App-LXC-Container
view release on metacpan or search on metacpan
lib/App/LXC/Container/Data/common.pm view on Meta::CPAN
('# The filter contains paths that are always ignored (excluded) when',
'# considering mount-points derived from packages. But there are',
'# still some specials possible, the paths may be followed (after some',
'# white-spaces) by one of the following keywords:',
'# copy path (usually a symbolic link) is simply copied',
'# empty creates empty file or directory for path',
'# ignore path is completely ignored (never creates mount-point)',
'# nomerge sub-directories of this path are never merged into it',
'',
'# common:');
my @output =
('/boot ignore',
'/dev ignore',
'/home nomerge',
'/proc ignore',
'/sys ignore',
'/usr nomerge',
'/usr/games nomerge',
'/usr/include nomerge',
'/usr/lib nomerge',
'/usr/share nomerge',
'/usr/share/doc nomerge',
'/usr/share/dpkg ignore',
'/usr/share/info nomerge',
'/usr/share/lintian/overrides ignore',
'/usr/share/man ignore',
'/usr/share/misc/magic.mgc ignore',
'/usr/src nomerge',
'/var nomerge',
'/var/backups ignore',
'/var/cache nomerge',
# Note that /var/lib would break the start of a container due to
# /var/lib/lxc* behaving unexpectedly:
'/var/lib nomerge',
'/var/lib/dpkg ignore',
'/var/log empty',
'/var/spool nomerge');
local $_;
foreach (POSSIBLE_LINKS)
{ push @output, "$_\t\t\t\tcopy" if -l $_; }
return (@head, sort @output);
}
#########################################################################
=head2 B<content_default_mounts> - return default mount configuration
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_default_mounts>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_default_mounts($)
{
_check_singleton(shift);
my @output =
('# Some notes to the list of default mounts (mounts that are needed in',
'# every application container):',
'#',
'# 1. Default mounts are read-only bind mounts.',
'# 2. Other mount options must be specified explicitly in field 2.',
'# 3. Special filesystems must be specified explicitly in field 3.',
'#',
'# In addition to directories (for mount-points) this list may also',
'# contain symbolic links, that are simply copied to the created',
'# configuration.',
'',
'# common:');
local $_;
foreach
('/bin',
'/dev/shm create=dir,rw tmpfs',
# the next 3 are needed by su:
'/etc/login.defs',
'/etc/pam.d',
'/etc/security',
'/lib',
'/root create=dir,rw,mode=700 tmpfs',
'/sbin',
# a shared and writable /tmp and extra unshared /usr/tmp and /var/tmp:
'/tmp create=dir,rw,bind',
'/usr/tmp create=dir,rw tmpfs',
'/var/tmp create=dir,rw tmpfs',
)
{
(my $entry = $_) =~ s/\s+.*//;
next if -l $entry;
next unless -d $entry or -f $entry;
push @output, abs_path($_);
}
return @output;
}
#########################################################################
=head2 B<content_default_packages> - return default packages
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_default_packages>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_default_packages($)
{
_check_singleton(shift);
local $_;
my @paths = ('/bin/sh');
foreach (qw(ldd ls su))
{
my $exec = App::LXC::Container::Data::find_executable($_);
$exec or fatal('mandatory_package__1_missing', $_);
push @paths, $exec;
}
my %packages = ();
foreach (@paths)
{
$_ = App::LXC::Container::Data::package_of($_);
$_ and $packages{$_} = 1;
}
my @output =
('# list of mandatory packages that are needed in every',
'# application container:',
'#',
'# Their dependencies will lead to a list of additionally needed',
'# mount-points.',
sort keys %packages);
return @output;
}
#########################################################################
=head2 B<content_network_default> - return default network configuration
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_network_default>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_network_default($)
lib/App/LXC/Container/Data/common.pm view on Meta::CPAN
_check_singleton(shift);
my @output =
('# This is an additional mount configuration file for applications with',
'# network access. See 40-MNT-default.mounts for more explanations.',
'',
'# network:',
'/etc/ssl/certs',
'/usr/lib/ssl',
'/usr/share/ca-certificates',
'/usr/share/ssl-cert');
return @output
}
#########################################################################
=head2 B<content_network_packages> - return mount configuration for NETWORK
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_network_packages>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_network_packages($)
{
_check_singleton(shift);
my @output =
('# This is an additional packages needed for network access.',
'# See 30-PKG-default.packages for more explanations.');
local $_;
foreach (qw(ip))
{
my $exec = App::LXC::Container::Data::find_executable($_);
if ($exec)
{
my $pkg = App::LXC::Container::Data::package_of($exec);
push @output, $pkg if $pkg;
}
}
return @output;
}
#########################################################################
=head2 B<content_x11_mounts> - return mount configuration for X11
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_x11_mounts>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_x11_mounts($)
{
_check_singleton(shift);
my @output =
('# This is an additional mount configuration file for X11 applications.',
'# See 40-MNT-default.mounts for more explanations.',
'',
'# common:',
'/dev/dri create=dir,rw,bind,optional',
'/usr/share/icons',
'/usr/share/mime',
'/usr/share/pixmaps',
'/var/cache/fontconfig',
'/var/lib/dbus');
return @output
}
#########################################################################
=head2 B<content_x11_packages> - return package configuration for X11
internal object-oriented implementation of the function
L<App::LXC::Container::Data::content_x11_packages>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub content_x11_packages($)
{
_check_singleton(shift);
my @output =
('# list of mandatory packages needed for X11',
'# See 30-PKG-default.packages for more explanations.',
'fontconfig-config');
return @output;
}
#########################################################################
=head2 depends_on - find package of file
internal object-oriented implementation of the function
L<App::LXC::Container::Data::depends_on>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub depends_on($$$)
{
my $self = _check_singleton(shift);
}
#########################################################################
=head2 libraries_used - find package of executable
internal object-oriented implementation of the function
L<App::LXC::Container::Data::libraries_used>
=cut
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sub libraries_used($$)
{
_check_singleton(shift);
my ($executable) = @_;
-f $executable or fatal 'internal_error__1', 'not a file: ' . $executable;
# 1st check for non-standard interpreter to avoid security issues (see
( run in 0.565 second using v1.01-cache-2.11-cpan-2398b32b56e )