containers - lxc-template: enable chroot + chpasswd functionality for Busybox hosts

This patch enables installation of Buysbox containers on Busybox hosts.
Please see patch message for detailed information.

The patch has been submitted and accepted upstream by LXC maintainers.
The functionality hasn't made it to LXC 0.9.0, but will (most probably)
be included upstream in future releases of LXC.

Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>

2 files changed, 71 insertions, 0 deletions

diff --git a/recipes-containers/lxc/files/lxc-0.9.0-enable-chroot-chpasswd-functionality-for-busybox-hosts.patch b/recipes-containers/lxc/files/lxc-0.9.0-enable-chroot-chpasswd-functionality-for-busybox-hosts.patch
new file mode 100644
index 0000000..d07c658
--- /dev/null
+++ b/recipes-containers/lxc/files/lxc-0.9.0-enable-chroot-chpasswd-functionality-for-busybox-hosts.patch
@@ -0,0 +1,70 @@
+From 4ddc14bd0866ff769421857044dd14867f1944d5 Mon Sep 17 00:00:00 2001
+From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+Date: Thu, 11 Apr 2013 16:15:43 +0300
+Subject: [PATCH v2] lxc-template: enable chroot + chpasswd functionality for
+ Busybox hosts
+
+This patch supports the scenario where a user wants to install a
+busybox container on a busybox host.
+
+When running the template, in order to change the root password,
+the template needs to do the chroot. On busybox-powered hosts, chroot
+is not part of the coreutils package - it's part of busybox. And the
+busybox implementation or chroot only works if it has /lib in the new
+root populated with the right binaries (or at least that's the
+solution I found to make it work).
+
+The temporarily bind-mounts /lib in the NEWROOT, chroots there,
+changes the password, goes back and unmounts. This set of operations
+is contained in a new MOUNT namespace, using the lxc-unshare call.
+
+Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
+---
+ templates/lxc-busybox.in | 30 ++++++++++++++++++++++++++++--
+ 1 file changed, 28 insertions(+), 2 deletions(-)
+
+diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
+index cb425ec..2ca2bfd 100644
+--- a/templates/lxc-busybox.in
++++ b/templates/lxc-busybox.in
+@@ -189,9 +189,35 @@ configure_busybox()
+     # passwd exec must be setuid
+     chmod +s $rootfs/bin/passwd
+     touch $rootfs/etc/shadow
+-    echo "setting root passwd to root"
+-    echo "root:root" | chroot $rootfs chpasswd
+ 
++    # setting passwd for root
++    CHPASSWD_FILE=$rootfs/root/chpasswd.sh
++
++    cat <<EOF >$CHPASSWD_FILE
++echo "setting root password to \"root\""
++
++mount --bind /lib $rootfs/lib
++if [ \$? -ne 0 ]; then
++    echo "Failed bind-mounting /lib at $rootfs/lib"
++    exit 1
++fi
++
++chroot $rootfs chpasswd <<EOFF 2>/dev/null
++root:root
++EOFF
++
++
++if [ \$? -ne 0 ]; then
++    echo "Failed to change root password"
++    exit 1
++fi
++
++umount $rootfs/lib
++
++EOF
++
++    lxc-unshare -s MOUNT -- /bin/sh < $CHPASSWD_FILE
++    rm $CHPASSWD_FILE
+ 
+     # add ssh functionality if dropbear package available on host
+     which dropbear >/dev/null 2>&1
+-- 
+1.7.11.7
+
diff --git a/recipes-containers/lxc/lxc_0.9.0.bb b/recipes-containers/lxc/lxc_0.9.0.bb
index fcda0ba..63ce2d6 100644
--- a/recipes-containers/lxc/lxc_0.9.0.bb
+++ b/recipes-containers/lxc/lxc_0.9.0.bb
@@ -23,6 +23,7 @@ RDEPENDS_${PN} = " \
 
 SRC_URI = "http://lxc.sourceforge.net/download/lxc/${PN}-${PV}.tar.gz \
 	file://lxc-0.9.0-disable-udhcp-from-busybox-template.patch \
+	file://lxc-0.9.0-enable-chroot-chpasswd-functionality-for-busybox-hosts.patch \
 	"
 SRC_URI[md5sum] = "8552a4479090616f4bc04d8473765fc9"
 SRC_URI[sha256sum] = "1e1767eae6cc5fbf892c0e193d25da420ba19f2db203716c38f7cdea3b654120"