From d06889f7a59724823a6bae05b309704322d86a35 Mon Sep 17 00:00:00 2001 From: Manuel Bentele Date: Thu, 4 Feb 2021 10:13:25 +0100 Subject: [qemu] Rename 'qemukvm' occurrences in the core module to 'qemu' --- core/targets/qemu/qemu | 1 + core/targets/qemukvm/qemukvm | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) create mode 120000 core/targets/qemu/qemu delete mode 120000 core/targets/qemukvm/qemukvm (limited to 'core/targets') diff --git a/core/targets/qemu/qemu b/core/targets/qemu/qemu new file mode 120000 index 00000000..bb8ffc08 --- /dev/null +++ b/core/targets/qemu/qemu @@ -0,0 +1 @@ +../../modules/qemu \ No newline at end of file diff --git a/core/targets/qemukvm/qemukvm b/core/targets/qemukvm/qemukvm deleted file mode 120000 index e8e7d1b3..00000000 --- a/core/targets/qemukvm/qemukvm +++ /dev/null @@ -1 +0,0 @@ -../../modules/qemukvm \ No newline at end of file -- cgit v1.2.3-55-g7522 From 288523c21e7560e3b97608e9f463f1e7ffeab069 Mon Sep 17 00:00:00 2001 From: Manuel Bentele Date: Thu, 4 Feb 2021 12:00:25 +0100 Subject: [libvirt] Add Libvirt virtualization daemon as new module --- core/modules/libvirt/data/addon-init | 4 ++++ core/modules/libvirt/module.build | 14 ++++++++++++++ core/modules/libvirt/module.conf.debian | 16 ++++++++++++++++ core/modules/libvirt/module.conf.ubuntu.18 | 12 ++++++++++++ core/modules/libvirt/module.conf.ubuntu.20 | 16 ++++++++++++++++ core/targets/qemu/libvirt | 1 + 6 files changed, 63 insertions(+) create mode 100755 core/modules/libvirt/data/addon-init create mode 100644 core/modules/libvirt/module.build create mode 100644 core/modules/libvirt/module.conf.debian create mode 100644 core/modules/libvirt/module.conf.ubuntu.18 create mode 100644 core/modules/libvirt/module.conf.ubuntu.20 create mode 120000 core/targets/qemu/libvirt (limited to 'core/targets') diff --git a/core/modules/libvirt/data/addon-init b/core/modules/libvirt/data/addon-init new file mode 100755 index 00000000..8070d171 --- /dev/null +++ b/core/modules/libvirt/data/addon-init @@ -0,0 +1,4 @@ +#!/bin/ash + +systemctl daemon-reload +systemctl start libvirtd.service diff --git a/core/modules/libvirt/module.build b/core/modules/libvirt/module.build new file mode 100644 index 00000000..5fa3a36f --- /dev/null +++ b/core/modules/libvirt/module.build @@ -0,0 +1,14 @@ +#!/bin/bash +fetch_source() { + : +} + +build() { + COPYLIST="list_dpkg_output" + list_packet_files > "$COPYLIST" + tarcopy "$(cat "${COPYLIST}" | sort -u)" "${MODULE_BUILD_DIR}" +} + +post_copy() { + : +} diff --git a/core/modules/libvirt/module.conf.debian b/core/modules/libvirt/module.conf.debian new file mode 100644 index 00000000..a4ecd34a --- /dev/null +++ b/core/modules/libvirt/module.conf.debian @@ -0,0 +1,16 @@ +#!/bin/bash +REQUIRED_INSTALLED_PACKAGES=" + libvirt-daemon-system + libvirt-daemon + libvirt-clients + virt-manager + virt-viewer +" + +REQUIRED_CONTENT_PACKAGES=" + libvirt-daemon-system + libvirt-daemon + libvirt-clients + virt-manager + virt-viewer +" diff --git a/core/modules/libvirt/module.conf.ubuntu.18 b/core/modules/libvirt/module.conf.ubuntu.18 new file mode 100644 index 00000000..fbe60f37 --- /dev/null +++ b/core/modules/libvirt/module.conf.ubuntu.18 @@ -0,0 +1,12 @@ +#!/bin/bash +REQUIRED_INSTALLED_PACKAGES=" + libvirt-bin + virt-manager + virt-viewer +" + +REQUIRED_CONTENT_PACKAGES=" + libvirt-bin + virt-manager + virt-viewer +" diff --git a/core/modules/libvirt/module.conf.ubuntu.20 b/core/modules/libvirt/module.conf.ubuntu.20 new file mode 100644 index 00000000..a4ecd34a --- /dev/null +++ b/core/modules/libvirt/module.conf.ubuntu.20 @@ -0,0 +1,16 @@ +#!/bin/bash +REQUIRED_INSTALLED_PACKAGES=" + libvirt-daemon-system + libvirt-daemon + libvirt-clients + virt-manager + virt-viewer +" + +REQUIRED_CONTENT_PACKAGES=" + libvirt-daemon-system + libvirt-daemon + libvirt-clients + virt-manager + virt-viewer +" diff --git a/core/targets/qemu/libvirt b/core/targets/qemu/libvirt new file mode 120000 index 00000000..3e853b08 --- /dev/null +++ b/core/targets/qemu/libvirt @@ -0,0 +1 @@ +../../modules/libvirt \ No newline at end of file -- cgit v1.2.3-55-g7522 From 5bedad1a4b1d98dab66cef77684d59c43f5be88a Mon Sep 17 00:00:00 2001 From: Manuel Bentele Date: Fri, 5 Feb 2021 14:26:42 +0100 Subject: [openjdk-8-jre-headless] Add Java runtime environment 8 as new module --- core/modules/openjdk-8-jre-headless/module.build | 17 +++++++++++++++++ core/modules/openjdk-8-jre-headless/module.conf | 10 ++++++++++ .../modules/openjdk-8-jre-headless/module.config.ubuntu | 9 +++++++++ core/targets/qemu/openjdk-8-jre-headless | 1 + 4 files changed, 37 insertions(+) create mode 100644 core/modules/openjdk-8-jre-headless/module.build create mode 100644 core/modules/openjdk-8-jre-headless/module.conf create mode 100644 core/modules/openjdk-8-jre-headless/module.config.ubuntu create mode 120000 core/targets/qemu/openjdk-8-jre-headless (limited to 'core/targets') diff --git a/core/modules/openjdk-8-jre-headless/module.build b/core/modules/openjdk-8-jre-headless/module.build new file mode 100644 index 00000000..5854e16a --- /dev/null +++ b/core/modules/openjdk-8-jre-headless/module.build @@ -0,0 +1,17 @@ +#!/bin/bash + +fetch_source() { + : +} + +build() { + # copy mandatory system packages + COPYLIST="list_dpkg_output" + [ -e "${COPYLIST}" ] && rm "${COPYLIST}" + list_packet_files >> "${COPYLIST}" + tarcopy "$(cat "${COPYLIST}" | sort -u)" "${MODULE_BUILD_DIR}" +} + +post_copy() { + : +} diff --git a/core/modules/openjdk-8-jre-headless/module.conf b/core/modules/openjdk-8-jre-headless/module.conf new file mode 100644 index 00000000..fba37fa8 --- /dev/null +++ b/core/modules/openjdk-8-jre-headless/module.conf @@ -0,0 +1,10 @@ +#!/bin/bash + +REQUIRED_BINARIES=" + java +" + +REQUIRED_DIRECTORIES=" + /etc + /usr/lib/jvm/java-8-openjdk-amd64/jre/lib +" diff --git a/core/modules/openjdk-8-jre-headless/module.config.ubuntu b/core/modules/openjdk-8-jre-headless/module.config.ubuntu new file mode 100644 index 00000000..aa99a07c --- /dev/null +++ b/core/modules/openjdk-8-jre-headless/module.config.ubuntu @@ -0,0 +1,9 @@ +#!/bin/bash + +REQUIRED_INSTALLED_PACKAGES=" + openjdk-8-jre-headless +" + +REQUIRED_CONTENT_PACKAGES=" + openjdk-8-jre-headless +" \ No newline at end of file diff --git a/core/targets/qemu/openjdk-8-jre-headless b/core/targets/qemu/openjdk-8-jre-headless new file mode 120000 index 00000000..b899a6a4 --- /dev/null +++ b/core/targets/qemu/openjdk-8-jre-headless @@ -0,0 +1 @@ +../../modules/openjdk-8-jre-headless/ \ No newline at end of file -- cgit v1.2.3-55-g7522 From b70886d3df3a93daa7aab2285ecc1a80867690f5 Mon Sep 17 00:00:00 2001 From: Manuel Bentele Date: Fri, 25 Jun 2021 12:36:25 +0200 Subject: [libvirt] Enforce libvirt UIDs/GIDs to not collide with LDAP UIDs/GIDs --- core/modules/libvirt-users/module.build | 43 ++++++++++++++++++ core/modules/libvirt-users/module.conf | 5 +++ core/modules/libvirt/data/addon-init | 77 --------------------------------- core/modules/libvirt/module.conf | 4 ++ core/targets/qemu/libvirt-users | 1 + 5 files changed, 53 insertions(+), 77 deletions(-) create mode 100644 core/modules/libvirt-users/module.build create mode 100644 core/modules/libvirt-users/module.conf create mode 120000 core/targets/qemu/libvirt-users (limited to 'core/targets') diff --git a/core/modules/libvirt-users/module.build b/core/modules/libvirt-users/module.build new file mode 100644 index 00000000..cab41b98 --- /dev/null +++ b/core/modules/libvirt-users/module.build @@ -0,0 +1,43 @@ +#!/bin/bash +fetch_source() { + : +} + +build() { + : +} + +post_copy() { + # Create libvirt users before installing libvirt packages since the + # libvirt DEB package hook script will create system users with an + # UID/GID greater or equal than 1000. Those default libvirt UIDs/GIDs + # are not allowed since they will collide with LDAP UIDs/GIDs. + + # add system groups to run libvirt + if ! getent group libvirt-qemu >/dev/null; then + addgroup --quiet --system libvirt-qemu + fi + + if ! getent group kvm >/dev/null; then + addgroup --quiet --system kvm + fi + + # add system user libvirt runs qemu/kvm instances with + if ! getent passwd libvirt-qemu >/dev/null; then + adduser --quiet \ + --system \ + --ingroup kvm \ + --quiet \ + --disabled-login \ + --disabled-password \ + --home /var/lib/libvirt \ + --no-create-home \ + --gecos "Libvirt Qemu" \ + libvirt-qemu + fi + + # add libvirt system user to the libvirt system group + if ! getent group libvirt-qemu >/dev/null; then + adduser --quiet libvirt-qemu libvirt-qemu + fi +} diff --git a/core/modules/libvirt-users/module.conf b/core/modules/libvirt-users/module.conf new file mode 100644 index 00000000..668ddf88 --- /dev/null +++ b/core/modules/libvirt-users/module.conf @@ -0,0 +1,5 @@ +#!/bin/bash + +REQUIRED_BINARIES="" +REQUIRED_LIBRARIES="" +REQUIRED_DIRECTORIES="" diff --git a/core/modules/libvirt/data/addon-init b/core/modules/libvirt/data/addon-init index 49c9b7b0..131a03f7 100755 --- a/core/modules/libvirt/data/addon-init +++ b/core/modules/libvirt/data/addon-init @@ -1,83 +1,6 @@ #!/bin/ash -# -# allocated UID and GID for libvirt-qemu -# -LIBVIRT_QEMU_UID=64055 -LIBVIRT_QEMU_GID=64055 - -# -# add groups to run libvirt -# -if ! getent group libvirt >/dev/null; then - addgroup --quiet --system libvirt -fi - -if ! getent group kvm >/dev/null; then - addgroup --quiet --system kvm -fi - -# -# add user and group libvirt runs qemu/kvm instances with -# -if ! getent passwd libvirt-qemu >/dev/null; then - - # set uid if available (expected); don't fail otherwise. - PARAMETER_UID='' - if ! getent passwd $LIBVIRT_QEMU_UID >/dev/null; then - PARAMETER_UID="--uid $LIBVIRT_QEMU_UID" - fi - - adduser --quiet \ - --system \ - --ingroup kvm \ - --quiet \ - --disabled-login \ - --disabled-password \ - --home /var/lib/libvirt \ - --no-create-home \ - --gecos "Libvirt Qemu" \ - $PARAMETER_UID \ - libvirt-qemu -fi - -if ! getent group libvirt-qemu >/dev/null; then - - # set gid if available (expected); don't fail otherwise. - PARAMETER_GID='' - if ! getent group $LIBVIRT_QEMU_GID >/dev/null; then - PARAMETER_GID="--gid $LIBVIRT_QEMU_GID" - fi - - addgroup --quiet --system $PARAMETER_GID libvirt-qemu - adduser --quiet libvirt-qemu libvirt-qemu -fi - -# -# add each sudo user to the libvirt group -# -for u in $(getent group sudo | sed -e "s/^.*://" -e "s/,/ /g"); do - adduser "$u" libvirt >/dev/null || true -done - -if ! getent group libvirt-dnsmasq >/dev/null; then - addgroup --quiet --system libvirt-dnsmasq -fi -if ! getent passwd libvirt-dnsmasq >/dev/null; then - adduser --quiet \ - --system \ - --ingroup libvirt-dnsmasq \ - --disabled-login \ - --disabled-password \ - --home /var/lib/libvirt/dnsmasq \ - --no-create-home \ - --gecos "Libvirt Dnsmasq" \ - libvirt-dnsmasq -fi - -# # register and start libvirt services -# systemctl daemon-reload systemctl start libvirtd.service systemctl start libvirt-guests.service diff --git a/core/modules/libvirt/module.conf b/core/modules/libvirt/module.conf index 668ddf88..d67344f7 100644 --- a/core/modules/libvirt/module.conf +++ b/core/modules/libvirt/module.conf @@ -1,5 +1,9 @@ #!/bin/bash +REQUIRED_MODULES=" + libvirt-users +" + REQUIRED_BINARIES="" REQUIRED_LIBRARIES="" REQUIRED_DIRECTORIES="" diff --git a/core/targets/qemu/libvirt-users b/core/targets/qemu/libvirt-users new file mode 120000 index 00000000..6f799d72 --- /dev/null +++ b/core/targets/qemu/libvirt-users @@ -0,0 +1 @@ +../../modules/libvirt-users \ No newline at end of file -- cgit v1.2.3-55-g7522