From 4ddc14bd0866ff769421857044dd14867f1944d5 Mon Sep 17 00:00:00 2001 From: Bogdan Purcareata Date: Thu, 11 Apr 2013 16:15:43 +0300 Subject: [PATCH v2] lxc-template: enable chroot + chpasswd functionality for Busybox hosts This patch supports the scenario where a user wants to install a busybox container on a busybox host. When running the template, in order to change the root password, the template needs to do the chroot. On busybox-powered hosts, chroot is not part of the coreutils package - it's part of busybox. And the busybox implementation or chroot only works if it has /lib in the new root populated with the right binaries (or at least that's the solution I found to make it work). The temporarily bind-mounts /lib in the NEWROOT, chroots there, changes the password, goes back and unmounts. This set of operations is contained in a new MOUNT namespace, using the lxc-unshare call. Signed-off-by: Bogdan Purcareata --- templates/lxc-busybox.in | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in index cb425ec..2ca2bfd 100644 --- a/templates/lxc-busybox.in +++ b/templates/lxc-busybox.in @@ -189,9 +189,35 @@ configure_busybox() # passwd exec must be setuid chmod +s $rootfs/bin/passwd touch $rootfs/etc/shadow - echo "setting root passwd to root" - echo "root:root" | chroot $rootfs chpasswd + # setting passwd for root + CHPASSWD_FILE=$rootfs/root/chpasswd.sh + + cat <$CHPASSWD_FILE +echo "setting root password to \"root\"" + +mount --bind /lib $rootfs/lib +if [ \$? -ne 0 ]; then + echo "Failed bind-mounting /lib at $rootfs/lib" + exit 1 +fi + +chroot $rootfs chpasswd </dev/null +root:root +EOFF + + +if [ \$? -ne 0 ]; then + echo "Failed to change root password" + exit 1 +fi + +umount $rootfs/lib + +EOF + + lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE + rm $CHPASSWD_FILE # add ssh functionality if dropbear package available on host which dropbear >/dev/null 2>&1 -- 1.7.11.7