From 504217295c37a5f25eb7f896e92aaab66da809c4 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Tue, 4 Jun 2013 18:42:30 -0400 Subject: [PATCH 1/6] fix(coreos-base/coreos-init): Move daemon setup to init package. Previously coreos-base handled some sshd and dhcpcd and lacked the dependencies required to make enabling systemd units work. coreos-init is a better place for that and has a proper source package so fewer files are needed in the portage overlay. --- ...-0-r57.ebuild => coreos-base-0-r58.ebuild} | 0 .../coreos-base/coreos-base-0.ebuild | 11 ----------- .../coreos-base/coreos-base/files/ssh_config | 2 -- .../coreos-base/coreos-base/files/sshd_config | 13 ------------- ...-r6.ebuild => coreos-init-0.0.1-r7.ebuild} | 0 .../coreos-init/coreos-init-0.0.1.ebuild | 19 +++++++++++++++---- .../coreos-init/coreos-init-9999.ebuild | 17 ++++++++++++++--- 7 files changed, 29 insertions(+), 33 deletions(-) rename sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/{coreos-base-0-r57.ebuild => coreos-base-0-r58.ebuild} (100%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/ssh_config delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sshd_config rename sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/{coreos-init-0.0.1-r6.ebuild => coreos-init-0.0.1-r7.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r57.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r58.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r57.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0-r58.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild index ceaa4f00e3..29c60eb9a6 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/coreos-base-0.ebuild @@ -118,12 +118,6 @@ src_install() { # Insert empty fstab doins "${FILESDIR}"/fstab - # Enable dhcpcd by default - # TODO(ifup): this doesn't work - # systemd_enable_service multi-user.target dhcpcd.service - dodir /usr/lib/systemd/system/ - dosym ../dhcpcd.service /usr/lib/systemd/system/multi-user.target.wants/dhcpcd.service - # Symlink /etc/localtime to something on the stateful partition, which we # can then change around at runtime. dosym /var/lib/timezone/localtime /etc/localtime || die @@ -139,11 +133,6 @@ src_install() { #dosym /usr/bin/vim /usr/libexec/editor || die #dosym /bin/more /usr/libexec/pager || die - # Install our custom ssh config settings. - insinto /etc/ssh - doins "${FILESDIR}"/ssh{,d}_config - fperms 600 /etc/ssh/sshd_config - # Custom login shell snippets. insinto /etc/profile.d doins "${FILESDIR}"/cursor.sh diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/ssh_config b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/ssh_config deleted file mode 100644 index 14da93dfdd..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/ssh_config +++ /dev/null @@ -1,2 +0,0 @@ -Host * - UserKnownHostsFile /home/core/user/.ssh/known_hosts diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sshd_config b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sshd_config deleted file mode 100644 index f1fc02c098..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/sshd_config +++ /dev/null @@ -1,13 +0,0 @@ -# Force protocol v2 only -Protocol 2 - -# /etc is read-only. Fetch keys from stateful partition -# Not using v1, so no v1 key -HostKey /mnt/stateful_partition/etc/ssh/ssh_host_rsa_key -HostKey /mnt/stateful_partition/etc/ssh/ssh_host_dsa_key - -PasswordAuthentication no -UsePAM yes -PrintMotd no -PrintLastLog no -Subsystem sftp internal-sftp diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r6.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r7.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r6.ebuild rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r7.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild index bd72c543f0..64cf6abf57 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild @@ -3,7 +3,7 @@ # Distributed under the terms of the GNU General Public License v2 EAPI="4" -CROS_WORKON_COMMIT="ad419999ea478bb60867e9e14f01197b928a5c73" +CROS_WORKON_COMMIT="340361e54109536b235948dd8929768513feba30" CROS_WORKON_PROJECT="coreos/init" CROS_WORKON_LOCALNAME="init" @@ -18,8 +18,13 @@ SLOT="0" KEYWORDS="amd64 arm x86" IUSE="nfs" -DEPEND="" -RDEPEND=" +# Daemons we enable here must installed during build/install in addition to +# during runtime so the systemd unit enable step works. +DEPEND=" + net-misc/dhcpcd + net-misc/openssh + " +RDEPEND="${DEPEND} sys-block/parted sys-apps/gptfdisk sys-apps/systemd @@ -32,12 +37,18 @@ src_install() { doexe "${script}" done + # Install our custom ssh config settings. + insinto /etc/ssh + doins configs/ssh{,d}_config + fperms 600 /etc/ssh/sshd_config + # Install all units, enable the higher-level services for unit in systemd/*; do systemd_dounit "${unit}" done systemd_enable_service basic.target coreos-startup.service - systemd_enable_service multi-user.target update-engine.service + systemd_enable_service multi-user.target dhcpcd.service systemd_enable_service multi-user.target sshd.socket + systemd_enable_service multi-user.target update-engine.service } diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild index 803af03fc9..38dd42cc32 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild @@ -17,8 +17,13 @@ SLOT="0" KEYWORDS="~amd64 ~arm ~x86" IUSE="nfs" -DEPEND="" -RDEPEND=" +# Daemons we enable here must installed during build/install in addition to +# during runtime so the systemd unit enable step works. +DEPEND=" + net-misc/dhcpcd + net-misc/openssh + " +RDEPEND="${DEPEND} sys-block/parted sys-apps/gptfdisk sys-apps/systemd @@ -31,12 +36,18 @@ src_install() { doexe "${script}" done + # Install our custom ssh config settings. + insinto /etc/ssh + doins configs/ssh{,d}_config + fperms 600 /etc/ssh/sshd_config + # Install all units, enable the higher-level services for unit in systemd/*; do systemd_dounit "${unit}" done systemd_enable_service basic.target coreos-startup.service - systemd_enable_service multi-user.target update-engine.service + systemd_enable_service multi-user.target dhcpcd.service systemd_enable_service multi-user.target sshd.socket + systemd_enable_service multi-user.target update-engine.service } From 42f161d1ba7a03575db6eb9b4871bf7847cbaab0 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 5 Jun 2013 13:21:34 -0400 Subject: [PATCH 2/6] bump(coreos-base/coreos-init): Update to latest code version. This adds the new sshd-keygen unit. --- .../coreos-base/coreos-init/coreos-init-0.0.1.ebuild | 3 ++- .../coreos-base/coreos-init/coreos-init-9999.ebuild | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild index 64cf6abf57..a9f8920b7c 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild @@ -3,7 +3,7 @@ # Distributed under the terms of the GNU General Public License v2 EAPI="4" -CROS_WORKON_COMMIT="340361e54109536b235948dd8929768513feba30" +CROS_WORKON_COMMIT="c66322975a726f06036070c78883995612f3dfa0" CROS_WORKON_PROJECT="coreos/init" CROS_WORKON_LOCALNAME="init" @@ -51,4 +51,5 @@ src_install() { systemd_enable_service multi-user.target dhcpcd.service systemd_enable_service multi-user.target sshd.socket systemd_enable_service multi-user.target update-engine.service + systemd_enable_service sshd.socket sshd-keygen.service } diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild index 38dd42cc32..9e5b4c2e53 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild @@ -50,4 +50,5 @@ src_install() { systemd_enable_service multi-user.target dhcpcd.service systemd_enable_service multi-user.target sshd.socket systemd_enable_service multi-user.target update-engine.service + systemd_enable_service sshd.socket sshd-keygen.service } From be4215fec0bcf16cdd655db861ef8c9e4e679ae6 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 6 Jun 2013 14:52:09 -0400 Subject: [PATCH 3/6] fix(systemd-rest+docker): Use keepdir to install empty /var directories. Not only is this the safer way of installing empty directories but we can now leverage keepdir to repopulate missing items in var. --- ...emd-rest-0.0.1-r3.ebuild => systemd-rest-0.0.1-r4.ebuild} | 0 .../app-admin/systemd-rest/systemd-rest-0.0.1.ebuild | 1 + .../app-admin/systemd-rest/systemd-rest-9999.ebuild | 1 + .../coreos-overlay/app-emulation/docker/docker-9999.ebuild | 5 ++--- 4 files changed, 4 insertions(+), 3 deletions(-) rename sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/{systemd-rest-0.0.1-r3.ebuild => systemd-rest-0.0.1-r4.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1-r3.ebuild b/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1-r4.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1-r3.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1-r4.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1.ebuild index 8033fda479..b8d09d0d8b 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-0.0.1.ebuild @@ -32,6 +32,7 @@ src_compile() { src_install() { dosbin ${S}/systemd-rest + keepdir /var/lib/${PN} systemd_dounit "${FILESDIR}"/${PN}.service systemd_enable_service multi-user.target ${PN}.service } diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-9999.ebuild index 40fb3e5a39..54a1bdd107 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/systemd-rest/systemd-rest-9999.ebuild @@ -31,6 +31,7 @@ src_compile() { src_install() { dosbin ${S}/systemd-rest + keepdir /var/lib/${PN} systemd_dounit "${FILESDIR}"/${PN}.service systemd_enable_service multi-user.target ${PN}.service } diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild index 6072bfb398..7473b4cb8b 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild @@ -32,9 +32,8 @@ src_compile() { src_install() { dobin ${S}/bin/${PN} - dodir /var/lib/docker - dodir /var/lib/docker/graph - dodir /var/lib/docker/containers + keepdir /var/lib/${PN}/graph + keepdir /var/lib/${PN}/containers systemd_dounit "${FILESDIR}"/${PN}.service systemd_enable_service multi-user.target ${PN}.service } From feb372fdb497f506ad7eb03f41c193efe530491c Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 6 Jun 2013 16:37:49 -0400 Subject: [PATCH 4/6] bump(coreos-base/coreos-init): New code Adds tmpfiles config, more units, and top level coreos-startup.target which eliminates the need for maintaining that list in the ebuild. --- .../coreos-base/coreos-init/coreos-init-0.0.1.ebuild | 12 ++++++------ .../coreos-base/coreos-init/coreos-init-9999.ebuild | 10 +++++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild index a9f8920b7c..9f29f42f48 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild @@ -3,7 +3,7 @@ # Distributed under the terms of the GNU General Public License v2 EAPI="4" -CROS_WORKON_COMMIT="c66322975a726f06036070c78883995612f3dfa0" +CROS_WORKON_COMMIT="723ce96cfbc156f665a9dde63567ea4f427da9da" CROS_WORKON_PROJECT="coreos/init" CROS_WORKON_LOCALNAME="init" @@ -42,14 +42,14 @@ src_install() { doins configs/ssh{,d}_config fperms 600 /etc/ssh/sshd_config + # List of directories that should be recreated as needed + insinto /usr/lib/tmpfiles.d + newins configs/tmpfiles.conf zz-${PN}.conf + # Install all units, enable the higher-level services for unit in systemd/*; do systemd_dounit "${unit}" done - systemd_enable_service basic.target coreos-startup.service - systemd_enable_service multi-user.target dhcpcd.service - systemd_enable_service multi-user.target sshd.socket - systemd_enable_service multi-user.target update-engine.service - systemd_enable_service sshd.socket sshd-keygen.service + systemd_enable_service multi-user.target coreos-startup.target } diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild index 9e5b4c2e53..742aeab6b8 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild @@ -41,14 +41,14 @@ src_install() { doins configs/ssh{,d}_config fperms 600 /etc/ssh/sshd_config + # List of directories that should be recreated as needed + insinto /usr/lib/tmpfiles.d + newins configs/tmpfiles.conf zz-${PN}.conf + # Install all units, enable the higher-level services for unit in systemd/*; do systemd_dounit "${unit}" done - systemd_enable_service basic.target coreos-startup.service - systemd_enable_service multi-user.target dhcpcd.service - systemd_enable_service multi-user.target sshd.socket - systemd_enable_service multi-user.target update-engine.service - systemd_enable_service sshd.socket sshd-keygen.service + systemd_enable_service multi-user.target coreos-startup.target } From 9a44eef0a71c54bd643b608395d8324c378f199e Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 6 Jun 2013 17:16:09 -0400 Subject: [PATCH 5/6] fix(coreos-base/coreos-base): Remove dummy rootfs entry from fstab. Remounting / read-write has been moved to the dev_mode helper script in coreos-init instead of letting systemd do it based on fstab. Now if a system boots without /root/.dev_mode the filesystem remains read-only. --- .../coreos-overlay/coreos-base/coreos-base/files/fstab | 1 - 1 file changed, 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/fstab b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/fstab index 7bd4223f82..a46826dce6 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/fstab +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-base/files/fstab @@ -12,4 +12,3 @@ # # -/dev/ROOT / ext3 defaults 0 0 From d628e55c82b959e6de304fa2c4e1144b836ace11 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 6 Jun 2013 17:56:10 -0400 Subject: [PATCH 6/6] bump(coreos-base/coreos-init): config update --- .../coreos-base/coreos-init/coreos-init-0.0.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild index 9f29f42f48..e6c296a07c 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1.ebuild @@ -3,7 +3,7 @@ # Distributed under the terms of the GNU General Public License v2 EAPI="4" -CROS_WORKON_COMMIT="723ce96cfbc156f665a9dde63567ea4f427da9da" +CROS_WORKON_COMMIT="a7bd1042de90900b32b5fdbcb0a9562f152ae822" CROS_WORKON_PROJECT="coreos/init" CROS_WORKON_LOCALNAME="init"