2 files changed, 89 insertions, 0 deletions
diff --git a/recipes-extended/images/container-systemd-base.bb b/recipes-extended/images/container-systemd-base.bb
new file mode 100644
index 00000000..96ef4667
--- /dev/null
+++ b/recipes-extended/images/container-systemd-base.bb
@@ -0,0 +1,17 @@
+SUMMARY = "Systemd system container for ${SYSTEMD_CONTAINER_APP}"
+DESCRIPTION = "A small systemd system container which will run \
+                ${SYSTEMD_CONTAINER_APP}."
+SYSTEMD_CONTAINER_APP ?= ""
+# Use local.conf to specify the application(s) to install
+IMAGE_INSTALL += "${SYSTEMD_CONTAINER_APP}"
+# Use local.conf to specify additional systemd services to disable. To overwrite
+# the default list use SERVICES_TO_DISABLE:pn-systemd-container in local.conf
+SERVICES_TO_DISABLE:append = " ${SYSTEMD_CONTAINER_DISABLE_SERVICES}"
+# Use local.conf to enable systemd services
+SERVICES_TO_ENABLE += "${SYSTEMD_CONTAINER_ENABLE_SERVICES}"
+require container-systemd-base.inc
diff --git a/recipes-extended/images/container-systemd-base.inc b/recipes-extended/images/container-systemd-base.inc
new file mode 100644
index 00000000..0b856e83
--- /dev/null
+++ b/recipes-extended/images/container-systemd-base.inc
@@ -0,0 +1,72 @@
+SUMMARY ?= "Sample systemd system container"
+DESCRIPTION ?= "A small systemd system container which will run \
+                the application defined in IMAGE_INSTALL."
+LICENSE ?= "MIT"
+LIC_FILES_CHKSUM ?= "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+# Some commands of interest:
+# % docker run -d --rm --name systemd_test  --privileged \
+#    --cap-add SYS_ADMIN --security-opt seccomp=unconfined --cgroup-parent=docker.slice \
+#    --cgroupns private --tmpfs /tmp --tmpfs /run --tmpfs /run/lock zeddii/systemd-container-base
+#
+# % docker run -d --rm --name systemd_test --privileged \
+#    --cgroup-parent=docker.slice --cgroupns private  zeddii/c3-systemd-container
+#
+# % docker inspect systemd_test
+# % docker inspect systemd_test | grep \"IPAddress\":
+# % docker exec systemd_test bash -c "echo 'testuser:password' | chpasswd"
+# % ssh testuser@172.17.0.2
+require container-base.bb
+OCI_IMAGE_ENTRYPOINT = "/sbin/init"
+IMAGE_INSTALL:append = " systemd"
+IMAGE_INSTALL:append = " packagegroup-core-base-utils"
+IMAGE_INSTALL:append = " packagegroup-core-ssh-openssh"
+IMAGE_INSTALL:append = " busybox"
+IMAGE_FEATURES ?= ""
+NO_RECOMMENDATIONS = "1"
+SERVICES_TO_DISABLE ?= " \
+    systemd-udevd.service \
+    systemd-udevd-control.socket \
+    systemd-udevd-kernel.socket \
+    proc-sys-fs-binfmt_misc.automount \
+    sys-fs-fuse-connections.mount \
+    sys-kernel-debug.mount \
+    systemd-hwdb-update.service \
+    serial-getty@ttyS0.service \
+    dev-ttyS0.device \
+    console-getty.service \
+    serial-getty@.service \
+"
+SERVICES_TO_ENABLE ?= ""
+disable_systemd_services () {
+        SERVICES_TO_DISABLE="${SERVICES_TO_DISABLE}"
+        if [ -n "$SERVICES_TO_DISABLE" ]; then
+                echo "Disabling systemd services:"
+                for service in $SERVICES_TO_DISABLE; do
+                        echo "    $service"
+                        systemctl --root="${IMAGE_ROOTFS}" mask $service > /dev/null >1
+                done
+        fi
+}
+enable_systemd_services () {
+        SERVICES_TO_ENABLE="${SERVICES_TO_ENABLE}"
+        if [ -n "$SERVICES_TO_ENABLE" ]; then
+                echo "Enabling additional systemd services:"
+                for service in $SERVICES_TO_ENABLE; do
+                        echo "    $service"
+                        systemctl --root="${IMAGE_ROOTFS}" enable $service > /dev/null >1
+                done
+        fi
+}
+ROOTFS_POSTPROCESS_COMMAND += "disable_systemd_services; enable_systemd_services;"

diff --git a/recipes-extended/images/container-systemd-base.bb b/recipes-extended/images/container-systemd-base.bb new file mode 100644 index 00000000..96ef4667 --- /dev/null +++ b/recipes-extended/images/container-systemd-base.bb
@@ -0,0 +1,17 @@
	1	SUMMARY = "Systemd system container for ${SYSTEMD_CONTAINER_APP}"
	2	DESCRIPTION = "A small systemd system container which will run \
	3	${SYSTEMD_CONTAINER_APP}."
	4
	5	SYSTEMD_CONTAINER_APP ?= ""
	6
	7	# Use local.conf to specify the application(s) to install
	8	IMAGE_INSTALL += "${SYSTEMD_CONTAINER_APP}"
	9
	10	# Use local.conf to specify additional systemd services to disable. To overwrite
	11	# the default list use SERVICES_TO_DISABLE:pn-systemd-container in local.conf
	12	SERVICES_TO_DISABLE:append = " ${SYSTEMD_CONTAINER_DISABLE_SERVICES}"
	13
	14	# Use local.conf to enable systemd services
	15	SERVICES_TO_ENABLE += "${SYSTEMD_CONTAINER_ENABLE_SERVICES}"
	16
	17	require container-systemd-base.inc


diff --git a/recipes-extended/images/container-systemd-base.inc b/recipes-extended/images/container-systemd-base.inc new file mode 100644 index 00000000..0b856e83 --- /dev/null +++ b/recipes-extended/images/container-systemd-base.inc
@@ -0,0 +1,72 @@
	1	SUMMARY ?= "Sample systemd system container"
	2	DESCRIPTION ?= "A small systemd system container which will run \
	3	the application defined in IMAGE_INSTALL."
	4
	5	LICENSE ?= "MIT"
	6	LIC_FILES_CHKSUM ?= "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
	7
	8	# Some commands of interest:
	9	# % docker run -d --rm --name systemd_test --privileged \
	10	# --cap-add SYS_ADMIN --security-opt seccomp=unconfined --cgroup-parent=docker.slice \
	11	# --cgroupns private --tmpfs /tmp --tmpfs /run --tmpfs /run/lock zeddii/systemd-container-base
	12	#
	13	# % docker run -d --rm --name systemd_test --privileged \
	14	# --cgroup-parent=docker.slice --cgroupns private zeddii/c3-systemd-container
	15	#
	16	# % docker inspect systemd_test
	17	# % docker inspect systemd_test \| grep \"IPAddress\":
	18	# % docker exec systemd_test bash -c "echo 'testuser:password' \| chpasswd"
	19	# % ssh testuser@172.17.0.2
	20
	21	require container-base.bb
	22
	23	OCI_IMAGE_ENTRYPOINT = "/sbin/init"
	24
	25	IMAGE_INSTALL:append = " systemd"
	26	IMAGE_INSTALL:append = " packagegroup-core-base-utils"
	27	IMAGE_INSTALL:append = " packagegroup-core-ssh-openssh"
	28	IMAGE_INSTALL:append = " busybox"
	29
	30	IMAGE_FEATURES ?= ""
	31
	32	NO_RECOMMENDATIONS = "1"
	33
	34	SERVICES_TO_DISABLE ?= " \
	35	systemd-udevd.service \
	36	systemd-udevd-control.socket \
	37	systemd-udevd-kernel.socket \
	38	proc-sys-fs-binfmt_misc.automount \
	39	sys-fs-fuse-connections.mount \
	40	sys-kernel-debug.mount \
	41	systemd-hwdb-update.service \
	42	serial-getty@ttyS0.service \
	43	dev-ttyS0.device \
	44	console-getty.service \
	45	serial-getty@.service \
	46	"
	47
	48	SERVICES_TO_ENABLE ?= ""
	49
	50	disable_systemd_services () {
	51	SERVICES_TO_DISABLE="${SERVICES_TO_DISABLE}"
	52	if [ -n "$SERVICES_TO_DISABLE" ]; then
	53	echo "Disabling systemd services:"
	54	for service in $SERVICES_TO_DISABLE; do
	55	echo " $service"
	56	systemctl --root="${IMAGE_ROOTFS}" mask $service > /dev/null >1
	57	done
	58	fi
	59	}
	60
	61	enable_systemd_services () {
	62	SERVICES_TO_ENABLE="${SERVICES_TO_ENABLE}"
	63	if [ -n "$SERVICES_TO_ENABLE" ]; then
	64	echo "Enabling additional systemd services:"
	65	for service in $SERVICES_TO_ENABLE; do
	66	echo " $service"
	67	systemctl --root="${IMAGE_ROOTFS}" enable $service > /dev/null >1
	68	done
	69	fi
	70	}
	71
	72	ROOTFS_POSTPROCESS_COMMAND += "disable_systemd_services; enable_systemd_services;"