lxc: update to 1.1.4, add vinelinux template

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@9811 ec354946-7b23-47d6-9f5a-488ba84defc7

l/lxc/lxc-vinelinux

@@ -0,0 +1,568 @@
+#!/bin/bash
+
+#
+# template script for generating Vine Linux container for LXC
+#   (based on altlinux/centos template script)
+#
+
+#
+# lxc: linux Container library
+
+# Authors:
+# Daisuke SUZUKI <daisuke@vinelinux.org>
+
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+# Detect use under userns (unsupported)
+for arg in "$@"; do
+    [ "$arg" = "--" ] && break
+    if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then
+        echo "This template can't be used for unprivileged containers." 1>&2
+        echo "You may want to try the \"download\" template instead." 1>&2
+        exit 1
+    fi
+done
+
+# Make sure the usual locations are in PATH
+export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
+
+# Configurations
+arch=$(uname -i)
+cache_base=/var/cache/lxc/vinelinux
+default_path=/var/lib/lxc
+default_profile=default
+profile_dir=/etc/lxc/profiles
+root_password=vineroot
+default_user=vine
+default_user_password=vine123
+lxc_network_type=veth
+lxc_network_link=lxcbr0
+
+# is this vinelinux?
+[ -f /etc/vine-release ] && is_vinelinux=true
+
+configure_vinelinux()
+{
+    # Set default localtime to the host localtime if not set...
+    if [ -e /etc/localtime -a ! -e ${rootfs_path}/etc/localtime ]
+    then
+        # if /etc/localtime is a symlink, this should preserve it.
+        cp -a /etc/localtime ${rootfs_path}/etc/localtime
+    fi
+
+    # create /lxcroot
+    touch ${rootfs_path}/lxcroot
+
+    # fix bxxxn damaged halt script.
+    if [ -f ${rootfs_path}/etc/init.d/halt ]
+    then
+        sed -e '/hwclock/,$d' \
+            < ${rootfs_path}/etc/init.d/halt \
+            > ${rootfs_path}/etc/init.d/lxc-halt
+
+        echo '$command -f' >> ${rootfs_path}/etc/init.d/lxc-halt
+        chmod 755 ${rootfs_path}/etc/init.d/lxc-halt
+
+        # Link them into the rc directories...
+        (
+             cd ${rootfs_path}/etc/rc.d/rc0.d
+             ln -s ../init.d/lxc-halt S00lxc-halt
+             cd ${rootfs_path}/etc/rc.d/rc6.d
+             ln -s ../init.d/lxc-halt S00lxc-reboot
+        )
+    fi
+
+    # configure the network using the dhcp
+    cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
+DEVICE=eth0
+BOOTPROTO=dhcp
+ONBOOT=yes
+HOSTNAME=${UTSNAME}
+NM_CONTROLLED=no
+TYPE=Ethernet
+MTU=${MTU}
+DHCP_HOSTNAME=\`hostname\`
+EOF
+
+    # set the hostname
+    cat <<EOF > ${rootfs_path}/etc/sysconfig/network
+NETWORKING=yes
+HOSTNAME=${UTSNAME}
+EOF
+
+    # set minimal hosts
+    cat <<EOF > $rootfs_path/etc/hosts
+127.0.0.1 localhost.localdomain localhost $name
+EOF
+
+    # set minimal fstab
+    cat <<EOF > $rootfs_path/etc/fstab
+/dev/root               /                       rootfs   defaults        0 0
+EOF
+
+    # create lxc compatibility init script
+    cat <<EOF > $rootfs_path/etc/init/lxc-sysinit.conf
+start on startup
+env container
+
+pre-start script
+        if [ "x\$container" != "xlxc" -a "x\$container" != "xlibvirt" ]; then
+                stop;
+        fi
+
+        rm -f /var/lock/subsys/*
+        rm -f /var/run/*.pid
+        [ -e /etc/mtab ] || ln -s /proc/mounts /etc/mtab
+        mkdir -p /dev/shm
+        mount -t tmpfs -o nosuid,nodev tmpfs /dev/shm
+
+        initctl start tty TTY=console
+        telinit 3
+        exit 0
+end script
+EOF
+
+    # Enable services
+    for service in network random
+    do
+       chroot ${rootfs_path} chkconfig $service --list &>/dev/null && chroot ${rootfs_path} chkconfig $service on || true
+    done
+
+    dev_path="${rootfs_path}/dev"
+    rm -rf ${dev_path}
+    mkdir -p ${dev_path}
+    mknod -m 666 ${dev_path}/null c 1 3
+    mknod -m 666 ${dev_path}/zero c 1 5
+    mknod -m 644 ${dev_path}/random c 1 8
+    mknod -m 644 ${dev_path}/urandom c 1 9
+    mkdir -m 755 ${dev_path}/pts
+    mkdir -m 1777 ${dev_path}/shm
+    mknod -m 666 ${dev_path}/tty c 5 0
+    chown root:tty ${dev_path}/tty
+    mknod -m 600 ${dev_path}/tty0 c 4 0
+    mknod -m 600 ${dev_path}/tty1 c 4 1
+    mknod -m 600 ${dev_path}/tty2 c 4 2
+    mknod -m 600 ${dev_path}/tty3 c 4 3
+    mknod -m 600 ${dev_path}/tty4 c 4 4
+    mknod -m 600 ${dev_path}/console c 5 1
+    mknod -m 666 ${dev_path}/full c 1 7
+    mknod -m 600 ${dev_path}/initctl p
+    mknod -m 666 ${dev_path}/ptmx c 5 2
+    chown root:tty ${dev_path}/ptmx
+    ln -s /proc/self/fd ${dev_path}/fd
+    ln -s /proc/kcore ${dev_path}/core
+    mkdir -m 755 ${dev_path}/mapper
+    mknod -m 600 ${dev_path}/mapper/control c 10 236
+    mkdir -m 755 ${dev_path}/net
+    mknod -m 666 ${dev_path}/net/tun c 10 200
+
+    # setup console and tty[1-4] for login. note that /dev/console and
+    # /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
+    # /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
+    # lxc will maintain these links and bind mount ptys over /dev/lxc/*
+    # since lxc.devttydir is specified in the config.
+
+    # allow root login on console, tty[1-4], and pts/0 for libvirt
+    echo "# LXC (Linux Containers)" >>${rootfs_path}/etc/securetty
+    echo "lxc/console"  >>${rootfs_path}/etc/securetty
+    echo "lxc/tty1"     >>${rootfs_path}/etc/securetty
+    echo "lxc/tty2"     >>${rootfs_path}/etc/securetty
+    echo "lxc/tty3"     >>${rootfs_path}/etc/securetty
+    echo "lxc/tty4"     >>${rootfs_path}/etc/securetty
+    echo "# For libvirt/Virtual Machine Monitor" >>${rootfs_path}/etc/securetty
+    echo "pts/0"        >>${rootfs_path}/etc/securetty
+
+    # prevent mingetty from calling vhangup(2) since it fails with userns.
+    # Same issue as oracle template: prevent mingetty from calling vhangup(2)
+    # commit 2e83f7201c5d402478b9849f0a85c62d5b9f1589.
+    sed -i 's|mingetty|mingetty --nohangup|' $rootfs_path/etc/init/tty.conf
+
+    # set root password
+    echo "Setting root password to $root_password"
+    echo "root:$root_password" | chroot $rootfs_path chpasswd
+    # store root password
+    touch ${config_path}/tmp_root_pass
+    chmod 600 ${config_path}/tmp_root_pass
+    echo ${root_password} > ${config_path}/tmp_root_pass
+    echo "Storing root password in '${config_path}/tmp_root_pass'"
+
+    # create default user 'vine'
+    echo "Create default user 'vine'"
+    chroot ${rootfs_path} /usr/sbin/useradd -G wheel ${default_user}
+    echo "Setting default user \'${default_user}\' password to $default_user_password"
+    echo "${default_user}:${default_user_password}" | chroot $rootfs_path chpasswd
+    # store default user password
+    touch ${config_path}/tmp_user_pass
+    chmod 600 ${config_path}/tmp_user_pass
+    echo "username: ${default_user}" > ${config_path}/tmp_user_pass
+    echo "password: ${default_user_password}" >> ${config_path}/tmp_user_pass
+    echo "Storing default user infomation in '${config_path}/tmp_user_pass'"
+
+    return 0
+}
+
+download_vinelinux()
+{
+    # Default configuration
+    FETCH_URL="http://updates.vinelinux.org/apt"
+
+    # create cache dir
+    mkdir -p $cache
+    
+    # check target availability
+    if ! (vbootstrap | grep -q "${release}_${arch}"); then
+        echo "Specified release and/or arch is not supported, aborting."
+	return 1
+    fi
+    if [ "$(uname -i)" == "i386" ] && [ "${arch}" == "x86_64" ]; then
+        echo "x86_64 containers does not run on $(uname -i) host, aborting."
+	return 1
+    fi
+
+    # download a mini vinelinux into a cache
+    echo "Downloading vinelinux minimal ..."
+    VBOOTSTRAP="vbootstrap ${release}_${arch} ${FETCH_URL} $cache/partial"
+
+    $VBOOTSTRAP
+
+    if [ $? -ne 0 ]; then
+        echo "Failed to download the rootfs, aborting."
+        return 1
+    fi
+    
+    # install additional packages
+    PKG_LIST0="openssh-server openssh-clients etcskel sudo net-tools"
+    PKG_LIST="$(grep -hs '^[^#]' "$profile_dir/$profile")"
+    # if no configuration file $profile -- fall back to default list of packages
+    PKG_LIST="$PKG_LIST0 $PKG_LIST"
+    chroot $cache/partial apt-get -y install $PKG_LIST
+
+    if [ $? -ne 0 ]; then
+        echo "Failed to install additional packages to the rootfs, aborting."
+        return 1
+    fi
+    
+    mv "$cache/partial" "$cache/rootfs"
+    echo "Download complete."
+
+    return 0
+}
+
+copy_vinelinux()
+{
+
+    # make a local copy of the minivinelinux
+    echo -n "Copying rootfs to $rootfs_path ..."
+    #cp -a $cache/rootfs-$arch $rootfs_path || return 1
+    # i prefer rsync (no reason really)
+    mkdir -p $rootfs_path
+    rsync -Ha $cache/rootfs/ $rootfs_path/
+    return 0
+}
+
+update_vinelinux()
+{
+    chroot $cache/rootfs apt-get update
+    chroot $cache/rootfs apt-get -y dist-upgrade
+}
+
+install_vinelinux()
+{
+    mkdir -p /var/lock/subsys/
+    (
+        flock -x 9
+        if [ $? -ne 0 ]; then
+            echo "Cache repository is busy."
+            return 1
+        fi
+
+        echo "Checking cache download in $cache/rootfs ... "
+        if [ ! -e "$cache/rootfs" ]; then
+            download_vinelinux
+            if [ $? -ne 0 ]; then
+                echo "Failed to download 'vinelinux base'"
+                return 1
+            fi
+        else
+            echo "Cache found. Updating..."
+            update_vinelinux
+            if [ $? -ne 0 ]; then
+                echo "Failed to update 'vinelinux base', continuing with last known good cache"
+            else
+                echo "Update finished"
+            fi
+        fi
+
+        echo "Copy $cache/rootfs to $rootfs_path ... "
+        copy_vinelinux
+        if [ $? -ne 0 ]; then
+            echo "Failed to copy rootfs"
+            return 1
+        fi
+        return 0
+    ) 9>/var/lock/subsys/lxc-vinelinux
+
+    return $?
+}
+
+copy_configuration()
+{
+
+    mkdir -p $config_path
+    grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config
+    cat <<EOF >> $config_path/config
+lxc.utsname = $name
+lxc.tty = 4
+lxc.pts = 1024
+lxc.cap.drop = sys_module mac_admin mac_override sys_time
+EOF
+
+    if [ "$arch" == "i386" ] && [ "$(uname -i)" == "x86_64" ]; then
+        cat <<EOF >> $config_path/config
+
+# lxc container architecture
+lxc.arch = x86
+EOF
+
+    fi
+
+    cat <<EOF >> $config_path/config
+# When using LXC with apparmor, uncomment the next line to run unconfined:
+#lxc.aa_profile = unconfined
+
+#networking
+lxc.network.type = $lxc_network_type
+lxc.network.flags = up
+lxc.network.link = $lxc_network_link
+lxc.network.name = veth0
+lxc.network.mtu = 1500
+EOF
+    if [ ! -z ${ipv4} ]; then
+        cat <<EOF >> $config_path/config
+lxc.network.ipv4 = $ipv4
+EOF
+    fi
+    if [ ! -z ${gw} ]; then
+        cat <<EOF >> $config_path/config
+lxc.network.ipv4.gateway = $gw
+EOF
+    fi
+#if [ ! -z ${ipv6} ]; then
+#    cat <<EOF >> $config_path/config
+#lxc.network.ipv6 = $ipv6
+#EOF
+#fi
+#if [ ! -z ${gw6} ]; then
+#    cat <<EOF >> $config_path/config
+#lxc.network.ipv6.gateway = $gw6
+#EOF
+#fi
+    cat <<EOF >> $config_path/config
+#cgroups
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 10:135 rwm
+
+lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
+EOF
+
+    if [ $? -ne 0 ]; then
+        echo "Failed to add configuration"
+        return 1
+    fi
+
+    return 0
+}
+
+clean()
+{
+
+    if [ ! -e $cache ]; then
+        exit 0
+    fi
+
+    # lock, so we won't purge while someone is creating a repository
+    (
+        flock -x 9
+        if [ $? != 0 ]; then
+            echo "Cache repository is busy."
+            exit 1
+        fi
+
+        echo -n "Purging the download cache for Vine Linux $release..."
+        rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+        exit 0
+    ) 9>/var/lock/subsys/lxc-vinelinux
+}
+
+usage()
+{
+    cat <<EOF
+usage:
+    $1 -n|--name=<container_name>
+        [-p|--path=<path>] [-c|--clean] [-R|--release=<Vine Linux release>]
+        [-4|--ipv4=<ipv4 address>]
+        [-g|--gw=<gw address>] [-d|--dns=<dns address>]
+	[-u|--user=<user>] [--password=<password>]
+        [-P|--profile=<name of the profile>] [--rootfs=<path>]
+        [-A|--arch=<arch of the container>]
+        [-h|--help]
+Mandatory args:
+  -n,--name         container name, used to as an identifier for that container from now on
+Optional args:
+  -p,--path         path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in that case
+  -c,--clean        clean the cache
+  -R,--release      Vine Linux release [VineSeed, 6] for the new container, defaults to VineSeed
+  -4,--ipv4         specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
+  -g,--gw           specify the default gw, eg. 192.168.1.1
+  -d,--dns          specify the DNS server, eg. 192.168.1.2
+  -P,--profile      Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
+  -A,--arch         Define what arch the container will be [i386,x86_64]
+  ---rootfs         rootfs path
+  -h,--help         print this help
+EOF
+    return 0
+}
+
+options=$(getopt -o hp:n:P:cR:4:g:d:u:A: -l help,rootfs:,path:,name:,profile:,clean,release:,ipv4:,gw:,dns:,user:,password:,arch: -- "$@")
+if [ $? -ne 0 ]; then
+    usage $(basename $0)
+    exit 1
+fi
+eval set -- "$options"
+
+while true
+do
+    case "$1" in
+        -h|--help)      usage $0 && exit 0;;
+        -p|--path)      path=$2; shift 2;;
+        --rootfs)       rootfs_path=$2; shift 2;;
+        -n|--name)      name=$2; shift 2;;
+        -P|--profile)   profile=$2; shift 2;;
+        -c|--clean)     clean=1; shift 1;;
+        -R|--release)   release=$2; shift 2;;
+        -A|--arch)      arch=$2; shift 2;;
+        -4|--ipv4)      ipv4=$2; shift 2;;
+        -g|--gw)        gw=$2; shift 2;;
+        -d|--dns)       dns=$2; shift 2;;
+        -u|--user)      default_user=$2; shift 2;;
+        --password)     default_user_password=$2; shift 2;;
+        --)             shift 1; break ;;
+        *)              break ;;
+    esac
+done
+
+if [ ! -z "$clean" -a -z "$path" ]; then
+    clean || exit 1
+    exit 0
+fi
+
+type apt-get >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "'apt-get' command is missing"
+    exit 1
+fi
+
+type vbootstrap >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "'vbootstrap' command is missing"
+    exit 1
+fi
+
+if [ -z "$path" ]; then
+    path=$default_path
+fi
+
+if [ -z "$profile" ]; then
+    profile=$default_profile
+fi
+
+if [ -z "$release" ]; then
+    release="VineSeed"
+fi
+
+if [ -z "$ipv4" ]; then
+    BOOTPROTO="dhcp"
+else
+    BOOTPROTO="static"
+fi
+
+if [ -z "$default_user" ]; then
+    default_user="vine"
+fi
+
+if [ -z "$default_user_password" ]; then
+    default_user_password="vine123"
+fi
+
+if [ -z "$arch" ]; then
+    arch="$(uname -i)"
+fi
+
+
+if [ "$(id -u)" != "0" ]; then
+    echo "This script should be run as 'root'"
+    exit 1
+fi
+
+# check for 'lxc.rootfs' passed in through default config by lxc-create
+if [ -z "$rootfs_path" ]; then
+    if grep -q '^lxc.rootfs' $path/config 2>/dev/null ; then
+        rootfs_path=$(awk -F= '/^lxc.rootfs =/{ print $2 }' $path/config)
+    else
+        rootfs_path=$path/rootfs
+    fi
+fi
+
+config_path=$default_path/$name
+cache=$cache_base/$arch/$release/$profile
+
+install_vinelinux
+if [ $? -ne 0 ]; then
+    echo "failed to install vinelinux"
+    exit 1
+fi
+
+configure_vinelinux
+if [ $? -ne 0 ]; then
+    echo "failed to configure vinelinux for a container"
+    exit 1
+fi
+
+copy_configuration
+if [ $? -ne 0 ]; then
+    echo "failed write configuration file"
+    exit 1
+fi
+
+if [ ! -z "$clean" ]; then
+    clean || exit 1
+    exit 0
+fi
+echo "container rootfs and config created"
+echo "network configured as $lxc_network_type in the $lxc_network_link"

l/lxc/lxc-vl.spec

@@ -1,36 +1,64 @@
-#define gitdate 20120525
+%global with_python3 0
+%global with_systemd 0
+
+%global luaver 5.1
+%global lualibdir %{_libdir}/lua/%{luaver}
+%global luapkgdir %{_datadir}/lua/%{luaver}
+
 Name:           lxc
-Version:        0.8.0
-Release:        2%{?_dist_release}
+Version:        1.1.4
+Release:        1%{?_dist_release}
 Summary:        Linux Resource Containers
 Summary(ja):    Linux リソースコンテナ
-
 Group:          Applications/System
-License:        LGPLv2+
-URL:            http://lxc.sourceforge.net
-Source0:        http://lxc.sourceforge.net/download/lxc/%{name}-%{version}.tar.gz
+License:        LGPLv2+ and GPLv2
+URL:            http://linuxcontainers.org
+
+Source0:        http://linuxcontainers.org/downloads/%{name}-%{version}.tar.gz
+Source10:	lxc-vinelinux
 
-BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root
+Patch0:         lxc-1.1.0-fix-init.patch
+Patch1:         lxc-1.1.4-fix-bootorder.patch
 
-BuildRequires:  automake
 BuildRequires:  docbook-utils
+Buildrequires:  docbook2X
+Buildrequires:  doxygen
 BuildRequires:  kernel-headers
 BuildRequires:  libcap-devel
 BuildRequires:  libtool
-
-Vendor: Project Vine
-Distribution: Vine Linux
-Packager: daisuke
+BuildRequires:  lua-devel
+BuildRequires:  perl-XML-SAX
+%if 0%{?with_python3}
+BuildRequires:  python3-devel >= 3.2
+%endif # with_python3
+%if 0%{?with_systemd}
+BuildRequires:  systemd
+%endif # with_systemd
+# for lxc-top
+Requires:       lua-%{name}%{?_isa} = %{version}-%{release}
+Requires:       lua-alt-getopt
+
+%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
 %description
 Linux Resource Containers provide process and resource isolation without the
 overhead of full virtualization.
 
+
 %package        libs
 Summary:        Runtime library files for %{name}
-Summary(ja):    %{name} のランタイムライブラリ
+Summary(ja):    %{name}のランタイムライブラリ
 Group:          System Environment/Libraries
-Requires:       %{name} = %{version}-%{release}
+%if 0%{?with_systemd}
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+%else
+Requires(post): chkconfig
+Requires(preun): initscripts, chkconfig
+Requires(postun): initscripts
+%endif # with_systemd
+
 
 %description    libs
 Linux Resource Containers provide process and resource isolation without the
@@ -38,24 +66,77 @@ overhead of full virtualization.
 
 The %{name}-libs package contains libraries for running %{name} applications.
 
+
+%if 0%{?with_python3}
+%package        -n python3-%{name}
+Summary:        Python binding for %{name}
+Summary(ja):    %{name} の Python バインディング
+Group:          System Environment/Libraries
+
+%description    -n python3-%{name}
+Linux Resource Containers provide process and resource isolation without the
+overhead of full virtualization.
+
+The python3-%{name} package contains the Python3 binding for %{name}.
+
+%global __provides_exclude %{?__provides_exclude:%__provides_exclude|}_lxc\\..*\\.so
+
+
+%package        extra
+Summary:        Extra tools for %{name}
+Summary(ja):    %{name} の追加ツール
+Group:          Applications/System
+Requires:       python3-%{name}%{?_isa} = %{version}-%{release}
+
+%description    extra
+Linux Resource Containers provide process and resource isolation without the
+overhead of full virtualization.
+
+This package contains tools needing the Python3 bindings.
+%endif # with_python3
+
+
+%package        -n lua-%{name}
+Summary:        Lua binding for %{name}
+Summary(ja):    %{name} の Lua バインディング
+Group:          System Environment/Libraries
+
+%description    -n lua-%{name}
+Linux Resource Containers provide process and resource isolation without the
+overhead of full virtualization.
+
+The lua-%{name} package contains the Lua binding for %{name}.
+
+%global __provides_exclude %{?__provides_exclude:%__provides_exclude|}core\\.so\\.0
+
+
 %package        templates
 Summary:        Templates for %{name}
-Summary(ja):    %{name} 用のテンプレート
+Summary(ja):    %{name} のテンプレート
 Group:          System Environment/Libraries
-Requires:       %{name} = %{version}-%{release}
-Requires:       debootstrap
+Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
+# Note: Requirements for the template scripts (busybox, dpkg,
+# debootstrap, vbootstrap, rsync, openssh-server, dhclient, apt, pacman, zypper,
+# ubuntu-cloudimg-query etc...) are not explicitly mentioned here:
+# their presence varies wildly on supported Fedora/EPEL releases and
+# archs, and they are in most cases needed for a single template
+# only. Also, the templates normally fail graciously when such a tool
+# is missing. Moving each template to its own subpackage on the other
+# hand would be overkill.
+
 
 %description    templates
 Linux Resource Containers provide process and resource isolation without the
 overhead of full virtualization.
 
-The %{name}-template package contains templates for creating containers.
+The %{name}-templates package contains templates for creating containers.
+
 
 %package        devel
 Summary:        Development files for %{name}
-Summary(ja):    %{name} の開発ライブラリ
+Summary(ja):    %{name}の開発ファイル
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release}
+Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
 Requires:       pkgconfig
 
 %description    devel
@@ -65,72 +146,216 @@ overhead of full virtualization.
 The %{name}-devel package contains libraries and header files for
 developing applications that use %{name}.
 
+
 %package        doc
 Summary:        Documentation for %{name}
 Summary(ja):    %{name} のドキュメント
 Group:          Documentation
-Requires:       %{name} = %{version}-%{release}
+BuildArch:      noarch
 
 %description    doc
 This package contains documentation for %{name}.
 
+
 %prep
 %setup -q -n %{name}-%{version}
+%patch0 -p1
+%patch1 -p1
+
 
 %build
-./autogen.sh
-%configure --disable-apparmor F77=no
-# Fix binary-or-shlib-defines-rpath error
-%{__sed} -i '/AM_LDFLAGS = -Wl,-E -Wl,-rpath -Wl,$(libdir)/d' src/lxc/Makefile.in
-%{__make} %{?_smp_mflags}
+%configure --with-distro=centos \
+           --enable-doc \
+           --enable-api-docs \
+           --disable-silent-rules \
+           --docdir=%{_pkgdocdir} \
+           --disable-rpath \
+           --disable-apparmor \
+           --disable-cgmanager \
+           --disable-selinux \
+	   --enable-capabilities \
+	   --enable-examples \
+           --enable-bash \
+           --enable-lua \
+%if 0%{?with_python3}
+           --enable-python \
+%endif # with_python3
+%if 0%{?with_systemd}
+           --with-init-script=systemd \
+%else
+           --with-init-script=sysvinit \
+%endif # with_systemd
+# intentionally blank line
+make %{?_smp_mflags}
 
-%check
-%{__make} check
 
 %install
-rm -rf %{buildroot}
-%{__make} DESTDIR=%{buildroot} install
-find %{buildroot} -name '*.la' -delete
-%{__mkdir} -p %{buildroot}%{_var}/lib/%{name}
+%{make_install}
+make DESTDIR=%{buildroot} install
+mkdir -p %{buildroot}%{_sharedstatedir}/%{name}
+chmod -x %{buildroot}%{luapkgdir}/lxc.lua
+
+mkdir -p %{buildroot}%{_pkgdocdir}
+cp -a AUTHORS COPYING README %{buildroot}%{_pkgdocdir}
+mkdir -p %{buildroot}%{_pkgdocdir}/api
+cp -a doc/api/html/* %{buildroot}%{_pkgdocdir}/api/
+
+# cache dir
+mkdir -p %{buildroot}%{_localstatedir}/cache/%{name}
 
-%clean
-%{__rm} -rf %{buildroot}
+rm -rf %{buildroot}%{_datadir}/lxc/selinux
 
-%post libs -p /sbin/ldconfig
+# install vinelinux template
+install -m775 %{SOURCE10} %{buildroot}%{_datadir}/lxc/templates/
+
+
+%check
+make check
+
+
+%post libs
+/sbin/ldconfig
+%if 0%{?with_systemd}
+%systemd_post %{name}.service
+%else
+/sbin/chkconfig --add %{name}
+%endif # with_systemd
+
+
+%preun libs
+%if 0%{?with_systemd}
+%systemd_preun %{name}.service
+%else
+if [ $1 -eq 0 ]; then
+        /sbin/service %{name} stop > /dev/null 2>&1
+        /sbin/chkconfig --del %{name}
+fi
+%endif # with_systemd
+
+
+%postun libs
+/sbin/ldconfig
+%if 0%{?with_systemd}
+%systemd_postun %{name}.service
+%else
+if [ $1 -ge 1 ]; then
+        /sbin/service %{name} condrestart > /dev/null 2>&1 || :
+fi
+%endif # with_systemd
 
-%postun libs -p /sbin/ldconfig
 
 %files
-%defattr(-,root,root,-)
-%doc AUTHORS COPYING README
 %{_bindir}/%{name}-*
-%{_mandir}/man*/%{name}*
-%{_var}/lib/%{name}
+%{_mandir}/man1/%{name}*
+%{_mandir}/*/man1/%{name}*
+# in lxc-libs:
+%exclude %{_bindir}/%{name}-autostart
+%exclude %{_mandir}/man1/%{name}-autostart*
+%exclude %{_mandir}/*/man1/%{name}-autostart*
+%exclude %{_mandir}/man1/%{name}-user-nic*
+%exclude %{_mandir}/*/man1/%{name}-user-nic*
+%{_datadir}/%{name}/%{name}.functions
+%if 0%{?with_python3}
+%exclude %{_bindir}/%{name}-device
+%exclude %{_bindir}/%{name}-ls
+%exclude %{_bindir}/%{name}-start-ephemeral
+%exclude %{_mandir}/man1/%{name}-device*
+%exclude %{_mandir}/man1/%{name}-ls*
+%exclude %{_mandir}/man1/%{name}-start-ephemeral*
+%exclude %{_mandir}/*/man1/%{name}-device*
+%exclude %{_mandir}/*/man1/%{name}-ls*
+%exclude %{_mandir}/*/man1/%{name}-start-ephemeral*
+%endif
+%dir %{_sysconfdir}/bash_completion.d/
+%{_sysconfdir}/bash_completion.d/%{name}
+
 
 %files libs
-%defattr(-,root,root,-)
-%doc AUTHORS COPYING
-%dir %{_datadir}/lxc
-%dir %{_datadir}/lxc/templates
+%dir %{_datadir}/%{name}
+%dir %{_datadir}/%{name}/templates
+%dir %{_datadir}/%{name}/config
+%{_datadir}/%{name}/hooks
+%{_datadir}/%{name}/%{name}-patch.py*
 %{_libdir}/liblxc.so.*
-%{_libdir}/lxc/rootfs
-%{_libexecdir}/lxc/lxc-init
+%{_libdir}/%{name}
+%{_libexecdir}/%{name}
+# fixme: should be in libexecdir?
+%{_sbindir}/init.%{name}
+%{_bindir}/%{name}-autostart
+%{_sharedstatedir}/%{name}
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/default.conf
+%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
+%{_mandir}/man1/%{name}-autostart*
+%{_mandir}/*/man1/%{name}-autostart*
+%{_mandir}/man1/%{name}-user-nic*
+%{_mandir}/*/man1/%{name}-user-nic*
+%{_mandir}/man5/%{name}*
+%{_mandir}/man7/%{name}*
+%{_mandir}/*/man5/%{name}*
+%{_mandir}/*/man7/%{name}*
+%dir %{_pkgdocdir}
+%{_pkgdocdir}/AUTHORS
+%{_pkgdocdir}/COPYING
+%{_pkgdocdir}/README
+%if 0%{?with_systemd}
+%{_unitdir}/%{name}.service
+%else
+%{_sysconfdir}/rc.d/init.d/%{name}
+%{_sysconfdir}/rc.d/init.d/%{name}-net
+%endif # with_systemd
+%dir %{_localstatedir}/cache/%{name}
+
+
+%if 0%{?with_python3}
+%files -n python3-%{name}
+%{python3_sitearch}/*
+
+
+%files extra
+%{_bindir}/%{name}-device
+%{_bindir}/%{name}-ls
+%{_bindir}/%{name}-start-ephemeral
+%{_mandir}/man1/%{name}-device*
+%{_mandir}/man1/%{name}-ls*
+%{_mandir}/man1/%{name}-start-ephemeral*
+%{_mandir}/*/man1/%{name}-device*
+%{_mandir}/*/man1/%{name}-ls*
+%{_mandir}/*/man1/%{name}-start-ephemeral*
+%endif # with_python3
+
+
+%files -n lua-%{name}
+%{lualibdir}/%{name}
+%{luapkgdir}/%{name}.lua
+
 
 %files templates
-%defattr(-,root,root,-)
-%{_datadir}/lxc/templates/lxc-*
+%{_datadir}/%{name}/templates/lxc-*
+%{_datadir}/%{name}/config/*
+
 
 %files devel
-%defattr(-,root,root,-)
 %{_libdir}/pkgconfig/%{name}.pc
-%{_includedir}/*
+%{_includedir}/lxc
 %{_libdir}/liblxc.so
 
+
 %files doc
-%defattr(-,root,root,-)
-%{_docdir}/%{name}
+%dir %{_pkgdocdir}
+# README, AUTHORS and COPYING intentionally duplicated because -doc
+# can be installed on its own.
+%{_pkgdocdir}/*
+
 
 %changelog
+* Sun Nov 15 2015 Daisuke SUZUKI <daisuke@vinelinux.org> 1.1.4-1
+- update to 1.1.4-1
+- add vinelinux template
+
+* Wed Apr 10 2013 Daisuke SUZUKI <daisuke@linux.or.jp> 0.8.0-3
+- add patch10 to not fail on failure to link kmsg
+
 * Wed Nov 21 2012 Daisuke SUZUKI <daisuke@linux.or.jp> 0.8.0-2
 - update to 0.8.0 release