Setting tag util-vserver-pl-0.4-29

[util-vserver-pl.git] / scripts / vuseradd

#!/bin/bash
#
# useradd(8) wrapper for vservers
#
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2004-2006 The Trustees of Princeton University
#
# $Id$
#

: ${UTIL_VSERVER_VARS:=/usr/lib/util-vserver/util-vserver-vars}
test -e "$UTIL_VSERVER_VARS" || {
    echo "Can not find util-vserver installation; aborting..."
    exit 1
}
. "$UTIL_VSERVER_VARS"

shopt -s nullglob

# Defaults
TYPE="default"

usage()
{
    TYPES=
    pushd "$__DEFAULT_VSERVERDIR/.vref" >/dev/null
    for ref in * ; do
        if [ -z "$TYPES" ] ; then
            TYPES=$ref
        else
            TYPES="$TYPES, $ref"
        fi
    done
    popd >/dev/null

    echo "Usage: vuseradd [OPTION]... [NAME]"
    echo "      -t      Reference image type ($TYPES)"
    exit 1
}

# Get options
ISOLATE=false
while getopts "it:" opt ; do
    case $opt in
        t)
            TYPE="$OPTARG"
            ;;
        i)
            ISOLATE=true
            ;;
        *)
            usage
            ;;
    esac
done
shift $(($OPTIND - 1))

# Get slice name
[ -z "$1" ] && usage
NAME=$1

# Add slices group to /etc/group if not already present
groupadd slices 2>/dev/null || :

# Add slice name to /etc/passwd
useradd -g slices -s /bin/vsh $NAME -p '*'

USERID=`id -u $NAME`
GROUPID=`id -g $NAME`
GROUPNAME=`id -gn $NAME`

# Create /etc/vservers configuration files
if [ ! -d $__CONFDIR/$NAME ] ; then
    # Move away the guest contents for now
    if [ -d $__DEFAULT_VSERVERDIR/$NAME ] ; then
        mkdir -p "$__DEFAULT_VSERVERDIR/.vtmp"
        TMP=$(mktemp -d "$__DEFAULT_VSERVERDIR/.vtmp/$NAME.XXXXXX")
        mv $__DEFAULT_VSERVERDIR/$NAME "$TMP"
        HAS_VSERVERDIR=1
    else
        HAS_VSERVERDIR=0
    fi

    if [ "$ISOLATE" = "true" ] ; then
        $_VSERVER $NAME build -m skeleton --context $USERID \
                --interface nodev:`hostname -i` \
                --flags persistent,~info_init
    else 
        $_VSERVER $NAME build -m skeleton --context $USERID \
                --interface nodev:`hostname -i` \
                --interface nodev:127.0.0.1 \
                --flags persistent,~info_init
    fi

    RETVAL=$?
    DIR=$__CONFDIR/$NAME
    if [ $RETVAL -ne 0 ] ; then
        echo "Error $RETVAL building $DIR"
        rm -rf $DIR $__DEFAULT_VSERVERDIR/$NAME
    fi
    mkdir -p $DIR/apps/init $DIR/rlimits $DIR/sched $DIR/cgroup $DIR/dlimits/0 $DIR/sysctl/0
    echo default > $DIR/apps/init/mark

    # Set persistent for the network context
    if [ "$ISOLATE" = "true" ]; then
        echo persistent,lback_allow,hide_lback,lback_remap > $DIR/nflags
    else 
        echo persistent,lback_allow > $DIR/nflags
    fi

    # Set default capabilities
    echo "CAP_NET_RAW" > $DIR/bcapabilities
    touch $DIR/ccapabilities

    # Set up the scheduler
    echo 100 > $DIR/sched/interval
    echo 1000 > $DIR/sched/interval2
    echo 0 > $DIR/sched/fill-rate
    echo 1 > $DIR/sched/fill-rate2
    touch $DIR/sched/idle-time
    echo 100 > $DIR/sched/tokens
    echo 50 > $DIR/sched/tokens-min
    echo 100 > $DIR/sched/tokens-max

    echo 1024 > $DIR/cgroup/cpu.shares

    # Set up disk limits (10 GB)
    echo `$_READLINK $DIR/vdir` > $DIR/dlimits/0/directory
    echo 2 > $DIR/dlimits/0/reserved
    echo -1 > $DIR/dlimits/0/inodes_total
    echo 10000000 > $DIR/dlimits/0/space_total

    # Set up sysctl variables
    echo net.ipv4.ip_forward > $DIR/sysctl/0/setting
    echo 1 > $DIR/sysctl/0/value
    
    # Add spaces directory
    mkdir -p $DIR/spaces

    # Remove the basically empty guest directory
    rm -rf $__DEFAULT_VSERVERDIR/$NAME
    # Move the guest back
    if [ "$HAS_VSERVERDIR" = 1 ] ; then
        mv "$TMP/$NAME" $__DEFAULT_VSERVERDIR/$NAME
        rm -rf "$TMP"
    fi
fi

if [ ! -d "$__DEFAULT_VSERVERDIR/$NAME" ] ; then
    # Check the cache
    if [ "$TYPE" = "default" ] ; then
        for i in "$__DEFAULT_VSERVERDIR/.vcache/"* ; do
            [ -d "$i" ] && mv "$i" "$__DEFAULT_VSERVERDIR/$NAME" && break
        done
    fi

    # Build slice from reference image
    if [ ! -d "$__DEFAULT_VSERVERDIR/$NAME" ] ; then
        REF="$__DEFAULT_VSERVERDIR/.vref/$TYPE"

        # Build in temporary directory
        mkdir -p "$__DEFAULT_VSERVERDIR/.vtmp"
        TMP=$(mktemp -d "$__DEFAULT_VSERVERDIR/.vtmp/$NAME.XXXXXX")
        "$_VCLONE" "$REF"/ "$TMP"/
        RETVAL=$?

        # Move it to its permanent location when complete
        if [ $RETVAL -eq 0 ] ; then 
            mv "$TMP" "$__DEFAULT_VSERVERDIR/$NAME"
        else
            echo "Error $RETVAL building $__DEFAULT_VSERVERDIR/$NAME"
            rm -rf "$TMP" $__CONFDIR/$NAME $__PKGSTATEDIR/$NAME.ctx
            userdel -r $NAME
            exit $RETVAL
        fi
    fi
fi

if [ -d "$__DEFAULT_VSERVERDIR/$NAME" ] ; then
    # Fix permissions
    chmod 755 "$__DEFAULT_VSERVERDIR/$NAME"

    # Add user in vserver
    $_VSERVER $NAME start --rescue sh -c \
        "groupadd -g $GROUPID $GROUPNAME ; useradd -m -u $USERID -g $GROUPID -p '' $NAME"

    # Stop the guest (since it's persistent)
    $_VSERVER $NAME stop

    # Add an unrestricted entry to /etc/sudoers file
    if [ -f "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ] && \
       ! grep -q "^$NAME" "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers" ; then
        echo "$NAME     ALL=(ALL)       ALL" >> "$__DEFAULT_VSERVERDIR/$NAME/etc/sudoers"
    fi

    cp -a /dev/fuse $__DEFAULT_VSERVERDIR/$NAME/dev/

fi

exit 0