev/pts devpts mode=0620,gid=5 0 0
tmpfs /dev/shm tmpfs mode=0777,size=1M 0 0

xenfs /proc/xen xenfs defaults 0 0

tmpfs /var/log tmpfs defaults,rootcontext=system_u:object_r:var_log_t:s0,size=10M 0 0
tmpfs /var/lib/dbus tmpfs defaults,rootcontext=system_u:object_r:system_dbusd_var_lib_t:s0,size=1M 0 0
tmpfs /var/lib/dhcp tmpfs defaults,rootcontext=system_u:object_r:dhcp_state_t:s0,size=1M 0 0
tmpfs /var/lib/NetworkManager tmpfs defaults,rootcontext=system_u:object_r:NetworkManager_var_lib_t:s0,size=1M 0 0

tmpfs /media/ram tmpfs defaults,size=1M 0 0

tmpfs /etc/NetworkManager tmpfs defaults,rootcontext=system_u:object_r:NetworkManager_etc_t:s0,size=2M 0 0
tmpfs /etc/dnsmasq-config tmpfs defaults,rootcontext=system_u:object_r:dnsmasq_etc_t:s0,size=1M 0 0
tmpfs /etc/iproute2 tmpfs defaults,rootcontext=system_u:object_r:net_conf_t:s0,size=1M 0 0

/dev/xvdb none swap sw 0 0
36 changes: 36 additions & 0 deletions recipes-core/base-files/files/openxt-uivm/fstab
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# proc is presumably mounted by /etc/init.d/rcS script.
# /etc/init.d/rcS might use this file, so match this entry with
# /etc/fstab.early.
proc /proc proc nosuid,noexec,nodev 0 0

# OpenXT read-only root tmpfs:
# These have to be either absent from this file or match /etc/fstab.early
# exactly for mountearly.sh and mountall.sh to work correctly.
sysfs /sys sysfs nosuid,noexec,nodev 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
tmpfs /run tmpfs defaults,size=5M 0 0
tmpfs /tmp tmpfs defaults,size=100M 0 0

# OpenXT read-only root:
# mountall.sh should take care of these.
rootfs / auto defaults,ro,noatime 1 1

devpts /dev/pts devpts mode=0620,gid=5 0 0
tmpfs /dev/shm tmpfs mode=0777,size=1M 0 0

tmpfs /var/volatile tmpfs defaults,size=2M 0 0
tmpfs /var/cache tmpfs defaults,size=100M 0 0
tmpfs /var/log tmpfs defaults,size=10M 0 0
tmpfs /var/lib/dbus tmpfs defaults,size=1M 0 0

tmpfs /media/ram tmpfs defaults,size=1M 0 0

# TODO: Could be handled with volatiles?
tmpfs /root/.gconf tmpfs defaults,size=10M 0 0
tmpfs /root/.ssh tmpfs defaults,size=1M 0 0
tmpfs /root/.cache tmpfs defaults,size=1M 0 0
tmpfs /var/lib/NetworkManager tmpfs defaults,size=1M 0 0

xenfs /proc/xen xenfs defaults 0 0

/dev/xvda2 none swap sw 0 0
15 changes: 15 additions & 0 deletions recipes-core/base-files/files/openxt-uivm/fstab.early
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# proc is presumably mounted by /etc/init.d/rcS script.
# /etc/init.d/rcS might use /etc/fstab when not modified accordingly, so match
# this entry with /etc/fstab.
proc /proc proc nosuid,noexec,nodev 0 0

# OpenXT read-only root tmpfs:
# These have to be either absent from this file or match /etc/fstab exactly for
# mountearly.sh and mountall.sh to work correctly.
sysfs /sys sysfs nosuid,noexec,nodev 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
tmpfs /run tmpfs defaults,size=5M 0 0
tmpfs /tmp tmpfs defaults,size=100M 0 0

tmpfs /var/volatile tmpfs defaults,size=2M 0 0
tmpfs /var/cache tmpfs defaults,size=100M 0 0
9 changes: 9 additions & 0 deletions recipes-core/init-ifupdown/init-ifupdown-1.0/openxt-dom0/interfaces
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Configure Loopback
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto uivm
iface uivm inet manual
22 changes: 22 additions & 0 deletions recipes-core/init-ifupdown/init-ifupdown-1.0/openxt-ndvm/interfaces
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Configure Loopback
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto uivm
iface uivm inet manual

auto brinternal
iface brinternal inet manual

auto brshared
iface brshared inet manual

auto brwireless
iface brwireless inet manual

auto brbridged
iface brbridged inet dhcp

10 changes: 10 additions & 0 deletions recipes-core/init-ifupdown/init-ifupdown-1.0/openxt-uivm/interfaces
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
udhcpc_opts -b

auto eth1
iface eth1 inet dhcp
udhcpc_opts -b
62 changes: 62 additions & 0 deletions recipes-core/initscripts/initscripts-1.0/openxt-dom0/mountall.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
#
# Copyright (c) 2012 Citrix Systems, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#

#
# mountall.sh Mount all filesystems.
#
# Version: @(#)mountall.sh 2.83-2 01-Nov-2001 [email protected]
#
. /etc/default/rcS
if test -f /etc/default/mountall; then
. /etc/default/mountall
fi

. /etc/init.d/functions

mkdir -p /dev/shm /dev/pts
restore /dev/shm /dev/pts

# Mount local filesystems in /etc/fstab. For some reason, people
# might want to mount "proc" several times, and mount -v complains
# about this. So we mount "proc" filesystems without -v.
#
test "$VERBOSE" != no && echo "Mounting local filesystems..."
mount -a $MOUNTALL 2>&1 | logger -s -p user.err

#
# We might have mounted something over /dev, see if /dev/initctl is there.
#
if test ! -p /dev/initctl
then
rm -f /dev/initctl
mknod -m 600 /dev/initctl p
restore /dev/initctl
fi

# /config is relabeled earlier in boot (xenclient-config-access).
restore_firstboot -r /storage /var/log /var/cores /boot/system

kill -USR1 1

#
# Execute swapon command again, in case we want to swap to
# a file on a now mounted filesystem.
#
swapon -a 2> /dev/null

: exit 0
61 changes: 61 additions & 0 deletions recipes-core/initscripts/initscripts-1.0/openxt-dom0/urandom
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
#! /bin/sh
#
# Copyright (c) 2013 Citrix Systems, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#

#
# urandom This script saves the random seed between reboots.
# It is called from the boot, halt and reboot scripts.
#
# Version: @(#)urandom 1.33 22-Jun-1998 [email protected]
#

test -c /dev/urandom || exit 0
. /etc/default/rcS

SEED_FILE=/config/random-seed
POOL_SIZE=`cat /proc/sys/kernel/random/poolsize` || POOL_SIZE=4096

case "$1" in
start|"")
test "$VERBOSE" != no && echo "Initializing random number generator..."
# Carry a random seed from start-up to start-up.
# Load and then save the whole entropy pool.
if [ -f $SEED_FILE ]; then
cat $SEED_FILE > /dev/urandom
else
touch $SEED_FILE
fi
chmod 600 $SEED_FILE
dd if=/dev/urandom of=$SEED_FILE count=1 bs=$POOL_SIZE
;;
stop)
# Carry a random seed from shut-down to start-up;
# see documentation in linux/drivers/char/random.c
test "$VERBOSE" != no && echo "Saving random seed..."
echo "Saving random seed..."
touch $SEED_FILE
chmod 600 $SEED_FILE
dd if=/dev/urandom of=$SEED_FILE count=1 bs=$POOL_SIZE
;;
*)
echo "Usage: urandom {start|stop}" >&2
exit 1
;;
esac

exit 0
37 changes: 37 additions & 0 deletions recipes-core/initscripts/initscripts-1.0/openxt-dom0/volatiles
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# This configuration file lists filesystem objects that should get verified
# during startup and be created if missing.
#
# Every line must either be a comment starting with #
# or a definition of format:
# <type> <owner> <group> <mode> <path> <linksource>
# where the items are separated by whitespace !
#
# <type> : d|f|l : (d)irectory|(f)ile|(l)ink
#
# A linking example:
# l root root 0777 /var/test /tmp/testfile
# f root root 0644 /var/test none
#
# Understanding links:
# When populate-volatile is to verify/create a directory or file, it will first
# check it's existence. If a link is found to exist in the place of the target,
# the path of the target is replaced with the target the link points to.
# Thus, if a link is in the place to be verified, the object will be created
# in the place the link points to instead.
# This explains the order of "link before object" as in the example above, where
# a link will be created at /var/test pointing to /tmp/testfile and due to this
# link the file defined as /var/test will actually be created as /tmp/testfile.
d root root 1777 /run/lock none
l root root 1777 /var/lock /run/lock
d root root 0755 /var/lock/subsys none
f root root 0644 /var/log/lastlog none
f root root 0664 /var/run/utmp none
d root root 0755 /var/volatile/etc none
l root root 0777 /etc/asound.conf /var/volatile/etc/asound.conf
f root root 0644 /etc/asound.conf none
f root root 0644 /var/volatile/etc/resolv.conf none
f root root 0644 /var/volatile/etc/ifstate none
d root root 0755 /var/volatile/log none
f root root 0644 /var/volatile/log/wtmp none
f root root 0644 /var/run/hosts none

Loading

0 comments on commit a699b34

Please sign in to comment.