=== removed directory 'container_template' === removed directory 'container_template/alpine' === removed directory 'container_template/alpine/etc' === removed file 'container_template/alpine/etc/hosts' --- old/container_template/alpine/etc/hosts 2021-11-25 21:50:06 +0000 +++ new/container_template/alpine/etc/hosts 1970-01-01 00:00:00 +0000 @@ -1,2 +0,0 @@ -127.0.0.1 localhost localhost.localdomain -::1 localhost localhost.localdomain === removed file 'container_template/alpine/etc/profile' --- old/container_template/alpine/etc/profile 2021-11-25 21:50:06 +0000 +++ new/container_template/alpine/etc/profile 1970-01-01 00:00:00 +0000 @@ -1,45 +0,0 @@ -# Append "$1" to $PATH when not already in. -# Copied from Arch Linux, see #12803 for details. -append_path () { - case ":$PATH:" in - *:"$1":*) - ;; - *) - PATH="${PATH:+$PATH:}$1" - ;; - esac -} - -append_path "/usr/local/sbin" -append_path "/usr/local/bin" -append_path "/usr/sbin" -append_path "/usr/bin" -append_path "/sbin" -append_path "/bin" -unset -f append_path - -export PATH -export PAGER=less -umask 022 - -# set up fallback default PS1 -: "${HOSTNAME:=$(hostname)}" -PS1='${HOSTNAME%%.*}:$PWD' -[ "$(id -u)" = "0" ] && PS1="${PS1}# " -[ "$(id -u)" = "0" ] || PS1="${PS1}\$ " - -# use nicer PS1 for bash and busybox ash -[ -n "$BASH_VERSION" -o "$BB_ASH_VERSION" ] && PS1='\h:\w\$ ' - -# use nicer PS1 for zsh -[ -n "$ZSH_VERSION" ] && PS1='%m:%~%# ' - -# export PS1 as before -export PS1 - -for script in /etc/profile.d/*.sh ; do - if [ -r "$script" ] ; then - . "$script" - fi -done -unset script === removed file 'container_template/alpine/etc/protocols' --- old/container_template/alpine/etc/protocols 2021-11-25 21:50:06 +0000 +++ new/container_template/alpine/etc/protocols 1970-01-01 00:00:00 +0000 @@ -1,64 +0,0 @@ -# Internet (IP) protocols -# -# Updated from http://www.iana.org/assignments/protocol-numbers and other -# sources. -# New protocols will be added on request if they have been officially -# assigned by IANA and are not historical. -# If you need a huge list of used numbers please install the nmap package. - -ip 0 IP # internet protocol, pseudo protocol number -hopopt 0 HOPOPT # IPv6 Hop-by-Hop Option [RFC1883] -icmp 1 ICMP # internet control message protocol -igmp 2 IGMP # Internet Group Management -ggp 3 GGP # gateway-gateway protocol -ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') -st 5 ST # ST datagram mode -tcp 6 TCP # transmission control protocol -egp 8 EGP # exterior gateway protocol -igp 9 IGP # any private interior gateway (Cisco) -pup 12 PUP # PARC universal packet protocol -udp 17 UDP # user datagram protocol -hmp 20 HMP # host monitoring protocol -xns-idp 22 XNS-IDP # Xerox NS IDP -rdp 27 RDP # "reliable datagram" protocol -iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905] -dccp 33 DCCP # Datagram Congestion Control Prot. [RFC4340] -xtp 36 XTP # Xpress Transfer Protocol -ddp 37 DDP # Datagram Delivery Protocol -idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport -ipv6 41 IPv6 # Internet Protocol, version 6 -ipv6-route 43 IPv6-Route # Routing Header for IPv6 -ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 -idrp 45 IDRP # Inter-Domain Routing Protocol -rsvp 46 RSVP # Reservation Protocol -gre 47 GRE # General Routing Encapsulation -esp 50 IPSEC-ESP # Encap Security Payload [RFC2406] -ah 51 IPSEC-AH # Authentication Header [RFC2402] -skip 57 SKIP # SKIP -ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 -ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 -ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 -rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB) -vmtp 81 VMTP # Versatile Message Transport -eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco) -ospf 89 OSPFIGP # Open Shortest Path First IGP -ax.25 93 AX.25 # AX.25 frames -ipip 94 IPIP # IP-within-IP Encapsulation Protocol -etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378] -encap 98 ENCAP # Yet Another IP encapsulation [RFC1241] -# 99 # any private encryption scheme -pim 103 PIM # Protocol Independent Multicast -ipcomp 108 IPCOMP # IP Payload Compression Protocol -vrrp 112 VRRP # Virtual Router Redundancy Protocol [RFC5798] -l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661] -isis 124 ISIS # IS-IS over IPv4 -sctp 132 SCTP # Stream Control Transmission Protocol -fc 133 FC # Fibre Channel -mobility-header 135 Mobility-Header # Mobility Support for IPv6 [RFC3775] -udplite 136 UDPLite # UDP-Lite [RFC3828] -mpls-in-ip 137 MPLS-in-IP # MPLS-in-IP [RFC4023] -manet 138 # MANET Protocols [RFC5498] -hip 139 HIP # Host Identity Protocol -shim6 140 Shim6 # Shim6 Protocol [RFC5533] -wesp 141 WESP # Wrapped Encapsulating Security Payload -rohc 142 ROHC # Robust Header Compression === removed file 'container_template/alpine/etc/services' --- old/container_template/alpine/etc/services 2021-11-25 21:50:06 +0000 +++ new/container_template/alpine/etc/services 1970-01-01 00:00:00 +0000 @@ -1,364 +0,0 @@ -# Network services, Internet style -# -# Note that it is presently the policy of IANA to assign a single well-known -# port number for both TCP and UDP; hence, officially ports have two entries -# even if the protocol doesn't support UDP operations. -# -# Updated from https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml . -# -# New ports will be added on request if they have been officially assigned -# by IANA and used in the real-world or are needed by a debian package. -# If you need a huge list of used numbers please install the nmap package. - -tcpmux 1/tcp # TCP port service multiplexer -echo 7/tcp -echo 7/udp -discard 9/tcp sink null -discard 9/udp sink null -systat 11/tcp users -daytime 13/tcp -daytime 13/udp -netstat 15/tcp -qotd 17/tcp quote -chargen 19/tcp ttytst source -chargen 19/udp ttytst source -ftp-data 20/tcp -ftp 21/tcp -fsp 21/udp fspd -ssh 22/tcp # SSH Remote Login Protocol -telnet 23/tcp -smtp 25/tcp mail -time 37/tcp timserver -time 37/udp timserver -whois 43/tcp nicname -tacacs 49/tcp # Login Host Protocol (TACACS) -tacacs 49/udp -domain 53/tcp # Domain Name Server -domain 53/udp -bootps 67/udp -bootpc 68/udp -tftp 69/udp -gopher 70/tcp # Internet Gopher -finger 79/tcp -http 80/tcp www # WorldWideWeb HTTP -kerberos 88/tcp kerberos5 krb5 kerberos-sec # Kerberos v5 -kerberos 88/udp kerberos5 krb5 kerberos-sec # Kerberos v5 -iso-tsap 102/tcp tsap # part of ISODE -acr-nema 104/tcp dicom # Digital Imag. & Comm. 300 -pop3 110/tcp pop-3 # POP version 3 -sunrpc 111/tcp portmapper # RPC 4.0 portmapper -sunrpc 111/udp portmapper -auth 113/tcp authentication tap ident -nntp 119/tcp readnews untp # USENET News Transfer Protocol -ntp 123/udp # Network Time Protocol -epmap 135/tcp loc-srv # DCE endpoint resolution -netbios-ns 137/udp # NETBIOS Name Service -netbios-dgm 138/udp # NETBIOS Datagram Service -netbios-ssn 139/tcp # NETBIOS session service -imap2 143/tcp imap # Interim Mail Access P 2 and 4 -snmp 161/tcp # Simple Net Mgmt Protocol -snmp 161/udp -snmp-trap 162/tcp snmptrap # Traps for SNMP -snmp-trap 162/udp snmptrap -cmip-man 163/tcp # ISO mgmt over IP (CMOT) -cmip-man 163/udp -cmip-agent 164/tcp -cmip-agent 164/udp -mailq 174/tcp # Mailer transport queue for Zmailer -xdmcp 177/udp # X Display Manager Control Protocol -bgp 179/tcp # Border Gateway Protocol -smux 199/tcp # SNMP Unix Multiplexer -qmtp 209/tcp # Quick Mail Transfer Protocol -z3950 210/tcp wais # NISO Z39.50 database -ipx 213/udp # IPX [RFC1234] -ptp-event 319/udp -ptp-general 320/udp -pawserv 345/tcp # Perf Analysis Workbench -zserv 346/tcp # Zebra server -rpc2portmap 369/tcp -rpc2portmap 369/udp # Coda portmapper -codaauth2 370/tcp -codaauth2 370/udp # Coda authentication server -clearcase 371/udp Clearcase -ldap 389/tcp # Lightweight Directory Access Protocol -ldap 389/udp -svrloc 427/tcp # Server Location -svrloc 427/udp -https 443/tcp # http protocol over TLS/SSL -https 443/udp # HTTP/3 -snpp 444/tcp # Simple Network Paging Protocol -microsoft-ds 445/tcp # Microsoft Naked CIFS -kpasswd 464/tcp -kpasswd 464/udp -submissions 465/tcp ssmtp smtps urd # Submission over TLS [RFC8314] -saft 487/tcp # Simple Asynchronous File Transfer -isakmp 500/udp # IPSEC key management -rtsp 554/tcp # Real Time Stream Control Protocol -rtsp 554/udp -nqs 607/tcp # Network Queuing system -asf-rmcp 623/udp # ASF Remote Management and Control Protocol -qmqp 628/tcp -ipp 631/tcp # Internet Printing Protocol -ldp 646/tcp # Label Distribution Protocol -ldp 646/udp -# -# UNIX specific services -# -exec 512/tcp -biff 512/udp comsat -login 513/tcp -who 513/udp whod -shell 514/tcp cmd syslog # no passwords used -syslog 514/udp -printer 515/tcp spooler # line printer spooler -talk 517/udp -ntalk 518/udp -route 520/udp router routed # RIP -gdomap 538/tcp # GNUstep distributed objects -gdomap 538/udp -uucp 540/tcp uucpd # uucp daemon -klogin 543/tcp # Kerberized `rlogin' (v5) -kshell 544/tcp krcmd # Kerberized `rsh' (v5) -dhcpv6-client 546/udp -dhcpv6-server 547/udp -afpovertcp 548/tcp # AFP over TCP -nntps 563/tcp snntp # NNTP over SSL -submission 587/tcp # Submission [RFC4409] -ldaps 636/tcp # LDAP over SSL -ldaps 636/udp -tinc 655/tcp # tinc control port -tinc 655/udp -silc 706/tcp -kerberos-adm 749/tcp # Kerberos `kadmin' (v5) -# -domain-s 853/tcp # DNS over TLS [RFC7858] -domain-s 853/udp # DNS over DTLS [RFC8094] -rsync 873/tcp -ftps-data 989/tcp # FTP over SSL (data) -ftps 990/tcp -telnets 992/tcp # Telnet over SSL -imaps 993/tcp # IMAP over SSL -pop3s 995/tcp # POP-3 over SSL -# -# From ``Assigned Numbers'': -# -#> The Registered Ports are not controlled by the IANA and on most systems -#> can be used by ordinary user processes or programs executed by ordinary -#> users. -# -#> Ports are used in the TCP [45,106] to name the ends of logical -#> connections which carry long term conversations. For the purpose of -#> providing services to unknown callers, a service contact port is -#> defined. This list specifies the port used by the server process as its -#> contact port. While the IANA can not control uses of these ports it -#> does register or list uses of these ports as a convienence to the -#> community. -# -socks 1080/tcp # socks proxy server -proofd 1093/tcp -rootd 1094/tcp -openvpn 1194/tcp -openvpn 1194/udp -rmiregistry 1099/tcp # Java RMI Registry -lotusnote 1352/tcp lotusnotes # Lotus Note -ms-sql-s 1433/tcp # Microsoft SQL Server -ms-sql-m 1434/udp # Microsoft SQL Monitor -ingreslock 1524/tcp -datametrics 1645/tcp old-radius -datametrics 1645/udp old-radius -sa-msg-port 1646/tcp old-radacct -sa-msg-port 1646/udp old-radacct -kermit 1649/tcp -groupwise 1677/tcp -l2f 1701/udp l2tp -radius 1812/tcp -radius 1812/udp -radius-acct 1813/tcp radacct # Radius Accounting -radius-acct 1813/udp radacct -cisco-sccp 2000/tcp # Cisco SCCP -nfs 2049/tcp # Network File System -nfs 2049/udp # Network File System -gnunet 2086/tcp -gnunet 2086/udp -rtcm-sc104 2101/tcp # RTCM SC-104 IANA 1/29/99 -rtcm-sc104 2101/udp -gsigatekeeper 2119/tcp -gris 2135/tcp # Grid Resource Information Server -cvspserver 2401/tcp # CVS client/server operations -venus 2430/tcp # codacon port -venus 2430/udp # Venus callback/wbc interface -venus-se 2431/tcp # tcp side effects -venus-se 2431/udp # udp sftp side effect -codasrv 2432/tcp # not used -codasrv 2432/udp # server port -codasrv-se 2433/tcp # tcp side effects -codasrv-se 2433/udp # udp sftp side effect -mon 2583/tcp # MON traps -mon 2583/udp -dict 2628/tcp # Dictionary server -f5-globalsite 2792/tcp -gsiftp 2811/tcp -gpsd 2947/tcp -gds-db 3050/tcp gds_db # InterBase server -icpv2 3130/udp icp # Internet Cache Protocol -isns 3205/tcp # iSNS Server Port -isns 3205/udp # iSNS Server Port -iscsi-target 3260/tcp -mysql 3306/tcp -ms-wbt-server 3389/tcp -nut 3493/tcp # Network UPS Tools -nut 3493/udp -distcc 3632/tcp # distributed compiler -daap 3689/tcp # Digital Audio Access Protocol -svn 3690/tcp subversion # Subversion protocol -suucp 4031/tcp # UUCP over SSL -sysrqd 4094/tcp # sysrq daemon -sieve 4190/tcp # ManageSieve Protocol -epmd 4369/tcp # Erlang Port Mapper Daemon -remctl 4373/tcp # Remote Authenticated Command Service -f5-iquery 4353/tcp # F5 iQuery -ipsec-nat-t 4500/udp # IPsec NAT-Traversal [RFC3947] -iax 4569/udp # Inter-Asterisk eXchange -mtn 4691/tcp # monotone Netsync Protocol -radmin-port 4899/tcp # RAdmin Port -sip 5060/tcp # Session Initiation Protocol -sip 5060/udp -sip-tls 5061/tcp -sip-tls 5061/udp -xmpp-client 5222/tcp jabber-client # Jabber Client Connection -xmpp-server 5269/tcp jabber-server # Jabber Server Connection -cfengine 5308/tcp -mdns 5353/udp # Multicast DNS -postgresql 5432/tcp postgres # PostgreSQL Database -freeciv 5556/tcp rptp # Freeciv gameplay -amqps 5671/tcp # AMQP protocol over TLS/SSL -amqp 5672/tcp -amqp 5672/sctp -x11 6000/tcp x11-0 # X Window System -x11-1 6001/tcp -x11-2 6002/tcp -x11-3 6003/tcp -x11-4 6004/tcp -x11-5 6005/tcp -x11-6 6006/tcp -x11-7 6007/tcp -gnutella-svc 6346/tcp # gnutella -gnutella-svc 6346/udp -gnutella-rtr 6347/tcp # gnutella -gnutella-rtr 6347/udp -redis 6379/tcp -sge-qmaster 6444/tcp sge_qmaster # Grid Engine Qmaster Service -sge-execd 6445/tcp sge_execd # Grid Engine Execution Service -mysql-proxy 6446/tcp # MySQL Proxy -babel 6696/udp # Babel Routing Protocol -ircs-u 6697/tcp # Internet Relay Chat via TLS/SSL -bbs 7000/tcp -afs3-fileserver 7000/udp -afs3-callback 7001/udp # callbacks to cache managers -afs3-prserver 7002/udp # users & groups database -afs3-vlserver 7003/udp # volume location database -afs3-kaserver 7004/udp # AFS/Kerberos authentication -afs3-volser 7005/udp # volume managment server -afs3-bos 7007/udp # basic overseer process -afs3-update 7008/udp # server-to-server updater -afs3-rmtsys 7009/udp # remote cache manager service -font-service 7100/tcp xfs # X Font Service -http-alt 8080/tcp webcache # WWW caching service -puppet 8140/tcp # The Puppet master service -bacula-dir 9101/tcp # Bacula Director -bacula-fd 9102/tcp # Bacula File Daemon -bacula-sd 9103/tcp # Bacula Storage Daemon -xmms2 9667/tcp # Cross-platform Music Multiplexing System -nbd 10809/tcp # Linux Network Block Device -zabbix-agent 10050/tcp # Zabbix Agent -zabbix-trapper 10051/tcp # Zabbix Trapper -amanda 10080/tcp # amanda backup services -dicom 11112/tcp -hkp 11371/tcp # OpenPGP HTTP Keyserver -db-lsp 17500/tcp # Dropbox LanSync Protocol -dcap 22125/tcp # dCache Access Protocol -gsidcap 22128/tcp # GSI dCache Access Protocol -wnn6 22273/tcp # wnn6 - -# -# Datagram Delivery Protocol services -# -rtmp 1/ddp # Routing Table Maintenance Protocol -nbp 2/ddp # Name Binding Protocol -echo 4/ddp # AppleTalk Echo Protocol -zip 6/ddp # Zone Information Protocol - -#========================================================================= -# The remaining port numbers are not as allocated by IANA. -#========================================================================= - -# Kerberos (Project Athena/MIT) services -kerberos4 750/udp kerberos-iv kdc # Kerberos (server) -kerberos4 750/tcp kerberos-iv kdc -kerberos-master 751/udp kerberos_master # Kerberos authentication -kerberos-master 751/tcp -passwd-server 752/udp passwd_server # Kerberos passwd server -krb-prop 754/tcp krb_prop krb5_prop hprop # Kerberos slave propagation -zephyr-srv 2102/udp # Zephyr server -zephyr-clt 2103/udp # Zephyr serv-hm connection -zephyr-hm 2104/udp # Zephyr hostmanager -iprop 2121/tcp # incremental propagation -supfilesrv 871/tcp # Software Upgrade Protocol server -supfiledbg 1127/tcp # Software Upgrade Protocol debugging - -# -# Services added for the Debian GNU/Linux distribution -# -poppassd 106/tcp # Eudora -moira-db 775/tcp moira_db # Moira database -moira-update 777/tcp moira_update # Moira update protocol -moira-ureg 779/udp moira_ureg # Moira user registration -spamd 783/tcp # spamassassin daemon -skkserv 1178/tcp # skk jisho server port -predict 1210/udp # predict -- satellite tracking -rmtcfg 1236/tcp # Gracilis Packeten remote config server -xtel 1313/tcp # french minitel -xtelw 1314/tcp # french minitel -zebrasrv 2600/tcp # zebra service -zebra 2601/tcp # zebra vty -ripd 2602/tcp # ripd vty (zebra) -ripngd 2603/tcp # ripngd vty (zebra) -ospfd 2604/tcp # ospfd vty (zebra) -bgpd 2605/tcp # bgpd vty (zebra) -ospf6d 2606/tcp # ospf6d vty (zebra) -ospfapi 2607/tcp # OSPF-API -isisd 2608/tcp # ISISd vty (zebra) -fax 4557/tcp # FAX transmission service (old) -hylafax 4559/tcp # HylaFAX client-server protocol (new) -munin 4949/tcp lrrd # Munin -rplay 5555/udp # RPlay audio service -nrpe 5666/tcp # Nagios Remote Plugin Executor -nsca 5667/tcp # Nagios Agent - NSCA -canna 5680/tcp # cannaserver -syslog-tls 6514/tcp # Syslog over TLS [RFC5425] -sane-port 6566/tcp sane saned # SANE network scanner daemon -ircd 6667/tcp # Internet Relay Chat -zope-ftp 8021/tcp # zope management by ftp -tproxy 8081/tcp # Transparent Proxy -omniorb 8088/tcp # OmniORB -clc-build-daemon 8990/tcp # Common lisp build daemon -xinetd 9098/tcp -git 9418/tcp # Git Version Control System -zope 9673/tcp # zope server -webmin 10000/tcp -kamanda 10081/tcp # amanda backup services (Kerberos) -amandaidx 10082/tcp # amanda backup services -amidxtape 10083/tcp # amanda backup services -sgi-cmsd 17001/udp # Cluster membership services daemon -sgi-crsd 17002/udp -sgi-gcd 17003/udp # SGI Group membership daemon -sgi-cad 17004/tcp # Cluster Admin daemon -binkp 24554/tcp # binkp fidonet protocol -asp 27374/tcp # Address Search Protocol -asp 27374/udp -csync2 30865/tcp # cluster synchronization tool -dircproxy 57000/tcp # Detachable IRC Proxy -tfido 60177/tcp # fidonet EMSI over telnet -fido 60179/tcp # fidonet EMSI over TCP - -# Local services === removed file 'container_template/alpine/etc/shells' --- old/container_template/alpine/etc/shells 2021-11-25 21:50:06 +0000 +++ new/container_template/alpine/etc/shells 1970-01-01 00:00:00 +0000 @@ -1,5 +0,0 @@ -# valid login shells -/bin/sh -/bin/ash -/bin/zsh -/bin/bash === modified file 'zsh-functions/confz_containers_init' --- old/zsh-functions/confz_containers_init 2021-11-25 21:50:06 +0000 +++ new/zsh-functions/confz_containers_init 2021-11-23 19:28:22 +0000 @@ -399,329 +399,67 @@ content=$vars[display_number] } -# --- new image constructor - -() { - local f - for f in $^fpath/confz_containers_init*(N); do - if [[ -d $f:h/container_template ]]; then - typeset -g container_template_dir=$f:h/container_template - break - fi - done -} - -confz_container_template_file_check() { - checkvars template name root - defvar uid 0 - defvar gid 0 - defvar mode 0644 - defvar target $vars[name] - - [[ -f $container_template_dir/$vars[template]/$vars[name] ]] \ - || die "Template file not found: $container_template_dir/$vars[template]/$vars[name]" - - [[ -f $vars[root]/$vars[target] ]] || return 1 - - require fs_m :mode filename=$vars[root]/$vars[target] - require fs_o owner=$vars[uid]:$vars[gid] filename=$vars[root]/$vars[target] -} -confz_container_template_file_do() { - cp -va $container_template_dir/$vars[template]/$vars[name] \ - $vars[root]/$vars[target] || die - chown $vars[uid]:$vars[gid] $vars[root]/$vars[target] || die - chmod $vars[mode] $vars[root]/$vars[target] || die -} - -confz_container_alpine_base_layout_check() { - checkvars root - defvar uid 0 - defvar gid 0 - - require fs_d filename="$vars[root]/dev" - require fs_m filename="$vars[root]/dev" mode=0755 - require fs_o filename="$vars[root]/dev" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/dev/pts" - require fs_m filename="$vars[root]/dev/pts" mode=0755 - require fs_o filename="$vars[root]/dev/pts" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/dev/shm" - require fs_m filename="$vars[root]/dev/shm" mode=0755 - require fs_o filename="$vars[root]/dev/shm" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/dev/syslog" - require fs_m filename="$vars[root]/dev/syslog" mode=0755 - require fs_o filename="$vars[root]/dev/syslog" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/etc" - require fs_m filename="$vars[root]/etc" mode=0755 - require fs_o filename="$vars[root]/etc" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/etc/apk" - require fs_m filename="$vars[root]/etc/apk" mode=0755 - require fs_o filename="$vars[root]/etc/apk" owner=$vars[uid]:$vars[gid] - - require fs_l filename="$vars[root]/etc/mtab" destination="/proc/mounts" - require fs_o filename="$vars[root]/etc/mtab" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/etc/profile.d" - require fs_m filename="$vars[root]/etc/profile.d" mode=0755 - require fs_o filename="$vars[root]/etc/profile.d" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/home" - require fs_m filename="$vars[root]/home" mode=0755 - require fs_o filename="$vars[root]/home" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/lib" - require fs_m filename="$vars[root]/lib" mode=0755 - require fs_o filename="$vars[root]/lib" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/lib/firmware" - require fs_m filename="$vars[root]/lib/firmware" mode=0755 - require fs_o filename="$vars[root]/lib/firmware" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/lib/mdev" - require fs_m filename="$vars[root]/lib/mdev" mode=0755 - require fs_o filename="$vars[root]/lib/mdev" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/opt" - require fs_m filename="$vars[root]/opt" mode=0755 - require fs_o filename="$vars[root]/opt" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/proc" - require fs_m filename="$vars[root]/proc" mode=0755 - require fs_o filename="$vars[root]/proc" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/root" - require fs_m filename="$vars[root]/root" mode=0700 - require fs_o filename="$vars[root]/root" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/run" - require fs_m filename="$vars[root]/run" mode=0755 - require fs_o filename="$vars[root]/run" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/sbin" - require fs_m filename="$vars[root]/sbin" mode=0755 - require fs_o filename="$vars[root]/sbin" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/srv" - require fs_m filename="$vars[root]/srv" mode=0755 - require fs_o filename="$vars[root]/srv" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/sys" - require fs_m filename="$vars[root]/sys" mode=0755 - require fs_o filename="$vars[root]/sys" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/tmp" - require fs_m filename="$vars[root]/tmp" mode=1777 - require fs_o filename="$vars[root]/tmp" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr" - require fs_m filename="$vars[root]/usr" mode=0755 - require fs_o filename="$vars[root]/usr" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/lib" - require fs_m filename="$vars[root]/usr/lib" mode=0755 - require fs_o filename="$vars[root]/usr/lib" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/local" - require fs_m filename="$vars[root]/usr/local" mode=0755 - require fs_o filename="$vars[root]/usr/local" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/local/bin" - require fs_m filename="$vars[root]/usr/local/bin" mode=0755 - require fs_o filename="$vars[root]/usr/local/bin" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/local/lib" - require fs_m filename="$vars[root]/usr/local/lib" mode=0755 - require fs_o filename="$vars[root]/usr/local/lib" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/local/share" - require fs_m filename="$vars[root]/usr/local/share" mode=0755 - require fs_o filename="$vars[root]/usr/local/share" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/sbin" - require fs_m filename="$vars[root]/usr/sbin" mode=0755 - require fs_o filename="$vars[root]/usr/sbin" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/share" - require fs_m filename="$vars[root]/usr/share" mode=0755 - require fs_o filename="$vars[root]/usr/share" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/share/man" - require fs_m filename="$vars[root]/usr/share/man" mode=0755 - require fs_o filename="$vars[root]/usr/share/man" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/usr/share/misc" - require fs_m filename="$vars[root]/usr/share/misc" mode=0755 - require fs_o filename="$vars[root]/usr/share/misc" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var" - require fs_m filename="$vars[root]/var" mode=0755 - require fs_o filename="$vars[root]/var" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/cache" - require fs_m filename="$vars[root]/var/cache" mode=0755 - require fs_o filename="$vars[root]/var/cache" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/cache/misc" - require fs_m filename="$vars[root]/var/cache/misc" mode=0755 - require fs_o filename="$vars[root]/var/cache/misc" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/empty" - require fs_m filename="$vars[root]/var/empty" mode=0555 - require fs_o filename="$vars[root]/var/empty" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/lib" - require fs_m filename="$vars[root]/var/lib" mode=0755 - require fs_o filename="$vars[root]/var/lib" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/lib/misc" - require fs_m filename="$vars[root]/var/lib/misc" mode=0755 - require fs_o filename="$vars[root]/var/lib/misc" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/local" - require fs_m filename="$vars[root]/var/local" mode=0755 - require fs_o filename="$vars[root]/var/local" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/lock" - require fs_m filename="$vars[root]/var/lock" mode=0755 - require fs_o filename="$vars[root]/var/lock" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/lock/subsys" - require fs_m filename="$vars[root]/var/lock/subsys" mode=0755 - require fs_o filename="$vars[root]/var/lock/subsys" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/log" - require fs_m filename="$vars[root]/var/log" mode=0755 - require fs_o filename="$vars[root]/var/log" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/mail" - require fs_m filename="$vars[root]/var/mail" mode=0755 - require fs_o filename="$vars[root]/var/mail" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/opt" - require fs_m filename="$vars[root]/var/opt" mode=0755 - require fs_o filename="$vars[root]/var/opt" owner=$vars[uid]:$vars[gid] - - require fs_l filename="$vars[root]/var/run" destination="../run" - require fs_o filename="$vars[root]/var/run" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/spool" - require fs_m filename="$vars[root]/var/spool" mode=0755 - require fs_o filename="$vars[root]/var/spool" owner=$vars[uid]:$vars[gid] - - require fs_d filename="$vars[root]/var/tmp" - require fs_m filename="$vars[root]/var/tmp" mode=1777 - require fs_o filename="$vars[root]/var/tmp" owner=$vars[uid]:$vars[gid] - -} - -confz_container_alpine_base_files_check() { - checkvars root mirror release repositories hostname locale - defvar uid 0 - defvar gid 0 - - local -a repositories=( $vars[mirror]/$vars[release]/${^=vars[repositories]} ) - require fs_contentnl filename="$vars[root]/etc/apk/repositories" \ - content="${(F)repositories}" - require fs_m filename="$vars[root]/etc/apk/repositories" mode=0644 - require fs_o filename="$vars[root]/etc/apk/repositories" owner=$vars[uid]:$vars[gid] - - require fs_contentnl filename="$vars[root]/etc/hostname" \ - content="$vars[hostname]" - require fs_m filename="$vars[root]/etc/hostname" mode=0644 - require fs_o filename="$vars[root]/etc/hostname" owner=$vars[uid]:$vars[gid] - - require container_template_file :uid :gid \ - template=alpine name=etc/hosts - - # require fs_contentnl filename="$vars[root]/etc/hosts" \ - # content=$'127.0.0.1\tlocalhost localhost.localdomain\n::1\tlocalhost localhost.localdomain' - # require fs_m filename="$vars[root]/etc/hosts" mode=0644 - # require fs_o filename="$vars[root]/etc/hosts" owner=$vars[uid]:$vars[gid] - - require fs_contentnl filename="$vars[root]/etc/motd" \ - content="Welcome to container image at ${(qqq)vars[root]}" - require fs_m filename="$vars[root]/etc/motd" mode=0644 - require fs_o filename="$vars[root]/etc/motd" owner=$vars[uid]:$vars[gid] - - require container_template_file :uid :gid \ - template=alpine name=etc/profile - - local -a locale_lines=( - "export CHARSET=${(q)vars[locale]}" - "export LANG=${(q)vars[locale]}" - "export LC_COLLATE=C" - ) - require fs_contentnl filename="$vars[root]/etc/profile.d/locale.sh" \ - content="${(F)locale_lines}" - require fs_m filename="$vars[root]/etc/profile.d/locale.sh" mode=0644 - require fs_o filename="$vars[root]/etc/profile.d/locale.sh" owner=$vars[uid]:$vars[gid] - - require container_template_file :uid :gid \ - template=alpine name=etc/protocols - - require container_template_file :uid :gid \ - template=alpine name=etc/services - - require container_template_file :uid :gid \ - template=alpine name=etc/shells - - # require fs_contentnl filename="$vars[root]/etc/shells" \ - # content=$'# valid login shells\n/bin/sh\n/bin/ash\n/bin/zsh\n/bin/bash\n/bin/mksh' - # require fs_m filename="$vars[root]/etc/shells" mode=0644 - # require fs_o filename="$vars[root]/etc/shells" owner=$vars[uid]:$vars[gid] - - # require fs_c filename="$vars[root]/etc/group" \ - # content="" - # require fs_m filename="$vars[root]/etc/group" mode=0644 - # require fs_o filename="$vars[root]/etc/group" owner=$vars[uid]:$vars[gid] - - # require fs_c filename="$vars[root]/etc/passwd" \ - # content="" - # require fs_m filename="$vars[root]/etc/passwd" mode=0644 - # require fs_o filename="$vars[root]/etc/passwd" owner=$vars[uid]:$vars[gid] - - # require fs_c filename="$vars[root]/etc/shadow" \ - # content="" - # require fs_m filename="$vars[root]/etc/shadow" mode=0640 - # require fs_o filename="$vars[root]/etc/shadow" owner=$vars[uid]:$vars[gid] - -} - -confz_container_alpine_apk_check() { - checkvars user root arch +# --- old + +confz_container_installed_alpine_check() { + checkvars container_root arch defvar keys_dir /etc/apk/keys - defvar apk_executable apk + defvar packages "alpine-base s6 s6-rc execline s6-portable-utils s6-linux-utils abduco" + defvar repositories 'http://dl-3.alpinelinux.org/alpine/edge/main http://dl-3.alpinelinux.org/alpine/edge/testing http://dl-3.alpinelinux.org/alpine/edge/community' + + require fs_d flags=p filename=$vars[container_root] + require container_dev_nodes :container_root + require container_alpine_base :container_root :arch :repositories :keys_dir + require container_alpine_configured :container_root :arch :repositories :keys_dir + local pkg + for pkg in $=vars[packages]; do + require container_alpine_package package=$pkg \ + :container_root :arch :repositories :keys_dir + done +} + +confz_container_alpine_configured_check() { + checkvars container_root arch keys_dir repositories + local R=$vars[container_root] + # local -a repos + # repos=( $=vars[repositories] ) + + require fs_d flags=p filename=$R/etc/apk + require fs_contentnl filename=$R/etc/apk/repositories \ + content=$vars[repositories] + require fs_contentnl filename=$R/etc/apk/arch \ + content=$vars[arch] +} + +confz_container_alpine_base_check() { + checkvars container_root arch keys_dir repositories do_command=( - s6-setuidgid $vars[user] - $vars[apk_executable] + apk --update-cache --initdb --arch $vars[arch] - --root $vars[root] + --root $vars[container_root] --keys-dir $vars[keys_dir] - add alpine-keys apk-tools busybox ) - [[ -f $vars[root]/sbin/apk ]] + local repo + for repo in "${(Q@)${(z)vars[repositories]}}"; do + do_command+=( --repository $repo ) + done + do_command+=( add alpine-keys alpine-base ) + grep -q '^alpine-keys$' $vars[container_root]/etc/apk/world && \ + grep -q '^alpine-base$' $vars[container_root]/etc/apk/world } -confz_container_alpine_image_check() { - checkvars containers_dir image_name arch - defvar mirror http://mirror.fit.cvut.cz/alpine - defvar release edge - defvar repositories main - defvar hostname $vars[root]:t - defvar locale C.UTF-8 - - local root=$vars[containers_dir]/systems/$vars[image_name] - - require container_sysroot_user %uid %gid :containers_dir :image_name - require container_alpine_base_layout :uid :gid root=$root - require container_alpine_base_files :uid :gid root=$root \ - :mirror :release :repositories :hostname :locale - require container_alpine_apk :arch \ - root=$root user=container-$vars[image_name] +confz_container_alpine_package_check() { + checkvars container_root arch keys_dir repositories package + do_command=( + apk + # --update-cache + # --initdb + --arch $vars[arch] + --root $vars[container_root] + --keys-dir $vars[keys_dir] + add $vars[package] + ) + grep -q '^'$vars[package]'$' $vars[container_root]/etc/apk/world } === modified file 'zsh-functions/confz_site_containers_init' --- old/zsh-functions/confz_site_containers_init 2021-11-25 21:50:06 +0000 +++ new/zsh-functions/confz_site_containers_init 2021-11-23 21:38:33 +0000 @@ -33,7 +33,7 @@ :containers_dir :svscan_dir :user } -confz_site_container_services_check() { +confz_site_containers_check() { defvar containers_dir /mnt/volumes/containers defvar svscan_dir /run/service require site_containers_user user=ccx :containers_dir :svscan_dir @@ -41,18 +41,6 @@ image_name=alpine-dev } -confz_site_container_images_check() { - defvar containers_dir /mnt/volumes/containers - require container_alpine_image -} - -confz_site_containers_check() { - defvar containers_dir /mnt/volumes/containers - defvar svscan_dir /run/service - require site_container_services :containers_dir :svscan_dir - require site_container_images :containers_dir -} - confz_container_sysroot_rundir_check() { checkvars container_root container_name tmp_dir require fs_contentnl filename=$vars[tmp_dir]/run/init \