#!/bin/sh | |
# Program Name: setup-zone-exclusive.sh | |
# Author: Alain Hoang | |
# Purpose: Wrapper around setting up an ipkg branded zone with | |
# an exclusive interface | |
# Notes: If you want DHCP you will need the script from the following URL | |
# http://www.linuxtopia.org/online_books/opensolaris_2008/SYSADV3/html/extkj.html | |
# Copy that to dhcp-client-event.sh | |
# | |
# Copyright (c) 2009, Alain Hoang | |
# | |
# Permission is hereby granted, free of charge, to any person obtaining a copy | |
# of this software and associated documentation files (the "Software"), to deal | |
# in the Software without restriction, including without limitation the rights | |
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
# copies of the Software, and to permit persons to whom the Software is | |
# furnished to do so, subject to the following conditions: | |
# | |
# The above copyright notice and this permission notice shall be included in | |
# all copies or substantial portions of the Software. | |
# | |
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
# THE SOFTWARE. | |
################################################ | |
# Change the following to match what is needed | |
################################################ | |
REAL_IF="bnx0" | |
TEMPLATE_ZONE="barebones" | |
################################################ | |
# Do not modify below | |
################################################ | |
if test $# -lt 2 | |
then | |
echo "Usage: $0 <new zone name> <network interface>" | |
exit 1 | |
fi | |
# Get command line args | |
NEW_ZONE_NAME=$1 | |
NET_IF=$2 | |
# Verify we can only run as root | |
ROOT_USER=0 | |
REAL_USER=`id -u` | |
if test ${ROOT_USER} -ne ${REAL_USER} | |
then | |
echo "This must be run as root. Exiting..." | |
exit 2 | |
fi | |
# Check to see if the zone name has already been taken | |
zone_prov=`zoneadm list -c | grep -c ${NEW_ZONE_NAME}` | |
if test ${zone_prov} -gt 0 | |
then | |
echo "Zone ${NEW_ZONE_NAME} seems to be already configured" | |
echo "Delete ${NEW_ZONE_NAME} [y/N]?" | |
read answer | |
case ${answer} in | |
y|Y*) | |
zonecfg -z ${NEW_ZONE_NAME} delete -F | |
;; | |
*) | |
echo "Zone already configured. Exiting..." | |
exit 3 | |
;; | |
esac | |
fi | |
# Test the virtual nic nam | |
vnic_on=`dladm show-link | grep -c ${NET_IF}` | |
vnic_check=`dladm show-vnic | sed -e '1d' | awk ' { print $1 } '` | |
if test ${vnic_on} -lt 1 | |
then | |
# Ask to create a virtual nic if it is not configured | |
# | |
# TODO: Ask user which physical interface to bind to | |
echo "Network interface ${NET_IF} does not seem exist" | |
echo "Create it [y/N]?" | |
read answer | |
case ${answer} in | |
y|Y*) | |
dladm create-vnic -l ${REAL_IF} ${NET_IF} | |
if test $? -ne 0 | |
then | |
echo "Create vnic operation failed! Exiting" | |
exit 5 | |
fi | |
;; | |
*) | |
echo "Network interface does not seem to exist" | |
exit 4 | |
;; | |
esac | |
else | |
# Check if the virtual nic is already in use by another zone | |
# and do nothing if so | |
no_zone='--' | |
zone_for_netif=`dladm show-linkprop ${NET_IF} | grep zone | awk ' { print $4 } '` | |
if test ${zone_for_netif} != ${no_zone} | |
then | |
echo "${NET_IF} is in use by ${zone_for_netif}. Choose another interface" | |
exit 5 | |
fi | |
fi | |
cat > ${NEW_ZONE_NAME}.zonecfg <<ZONECFG_FILE | |
create -b | |
set zonepath=/zones/${NEW_ZONE_NAME} | |
set brand=ipkg | |
set autoboot=false | |
set ip-type=exclusive | |
add net | |
set physical=${NET_IF} | |
end | |
ZONECFG_FILE | |
cat > ${NEW_ZONE_NAME}.sysidcfg <<SYSIDCFG_FILE | |
system_locale=C | |
terminal=xterms | |
network_interface=primary { | |
dhcp protocol_ipv6=yes | |
} | |
security_policy=NONE | |
timezone=Japan | |
SYSIDCFG_FILE | |
echo "============================" | |
echo "Configuring ${NEW_ZONE_NAME}..." | |
pfexec zonecfg -z ${NEW_ZONE_NAME} -f ${NEW_ZONE_NAME}.zonecfg | |
echo "" | |
echo "============================" | |
echo "Configuration for ${NEW_ZONE_NAME} is..." | |
pfexec zonecfg -z ${NEW_ZONE_NAME} export | |
echo "" | |
echo "============================" | |
echo "Cloning ${NEW_ZONE_NAME} from ${TEMPLATE_ZONE}..." | |
pfexec zoneadm -z ${NEW_ZONE_NAME} clone ${TEMPLATE_ZONE} | |
echo "" | |
echo "============================" | |
echo "Detaching ${NEW_ZONE_NAME} to autoconfigure..." | |
pfexec zoneadm -z ${NEW_ZONE_NAME} detach | |
echo "" | |
echo "============================" | |
echo "Copying ${NEW_ZONE_NAME}.sysidcfg into ${NEW_ZONE_NAME}..." | |
pfexec cp ${NEW_ZONE_NAME}.sysidcfg /zones/${NEW_ZONE_NAME}/root/etc/sysidcfg | |
echo "" | |
echo "============================" | |
echo "Conriguring root password for ${NEW_ZONE_NAME}..." | |
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/shadow /tmp/setupzone.$$ | |
pfexec grep -v root /tmp/setupzone.$$ > /tmp/setupzone2.$$ | |
pfexec echo 'root:$5$EVUu5LA8$jSAMMLX4DJDQ1tMAIoScYJp2f9EdETnxcIXa/BOLL8A:14146::::::' > /tmp/setupzone.$$ | |
pfexec cat /tmp/setupzone2.$$ >> /tmp/setupzone.$$ | |
pfexec mv /tmp/setupzone.$$ /zones/${NEW_ZONE_NAME}/root/etc/shadow | |
pfexec chmod 0400 /zones/${NEW_ZONE_NAME}/root/etc/shadow | |
echo "" | |
echo "============================" | |
echo "Setting NFSv4 domain for ${NEW_ZONE_NAME}..." | |
cat /zones/${NEW_ZONE_NAME}/root/etc/default/nfs | sed -e "s/\#NFSMAPID_DOMAIN\=domain/NFSMAPID_DOMAIN=zendo\.bebear\.net/" > /tmp/nfsconfig.$$ | |
pfexec mv /tmp/nfsconfig.$$ /zones/${NEW_ZONE_NAME}/root/etc/default/nfs | |
pfexec chmod 644 /zones/${NEW_ZONE_NAME}/root/etc/default/nfs | |
pfexec touch /zones/${NEW_ZONE_NAME}/root/etc/.NFS4inst_state.domain | |
echo "" | |
echo "============================" | |
echo "Removing .UNCONFIGURED for ${NEW_ZONE_NAME}..." | |
pfexec rm /zones/${NEW_ZONE_NAME}/root/etc/.UNCONFIGURED | |
echo "" | |
echo "============================" | |
echo "Setting up DHCP event hook into ${NEW_ZONE_NAME}..." | |
pfexec cp dhcp-client-event.sh /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook | |
pfexec chmod +x /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook | |
echo "" | |
echo "============================" | |
echo "Setting up nsswitch into ${NEW_ZONE_NAME}..." | |
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/nsswitch.dns \ | |
/zones/${NEW_ZONE_NAME}/root/etc/nsswitch.conf | |
echo "" | |
echo "============================" | |
echo "Re-attaching ${NEW_ZONE_NAME} to autoconfigure..." | |
pfexec zoneadm -z ${NEW_ZONE_NAME} attach | |
echo "" | |
echo "============================" | |
echo "Booting ${NEW_ZONE_NAME}..." | |
pfexec zoneadm -z ${NEW_ZONE_NAME} boot | |
echo "============================" | |
echo "sysidconfig on ${NEW_ZONE_NAME}..." | |
pfexec zlogin ${NEW_ZONE_NAME} sysidconfig | |
echo "============================" | |
echo "Plumbing ${NEW_ZONE_NAME}'s interface ..." | |
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} plumb | |
echo "============================" | |
echo "DHCPing ${NEW_ZONE_NAME}'s interface ..." | |
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} auto-dhcp | |
echo "" | |
echo "============================" | |
echo "Showing all configured zones" | |
zoneadm list -cv | |
echo "" | |
echo "============================" | |
echo "Finish the final setup with" | |
echo " pfexec zlogin -C ${NEW_ZONE_NAME}" | |
echo " pfexec zoneadm -z ${NEW_ZONE_NAME} boot" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment