Restructure, logging, initial systemd support, pre/post network scripts

8 years ago · 93cb488ffd
parent 5d68b86ffe
commit 93cb488ffd
46 changed files with 657 additions and 386 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 out/
 *.rpm
 *.deb
--- a/4
+++ b/4
@ -13,8 +13,8 @@ install=one-context.install
 md5sums=('')
 package() {
-    cp -rT ${srcdir}/addon-context-linux-${pkgver}/base_arch ${pkgdir}
+    cd ${srcdir}
-    cp -rT ${srcdir}/addon-context-linux-${pkgver}/base ${pkgdir}
+    TARGET=arch OUT=${pkgdir} ./generate.sh
    cp -rT ${pkgdir}/usr/sbin ${pkgdir}/usr/bin
    rm -rf ${pkgdir}/usr/sbin
 }
--- a/README.md
+++ b/README.md
@ -1,8 +1,8 @@
 # Linux VM Contextualization
-## Description
+These are the source of the contextualization packages used by VM to be
-
+configured with the information generated by OpenNebula. This add-on is
-These are the source of the contextualization packages used by VM to be configured with the information generated by OpenNebula.
+compatible with OpenNebula >= 4.6.
 ## Get packages
@ -11,7 +11,9 @@ Latest versions can be downloaded from the
 ## Development
-To contribute bug patches or new features, you can use the github Pull Request model. It is assumed that code and documentation are contributed under the Apache License 2.0.
+To contribute bug patches or new features, you can use the github Pull Request
 model. It is assumed that code and documentation are contributed under
 the Apache License 2.0.
 More info:
 * [How to Contribute](http://opennebula.org/addons/contribute/)
@ -19,91 +21,126 @@ More info:
 * Development: [OpenNebula developers forum](https://forum.opennebula.org/c/development)
 * Issues Tracking: Github issues (https://github.com/OpenNebula/addon-context-linux/issues)
-## Authors
+### Repository structure
-* Leader: Javier Fontan (jfontan@opennebula.org)
+All code is located under `src/` and structure follows the installation
 directory structure. Files for different environments/targets are picked
 by the tag, tags are part of the filename separated from the installation
 name by 2 hashes (`##`). Tags are dot-separated.
-## Compatibility
+Examples:
-This add-on is compatible with OpenNebula >= 4.6.
+* `script` - non-tagged file for all targets
 * `script##systemd` - file tagged with **systemd**
 * `script##systemd.rpm` - file tagged with **systemd** and **rpm**
-## Requirements
+### Contextualization scripts
-  * Ruby >= 1.8.7
+Contextualization scripts, which are executed on every boot and during
-  * gem fpm
+the reconfiguration, are located in `src/etc/one-context.d/`. Scripts are
-  * dpkg utils for deb package creation
+divided into following 2 parts:
  * rpm utils for rpm package creation
-On Ubuntu/Debian you can install the package `rpm` and you will be able to generate both rpm and deb packages.
+* local - pre-networking, prefixed with `loc-`
 * post-networking, prefixed with `net-`
-## Use
+All other scripts, which are not prefixed with `loc-` or `net-`, are
 executed as a first during the post-networking contextualization stage.
-### Package Description
+## Build own package
-Here are located the files needed to generate OpenNebula contextualization packages. The packages generated contain these files:
+Package contains following parts:
-* `/etc/udev/rules.d/*`     These files disable the udev network an cdrom
+* main control scripts (`/usr/sbin/one-context*`)
-                            generation
+* contextualization scripts (`/etc/one-context.d/*`)
-* `/etc/init.d/vmcontext`   This is the startup script that will try to mount
+* init scripts to start the contextualization
-                            context cdrom, load contextualizaton variables,
+* OneGate scripts (`/usr/bin/one-gate*`)
-                            call scripts in the contextualization scripts
+* udev rules to trigger reconfiguration on NIC hotplug
                            directory and call init.sh if it exists in the
                            context cd.
 * `/etc/one-context.d/*`    This directory holds the scripts that will be
                            called by vmcontext script. They should be named
                            starting with a number so they are called in order.
-By default only the network configuration context script is included in the
+Other actions include:
 packages. These scripts are different for rpm and deb based distributions and
 are located in `base_<deb|rpm>` directories.
-The packages also have a post-install script that does these steps:
+* delete persistent cd and net rules from /etc/udev/rules.d
 * delete network configuration files
-  * Delete persistent cd and net rules from /etc/udev/rules.d
+### Requirements
  * Links vmcontext script to /etc/rc<runlevel>.d
  * Deletes network configuration files
-### Package Generation
+  * Ruby >= 1.8.7
  * gem fpm
  * dpkg utils for deb package creation
  * rpm utils for rpm package creation
-The script `generator.sh` generates both deb and rpm packages and can be configured to include more files in the package or change some of its parameters.
+On Ubuntu/Debian you can install the package `rpm` and you will be able
 to generate both rpm and deb packages.
 ### Steps
 The script `generate.sh` is able to create both **deb** and **rpm** packages
 and can be configured to include more files in the package or change some of
 its parameters. Package type and content are configured by the env. variable
 `TARGET`, the corresponding target must be defined in `target.sh`. Target
 describes the package format, name, dependencies, and files. Files are
 selected by the tags. Set of required tags is defined for the target
 (in `targets.sh`), each file has a list of corresponding tags right in its
 filename (divided by the regular name by 2 hashes `##`, dot-separated).
 On start it creates a temporary directory and copies there:
-  * `base` directory
+  * All files tagged with no, some (but only from TARGET set) or all tags.
  * `base_<deb|rpm>` directory
  * Any file or directory from the arguments.
 Then these files are included in the package.
 The default parameters to create a package are as follows:
-    VERSION=1.0.1
+```
-    MAINTAINER=OpenNebula Systems <support@opennebula.systems>
+VERSION=1.0.1
-    LICENSE=Apache
+RELEASE=1
-    PACKAGE_NAME=one-context
+MAINTAINER="OpenNebula Systems <support@opennebula.systems>"
-    VENDOR=OpenNebula Systems
+LICENSE="Apache 2.0"
-    DESCRIPTION="
+VENDOR="OpenNebula Systems"
-    This package prepares a VM image for OpenNebula:
+DESCRIPTION="
 This package prepares a VM image for OpenNebula:
  * Disables udev net and cd persistent rules
  * Deletes udev net and cd persistent rules
  * Unconfigures the network
  * Adds OpenNebula contextualization scripts to startup
-    To get support use the OpenNebula mailing list:
+To get support use the OpenNebula mailing list:
-      http://opennebula.org/community:mailinglists
+  http://OpenNebula.org
-    "
+"
-    PACKAGE_TYPE=deb
+URL=http://opennebula.org
-    URL=http://opennebula.org
+```
-
+
-You can change any parameter setting an environment variable with the same name. For example, to generate an rpm package with a different package name:
+A target contains following parameters, e.g. **el7** target:
-
+
-    $ PACKAGE_TYPE=rpm PACKAGE_NAME=my-context ./generate.sh
+```
-
+NAME=one-context
-You can also include new files. This is handy to, for example, include new scripts executed to contextualize an image. For example, we can have an script that install a user ssh key. We will create the file hierarchy that will go inside the package in a directory:
+RELSUFFIX=.el7
-
+TYPE=rpm
-    $ mkdir -p ssh/etc/one-context.d
+TAGS="rpm systemd one"
-    $ cp <our-ssh-script> ssh/etc/one-context.d/01-ssh-key
+DEPENDS="util-linux bind-utils cloud-utils-growpart ruby rubygem-json"
-    $ ./generate.sh ssh/etc
+REPLACES="cloud-init"
 POSTIN=postinstall.one
 PREUN=preuninstall.one
 ```
 You can change any parameter setting an environment variable with the same name.
 For example, to generate an **el7 rpm** package with a different package name:
 ```
 $ TARGET=el7 NAME=my-one-context ./generate.sh
 ```
 You can also include new files. This is handy to include new scripts executed
 to contextualize an image. For example, we can have a script that installs
 a user ssh key. We will create the file hierarchy that will go inside
 the package in a directory:
 ```
 $ mkdir -p ssh/etc/one-context.d
 $ cp <our-ssh-script> ssh/etc/one-context.d/loc-01-ssh-key
 $ TARGET=el7 ./generate.sh ssh/etc
 ```
 NOTE: The generator must be executed from the same directory it resides.
 ## Authors
 * Leader: Javier Fontan (jfontan@opennebula.org)
--- a/base/usr/sbin/one-contextd
+++ b/base/usr/sbin/one-contextd
@ -1,120 +0,0 @@
 #!/bin/bash
 #
 # -------------------------------------------------------------------------- #
 # Copyright 2010-2016, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
 # a copy of the License at                                                   #
 #                                                                            #
 # http://www.apache.org/licenses/LICENSE-2.0                                 #
 #                                                                            #
 # Unless required by applicable law or agreed to in writing, software        #
 # distributed under the License is distributed on an "AS IS" BASIS,          #
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 LOCK_FILE="/var/run/one-context.lock"
 CONTEXT_FILE="/tmp/context.sh"
 CONTEXT_NEW="${CONTEXT_FILE}.new"
 END_CONTEXT="/tmp/context.end"
 function export_rc_vars
 {
    if [ -f $1 ] ; then
        ONE_VARS=`cat $1 | egrep -e '^[a-zA-Z\-\_0-9]*=' | sed 's/=.*$//'`
        . $1
        for v in $ONE_VARS; do
            export $v
        done
    fi
 }
 function execute_scripts {
    SCRIPTS_DIR="/etc/one-context.d"
    for script in $SCRIPTS_DIR/*; do
        "$script" "$1"
    done
 }
 function vmware_context {
    if type vmtoolsd ; then
        if vmtoolsd --cmd 'info-get guestinfo.opennebula.context' >/dev/null 2>&1 ; then
            return 0
        fi
    fi
    return 1
 }
 function get_new_context {
    CONTEXT_DEV=`blkid -l -t LABEL="CONTEXT" -o device`
    if [ -e "$CONTEXT_DEV" ]; then
        mount -t iso9660 -L CONTEXT -o ro /mnt
        if [ -f /mnt/context.sh ]; then
            cp /mnt/context.sh ${CONTEXT_NEW}
        fi
        echo "umount /mnt" > ${END_CONTEXT}
    elif vmware_context ; then
        vmtoolsd --cmd 'info-get guestinfo.opennebula.context' | \
            openssl base64 -d > ${CONTEXT_NEW}
    elif curl -o ${CONTEXT_NEW} http://169.254.169.254/latest/user-data ; then
        echo -n ""
    fi
 }
 function check_context {
    if [ -s "${CONTEXT_NEW}" ]; then
        diff ${CONTEXT_FILE} ${CONTEXT_NEW} >/dev/null 2>&1 && return 1
        return 0
    else
        return 1
    fi
 }
 function run_context {
    cp ${CONTEXT_NEW} ${CONTEXT_FILE}
    export_rc_vars ${CONTEXT_FILE}
    execute_scripts "$1"
 }
 function end_context {
    if [ -e "${END_CONTEXT}" ]; then
        sh "${END_CONTEXT}"
        rm "${END_CONTEXT}"
    fi
    [ -e "${CONTEXT_NEW}" ] && rm "${CONTEXT_NEW}"
 }
 function acquire_lock {
    while true; do
        if mkdir "${LOCK_FILE}" 2>/dev/null; then
            trap 'cleanup' EXIT
            break
        fi
        sleep 1
    done
 }
 function release_lock {
    rm -rf "${LOCK_FILE}"
 }
 function cleanup {
    end_context
    release_lock
 }
 COMMAND="$1"
 acquire_lock
 get_new_context
 check_context && run_context "$COMMAND"
--- a/base_arch/etc/one-context.d/15-hostname
+++ b/base_arch/etc/one-context.d/15-hostname
@ -1,112 +0,0 @@
 #!/bin/bash
 function set_hostname() {
    hostname=$1
    if [ -d /run/systemd/system/ ]; then
        hostnamectl set-hostname --static "${hostname}"
    else
        if [ -f /etc/sysconfig/network ]; then
            sed -i '/^HOSTNAME=.*$/d' /etc/sysconfig/network
            echo "HOSTNAME=${hostname}" >>/etc/sysconfig/network
        else
            echo "${hostname}" >/etc/hostname
        fi
        hostname "${hostname}"
    fi
 }
 function set_domainname() {
    domain=$1
    sed -i '/^domain .*/d' /etc/resolv.conf
    echo "domain ${domain}" >>/etc/resolv.conf
 }
 function get_first_ip() {
    hostname -I | cut -d' ' -f1
 }
 function get_dns_name() {
    text=$(LC_ALL=C host "$1" 2>/dev/null)
    [ $? = 0 ] || exit 0
    [[ $text == *"has no PTR record" ]] && exit 0
    name=$(echo "$text" | awk '/(has address|name pointer)/ {print $(NF)}' | sed 's/\.$//')
    echo $name
 }
 function update_hosts() {
    ip=$1
    name=$2
    hostname=$3
    if [ "x${hostname}" = "x${name}" ]; then
        hosts="${name}"
    else
        hosts="${name} ${hostname}"
    fi
    note='# one-contextd'
    entry="${ip}\t${hosts}\t\t${note}"
    # update our old entry
    if grep -qi "${note}" /etc/hosts; then
        sed -i -e "s/^.*${note}\$/${entry}/" /etc/hosts
    # update entry with same IP (but not localhost)
    elif grep -E "^${ip}\s" /etc/hosts | grep -qv localhost; then
        sed -i -e "/localhost/! s/^${ip}\s.*\$/${entry}/" /etc/hosts
    # update entry with same name
    elif grep -qE "\s${name}(\s|#|\$)" /etc/hosts; then
        sed -i -re "s/^.*\s${name}([ #\t].*|$)/${entry}/" /etc/hosts
    # create new entry
    elif [ -f /etc/hosts ]; then
        sed -i -e "1s/^/${entry}\n/" /etc/hosts
    else
        echo -e "${entry}" >>/etc/hosts
    fi
 }
 #####
 first_ip=$(get_first_ip)
 if [ -n "$SET_HOSTNAME" ]; then
    name=$(echo "$SET_HOSTNAME" | \
        sed -e 's/[^-a-zA-Z0-9\.]/-/g' -e 's/^-*//g' -e 's/-*$//g')
 elif [ -n "$DNS_HOSTNAME" ]; then
    name=$(get_dns_name "${first_ip}")
 fi
 if [ -n "${name}" ]; then
    # split host and domain names
    hostname=${name%%.*}
    domain=${name#*.}
    if [ "x${domain}" = "x${hostname}" ]; then
        domain=''
    fi
    set_hostname "${hostname}"
    if [ -n "${domain}" ]; then
        set_domainname "${domain}"
    fi
    if [ -n "${DNS_HOSTNAME}" ]; then
        host_ip=$first_ip
    else
        # If selected hostname resolves on first IP,
        # use first IP for local hostname in /etc/hosts.
        # Otherwise use loopback IP.
        name_ip=$(get_dns_name "${name}")
        if [ "x${first_ip}" = "x${name_ip}" ]; then
            host_ip=$first_ip
        elif [ -f /etc/debian_version ]; then
            host_ip='127.0.1.1'
        else
            host_ip='127.0.0.1'
        fi
    fi
    if [ -n "${host_ip}" ]; then
        update_hosts "${host_ip}" "${name}" "${hostname}"
    fi
 fi
--- a/generate-all.sh
+++ b/generate-all.sh
@ -1,7 +1,9 @@
-ENVIRONMENT=one PACKAGE_TYPE=deb ./generate.sh
+TARGETS='el6 el6_ec2 el7 el7_ec2 deb deb_ec2'
-ENVIRONMENT=one PACKAGE_TYPE=rpm ./generate.sh
+
-ENVIRONMENT=ec2 PACKAGE_TYPE=deb ./generate.sh
+set -e
-ENVIRONMENT=ec2 PACKAGE_TYPE=rpm ./generate.sh
+for TARGET in $TARGETS; do
 	TARGET="${TARGET}" ./generate.sh
 done
 echo
 echo "The packages are here:"
--- a/generate.sh
+++ b/generate.sh
@ -1,7 +1,7 @@
 #!/bin/bash
 # -------------------------------------------------------------------------- #
-# Copyright 2010-2016, OpenNebula Systems                                    #
+# Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@ -16,18 +16,19 @@
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
-ENVIRONMENT=${ENVIRONMENT:-one}
+if [ -z "${TARGET}" ]; then
-
+    echo 'Error: env. variable TARGET not set' >&2
-if [ $ENVIRONMENT != "one" ]; then
+    exit 1
    DEFAULT_NAME="one-context-$ENVIRONMENT"
 else
    DEFAULT_NAME="one-context"
 fi
 set -e
 source targets.sh
 set +e
 VERSION=${VERSION:-5.0.3}
 RELEASE=${RELEASE:-1}
 MAINTAINER=${MAINTAINER:-OpenNebula Systems <support@opennebula.systems>}
 LICENSE=${LICENSE:-Apache 2.0}
 PACKAGE_NAME=${PACKAGE_NAME:-$DEFAULT_NAME}
 VENDOR=${VENDOR:-OpenNebula Systems}
 SUMMARY="OpenNebula Contextualization Package"
 DESC="
@ -47,45 +48,72 @@ To get support check the OpenNebula web page:
  http://OpenNebula.org
 "
 DESCRIPTION=${DESCRIPTION:-$DESC}
 PACKAGE_TYPE=${PACKAGE_TYPE:-deb}
 URL=${URL:-http://opennebula.org}
 RELEASE_FULL="${RELEASE}${RELSUFFIX}"
-[ $PACKAGE_TYPE = rpm ] && PKGARGS="--rpm-os linux"
+if [ "${TYPE}" = 'deb' ]; then
-
+    FILENAME="${NAME}_${VERSION}-${RELEASE_FULL}.${TYPE}"
 SCRIPTS_DIR=$PWD
 NAME="${PACKAGE_NAME}_${VERSION}.${PACKAGE_TYPE}"
 rm -f $NAME
 rm -rf tmp
 mkdir tmp
 cp -r base/* tmp
 test -d base.$ENVIRONMENT && cp -r base.$ENVIRONMENT/* tmp
 cp -r base_$PACKAGE_TYPE/* tmp
 test -d base_$PACKAGE_TYPE.$ENVIRONMENT && \
    cp -r base_$PACKAGE_TYPE.$ENVIRONMENT/* tmp
 for i in $*; do
  cp -r "$i" tmp
 done
 if [ -f "postinstall.$ENVIRONMENT" ]; then
    POSTINSTALL="postinstall.$ENVIRONMENT"
 else
-    POSTINSTALL="postinstall.one"
+    FILENAME="${NAME}-${VERSION}-${RELEASE_FULL}.noarch.${TYPE}"
 fi
-cd tmp
+###
 set -e
 BUILD_DIR=$(mktemp -d)
 trap "rm -rf ${BUILD_DIR}" EXIT
 while IFS= read -r -d $'\0' SRC; do
    F_TAGS=${SRC##*##}
    if [ "x${SRC}" != "x${F_TAGS}" ]; then
        for F_TAG in $(echo ${F_TAGS} | sed -e 's/\./ /g'); do
            for TAG in ${TAGS}; do
                if [ "${F_TAG}" = "${TAG}" ]; then
                    continue 2 # tag matches, continue with next tag
                fi
            done
            continue 2 # tags not maching, skip this file
        done
    fi
    # file matches 
    DST=${SRC%##*} #strip tags
    mkdir -p "${BUILD_DIR}/$(dirname "${DST}")"
    cp "src/${SRC}" "${BUILD_DIR}/${DST}"
 done < <(cd src/ &&  find . -type f -print0)
 for F in $@; do
    cp -r "$F" "${BUILD_DIR}/"
 done
-mkdir -p "$SCRIPTS_DIR/out"
+# fix permissions and set umask for fpm
-rm -f "$SCRIPTS_DIR/out/$NAME"
+find "${BUILD_DIR}/" -perm -u+r -exec chmod go+r {} \;
 find "${BUILD_DIR}/" -perm -u+x -exec chmod go+x {} \;
 umask 0022
-fpm -n "$PACKAGE_NAME" -t "$PACKAGE_TYPE" $PKGARGS -s dir --vendor "$VENDOR" \
+# cleanup
-    --license "$LICENSE" --description "$DESCRIPTION" --url "$URL" \
+if [ -z "${OUT}" ]; then
-    -m "$MAINTAINER" -v "$VERSION" --after-install $SCRIPTS_DIR/$POSTINSTALL \
+    OUT="out/${FILENAME}"
-    -a all -p $SCRIPTS_DIR/out/$NAME --rpm-summary "$SUMMARY" *
+    mkdir -p $(dirname "${OUT}")
    rm -rf "${OUT}"
 fi
-echo $NAME
+if [ "${TYPE}" = 'dir' ]; then
    cp -rT "${BUILD_DIR}" "${OUT}"
 else
    fpm --name "${NAME}" --version "${VERSION}" --iteration "${RELEASE_FULL}" \
        --architecture all --license "${LICENSE}" \
        --vendor "${VENDOR}" --maintainer "${MAINTAINER}" \
        --description "${DESCRIPTION}" --url "${URL}" \
        --output-type "${TYPE}" --input-type dir --chdir "${BUILD_DIR}" \
        ${POSTIN:+ --after-install ${POSTIN}} \
        ${PREUN:+ --before-remove ${PREUN}} \
        --rpm-os linux \
        --rpm-summary "${SUMMARY}" \
        ${DEPENDS:+ --depends ${DEPENDS// / --depends }} \
        --replaces "${REPLACES}" \
        --package "${OUT}"
 fi
 echo $(basename ${OUT})
--- a/postinstall.ec2
+++ b/postinstall.ec2
@ -1,7 +1,7 @@
 #!/bin/bash
 # -------------------------------------------------------------------------- #
-# Copyright 2010-2016, OpenNebula Systems                                    #
+# Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
--- a/postinstall.one
+++ b/postinstall.one
@ -1,7 +1,7 @@
 #!/bin/bash
 # -------------------------------------------------------------------------- #
-# Copyright 2010-2016, OpenNebula Systems                                    #
+# Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@ -20,13 +20,26 @@ rm -f /etc/udev/rules.d/70-persistent-cd.rules
 rm -f /etc/udev/rules.d/70-persistent-net.rules
 # Reload udev rules
-udevadm control --reload
+udevadm control --reload >/dev/null 2>&1 || :
-# Debian based distros
+# Register service
-if [ -d /etc/network ]; then
+if [ -f /etc/init.d/vmcontext ]; then
-    # Register Service
+    if [ -d /etc/sysconfig/network-scripts ]; then
        chkconfig --add vmcontext
    elif [ -d /etc/network ]; then
        update-rc.d vmcontext defaults 9 99
    else
        echo 'WARNING: Contextualization service not enabled' >&2
    fi
 elif [ -d /run/systemd/system/ ]; then
    systemctl enable one-context-local.service
    systemctl enable one-context.service
 else
    echo 'WARNING: Contextualization service not enabled' >&2
 fi
 # Debian based distros
 if [ -d /etc/network ]; then
    # Prepare network files
    cp /etc/network/interfaces /etc/network/interfaces.$(date "+%s")
    cat > /etc/network/interfaces <<EOT
@ -55,9 +68,6 @@ fi
 # RedHat based distros
 if [ -d /etc/sysconfig/network-scripts ]; then
    # Register Service
    chkconfig --add vmcontext
    # Prepare network files
    rm -f /etc/sysconfig/network-scripts/ifcfg-eth*
 fi
--- a/base.one/usr/sbin/one-context-reconfigure
+++ b/base.one/usr/sbin/one-context-reconfigure
@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 # -------------------------------------------------------------------------- #
-# Copyright 2010-2016, OpenNebula Systems                                    #
+# Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@ -15,19 +15,3 @@
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 # Set PATH
 export PATH=/sbin:/bin:/usr/sbin:/usr/bin
 (
 echo "Waiting one minute to reconfigure the machine"
 sleep 60
 echo "Reconfiguring"
 /usr/sbin/one-contextd reconfigure
 ) >> /tmp/context.log 2>&1
--- a/preuninstall.one
+++ b/preuninstall.one
@ -0,0 +1,24 @@
 #!/bin/bash
 # -------------------------------------------------------------------------- #
 # Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
 # a copy of the License at                                                   #
 #                                                                            #
 # http://www.apache.org/licenses/LICENSE-2.0                                 #
 #                                                                            #
 # Unless required by applicable law or agreed to in writing, software        #
 # distributed under the License is distributed on an "AS IS" BASIS,          #
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 # Unregister service
 if [ -d /run/systemd/system/ ]; then
    /bin/systemctl --no-reload disable one-context-local.service one-context.service >/dev/null 2>&1 || :
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
 fi
--- a/src/etc/default/grub.d/99-opennebula-settings.cfg##deb.one
+++ b/src/etc/default/grub.d/99-opennebula-settings.cfg##deb.one
--- a/src/etc/init.d/vmcontext##deb
+++ b/src/etc/init.d/vmcontext##deb
--- a/src/etc/init.d/vmcontext##rpm.sysv.ec2
+++ b/src/etc/init.d/vmcontext##rpm.sysv.ec2
--- a/src/etc/init.d/vmcontext##rpm.sysv.one
+++ b/src/etc/init.d/vmcontext##rpm.sysv.one
--- a/src/etc/one-context.d/loc-05-grow-rootfs##one
+++ b/src/etc/one-context.d/loc-05-grow-rootfs##one
--- a/src/etc/one-context.d/loc-10-network##arch
+++ b/src/etc/one-context.d/loc-10-network##arch
--- a/src/etc/one-context.d/loc-10-network##deb.one
+++ b/src/etc/one-context.d/loc-10-network##deb.one
@ -16,6 +16,8 @@
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 COMMAND=${1}
 # Gets IP address from a given MAC
 mac2ip() {
    mac=$1
--- a/src/etc/one-context.d/loc-10-network##rpm.one
+++ b/src/etc/one-context.d/loc-10-network##rpm.one
@ -16,6 +16,8 @@
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 COMMAND=${1}
 # Gets IP address from a given MAC
 mac2ip() {
    mac=$1
@ -195,7 +197,9 @@ configure_network()
 {
    gen_network_configuration
    if ! [ -d /run/systemd/system/ ] || [ "${COMMAND}" = 'reconfigure' ]; then
        service network restart
    fi
    sleep 2
 }
--- a/src/etc/one-context.d/loc-10-network-pci##one
+++ b/src/etc/one-context.d/loc-10-network-pci##one
--- a/src/etc/one-context.d/loc-11-dns##one
+++ b/src/etc/one-context.d/loc-11-dns##one
--- a/src/etc/one-context.d/loc-14-mount-swap##one
+++ b/src/etc/one-context.d/loc-14-mount-swap##one
--- a/src/etc/one-context.d/loc-16-gen-env
+++ b/src/etc/one-context.d/loc-16-gen-env
@ -1,8 +1,8 @@
 #!/bin/bash
-ENV_FILE="/tmp/one_env"
+ENV_FILE=/var/run/one-context/one_env
-
+MOUNT_DIR=${MOUNT_DIR:-/mnt}
-TOKENTXT=$(cat /mnt/token.txt)
+TOKENTXT=$(cat "${MOUNT_DIR}/token.txt")
 if [ -n "$ONEGATE_TOKEN" ]; then
    TOKENTXT="$ONEGATE_TOKEN"
@ -25,7 +25,7 @@ function export_rc_vars
  fi
 }
-export_rc_vars /tmp/context.sh
+export_rc_vars ${CONTEXT_FILE}
 chown root:root $ENV_FILE
 chmod a+r $ENV_FILE
--- a/src/etc/one-context.d/loc-20-set-username-password
+++ b/src/etc/one-context.d/loc-20-set-username-password
--- a/src/etc/one-context.d/loc-22-ssh_public_key
+++ b/src/etc/one-context.d/loc-22-ssh_public_key
--- a/src/etc/one-context.d/loc-23-selinux-ssh##rpm
+++ b/src/etc/one-context.d/loc-23-selinux-ssh##rpm
--- a/src/etc/one-context.d/net-11-fix-loopback##one
+++ b/src/etc/one-context.d/net-11-fix-loopback##one
--- a/src/etc/one-context.d/net-12-ssh_host_key##deb
+++ b/src/etc/one-context.d/net-12-ssh_host_key##deb
--- a/src/etc/one-context.d/net-15-hostname##one
+++ b/src/etc/one-context.d/net-15-hostname##one
--- a/src/etc/one-context.d/net-97-start-script
+++ b/src/etc/one-context.d/net-97-start-script
@ -1,8 +1,8 @@
 #!/bin/bash
-MOUNT_DIR=/mnt
+MOUNT_DIR=${MOUNT_DIR:-/mnt}
-TMP_DIR=/tmp/one-context-tmp
+TMP_DIR=$(mktemp -d "${RUNTIME_DIR:-/tmp}.XXXX")
-TMP_FILE=$TMP_DIR/one-start-script
+TMP_FILE="${TMP_DIR}/one-start-script"
 START_SCRIPT_AVAILABLE=no
 mkdir -p $TMP_DIR
@ -22,3 +22,4 @@ if [ "$START_SCRIPT_AVAILABLE" = "yes" ]; then
    $TMP_FILE
 fi
 rm -rf ${TMP_DIR}
--- a/src/etc/one-context.d/net-98-execute-scripts
+++ b/src/etc/one-context.d/net-98-execute-scripts
@ -1,7 +1,7 @@
 #!/bin/bash
-MOUNT_DIR=/mnt
+MOUNT_DIR=${MOUNT_DIR:-/mnt}
-TMP_DIR=/tmp/one-context-tmp
+TMP_DIR=$(mktemp -d "${RUNTIME_DIR:-/tmp}.XXXX")
 if [ -z "$INIT_SCRIPTS" ]; then
    if [ -f "$MOUNT_DIR/init.sh" ]; then
@ -18,3 +18,4 @@ for f in $INIT_SCRIPTS; do
    $TMP_DIR/$f
 done
 rm -rf ${TMP_DIR}
--- a/src/etc/one-context.d/net-99-report-ready
+++ b/src/etc/one-context.d/net-99-report-ready
--- a/base/etc/udev/rules.d/75-cd-aliases-generator.rules
+++ b/base/etc/udev/rules.d/75-cd-aliases-generator.rules
--- a/base/etc/udev/rules.d/75-persistent-net-generator.rules
+++ b/base/etc/udev/rules.d/75-persistent-net-generator.rules
--- a/src/lib/udev/rules.d/65-context.rules##one.systemd
+++ b/src/lib/udev/rules.d/65-context.rules##one.systemd
@ -0,0 +1,7 @@
 # On NIC hogplug the delayed reconfiguration is triggered.
 SUBSYSTEM=="net", ACTION=="add", TAG+="systemd", ENV{SYSTEMD_WANTS}+="one-context-reconfigure-delayed.service"
 # When CONTEXT CD-ROM is changed, it generates 2 events. This rule takes
 # every second event and triggers systemd service one-context-reconfigure-now.
 # This service also stops any existing delayed reconfiguration.
 SUBSYSTEM=="block", ACTION=="change", ENV{ID_FS_TYPE}=="iso9660" ENV{ID_FS_LABEL_ENC}=="CONTEXT", ENV{SEQNUM}=="*[02468]" RUN+="/bin/systemctl start one-context-reconfigure.service"
--- a/src/lib/udev/rules.d/65-context.rules##one.sysv
+++ b/src/lib/udev/rules.d/65-context.rules##one.sysv
--- a/base/usr/bin/onegate
+++ b/base/usr/bin/onegate
@ -1,6 +1,6 @@
 #!/bin/bash
-ENV_FILE=/tmp/one_env
+ENV_FILE=/var/run/one-context/one_env
 if [ -f $ENV_FILE ]; then
  . $ENV_FILE
--- a/base/usr/bin/onegate.rb
+++ b/base/usr/bin/onegate.rb
--- a/src/usr/lib/systemd/system/one-context-local.service##rpm.systemd.one
+++ b/src/usr/lib/systemd/system/one-context-local.service##rpm.systemd.one
@ -0,0 +1,14 @@
 [Unit]
 Description=OpenNebula pre-networking contextualization script
 Before=network-pre.target
 Wants=network-pre.target dev-disk-by\x2dlabel-CONTEXT.device
 After=dev-disk-by\x2dlabel-CONTEXT.device
 ConditionPathExists=!/var/run/one-context/context.sh.local
 [Service]
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/sbin/one-contextd local
 [Install]
 WantedBy=multi-user.target
--- a/src/usr/lib/systemd/system/one-context-reconfigure-delayed.service##rpm.systemd.one
+++ b/src/usr/lib/systemd/system/one-context-reconfigure-delayed.service##rpm.systemd.one
@ -0,0 +1,11 @@
 [Unit]
 Description=OpenNebula delayed reconfiguration script
 After=one-context.service
 Requisite=one-context.service
 [Service]
 Type=oneshot
 ExecStart=/usr/sbin/one-context-reconfigure
 [Install]
 WantedBy=multi-user.target
--- a/src/usr/lib/systemd/system/one-context-reconfigure.service##rpm.systemd.one
+++ b/src/usr/lib/systemd/system/one-context-reconfigure.service##rpm.systemd.one
@ -0,0 +1,13 @@
 [Unit]
 Description=OpenNebula reconfiguration script
 After=one-context.service
 Requisite=one-context.service
 Conflicts=one-context-reconfigure-delayed.service
 [Service]
 Type=oneshot
 Environment=TIMEOUT=0
 ExecStart=/usr/sbin/one-context-reconfigure
 [Install]
 WantedBy=multi-user.target
--- a/src/usr/lib/systemd/system/one-context.service##arch
+++ b/src/usr/lib/systemd/system/one-context.service##arch
--- a/src/usr/lib/systemd/system/one-context.service##rpm.systemd.one
+++ b/src/usr/lib/systemd/system/one-context.service##rpm.systemd.one
@ -0,0 +1,13 @@
 [Unit]
 Description=OpenNebula contextualization script
 Requires=one-context-local.service
 After=multi-user.target one-context-local.service
 ConditionPathExists=!/var/run/one-context/context.sh.network
 [Service]
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/sbin/one-contextd network
 [Install]
 WantedBy=multi-user.target
--- a/src/usr/sbin/one-context-reconfigure##one
+++ b/src/usr/sbin/one-context-reconfigure##one
@ -0,0 +1,31 @@
 #!/bin/sh
 # -------------------------------------------------------------------------- #
 # Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
 # a copy of the License at                                                   #
 #                                                                            #
 # http://www.apache.org/licenses/LICENSE-2.0                                 #
 #                                                                            #
 # Unless required by applicable law or agreed to in writing, software        #
 # distributed under the License is distributed on an "AS IS" BASIS,          #
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 # Set PATH
 export PATH=/sbin:/bin:/usr/sbin:/usr/bin
 TIMEOUT=${TIMEOUT:-60}
 CONTEXT_BASE=${CONTEXT_BASE:-/var/run/one-context/context.sh}
 if [ -f ${CONTEXT_BASE}.local ] && [ -f ${CONTEXT_BASE}.network ]; then
    sleep "${TIMEOUT}" && \
        /usr/sbin/one-contextd all reconfigure
 else
    echo 'Contextualization must start first as a boot service' >&2
    exit 1
 fi
--- a/src/usr/sbin/one-contextd
+++ b/src/usr/sbin/one-contextd
@ -0,0 +1,242 @@
 #!/bin/bash
 # -------------------------------------------------------------------------- #
 # Copyright 2010-2017, OpenNebula Systems                                    #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
 # a copy of the License at                                                   #
 #                                                                            #
 # http://www.apache.org/licenses/LICENSE-2.0                                 #
 #                                                                            #
 # Unless required by applicable law or agreed to in writing, software        #
 # distributed under the License is distributed on an "AS IS" BASIS,          #
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
 set -e
 TYPE="${1:-all}"  # local, network, all
 COMMAND="${2}"    # reconfigure?
 SCRIPTS_DIR=${SCRIPTS_DIR:-/etc/one-context.d}
 RUNTIME_DIR=${RUNTIME_DIR:-/var/run/one-context}
 LOCK_FILE="${RUNTIME_DIR}/one-context.lock"
 CONTEXT_BASE="${RUNTIME_DIR}/context.sh"
 SYSLOG_TAG="$(basename $0)"
 [ -d "${RUNTIME_DIR}" ] || mkdir -m 0700 -p "${RUNTIME_DIR}"
 CONTEXT_NEW=$(mktemp "${CONTEXT_BASE}.XXXX" 2>/dev/null)
 SYSLOG_FACILITY="${SYSLOG_FACILITY:-local3}"
 shopt -s extglob
 set +e
 function log
 {
    # display on stdout/err?, force if DEBUG
    local _echo_fd=$3
    if [ -n "${DEBUG}" ] && [ "${_echo_fd}" = '' ]; then
        _echo_fd=1
    fi
    if [ "${_echo_fd}" = '1' ] || [ "${_echo_fd}" = '2' ]; then
        echo "${2}" >&${_echo_fd}
    fi
    # try systemd/journald with fallback to logger
    systemd-cat -t "${SYSLOG_TAG}" -p "${1}" \
        echo "${2}" 2>/dev/null
    if [ "$?" != "0" ]; then
        logger -t "${SYSLOG_TAG}" \
            -p "${SYSLOG_FACILITY}.${1}" \
            "${2}" 2>/dev/null
    fi
 }
 function export_rc_vars
 {
    if [ -f $1 ] ; then
        ONE_VARS=$(cat $1 | egrep -e '^[a-zA-Z\-\_0-9]*=' | sed 's/=.*$//')
        . $1
        for v in $ONE_VARS; do
            export $v
        done
    fi
 }
 function execute_scripts {
    local _type=$1
    local _command=$1
    # choose 
    if [ "${_type}" = 'local' ]; then
        local _scripts=$(ls ${SCRIPTS_DIR}/loc-* 2>/dev/null)
    elif [ "${_type}" = 'network' ]; then
        local _scripts=$(ls ${SCRIPTS_DIR}/!(net-*|loc-*) 2>/dev/null; \
                         ls ${SCRIPTS_DIR}/net-* 2>/dev/null)
    fi
    export MOUNT_DIR
 	export RUNTIME_DIR
    log info "Processing ${_type} scripts"
    for _script in ${_scripts}; do
        local _name=$(basename "${_script}")
        # run script and catch output and exit code
        log debug "Script ${_name}: Starting ..."
        _out=$("${_script}" "${_command}" 2>&1)
        local _rtn=$?
        # log on any output
        if [ -n "${_out}" ]; then
            log info "Script ${_name} output: ${_out}"
        fi
        # set log level to error if script failed
        if [ ${_rtn} -eq 0 ]; then
            local _level=debug
        else
            local _level=err
        fi
        log "${_level}" "Script ${_name}: Finished with exit code ${_rtn}"
    done
    log debug 'Finished scripts processing'
 }
 function vmware_context {
    if type vmtoolsd >/dev/null 2>&1; then
        if vmtoolsd --cmd 'info-get guestinfo.opennebula.context' >/dev/null 2>&1 ; then
            return 0
        else
            log debug "VMware ONE context not found"
        fi
    fi
    log debug "Command vmtoolsd not found"
    return 1
 }
 function get_new_context {
    local dev_context=$(blkid -l -t LABEL="CONTEXT" -o device)
    if [ -e "${dev_context}" ]; then
        MOUNT_DIR=$(mktemp -d "${RUNTIME_DIR}/mount.XXXX" 2>/dev/null)
        if ! [ -d "${MOUNT_DIR}" ]; then
            log err 'Error: Failed to create mountpoint' 2
            exit 1
        fi
        log debug "Mounting CD-ROM ${dev_context} on ${MOUNT_DIR}"
        mount -t iso9660 -o ro ${dev_context} ${MOUNT_DIR} 2>/dev/null
        if [ "$?" != '0' ]; then
            log err "Error: Failed to mount ${dev_context}" 2
            exit 1
        fi
        local fn_mnt_context="${MOUNT_DIR}/context.sh"
        if [ -f "${fn_mnt_context}" ]; then
            log debug "Found context ${fn_mnt_context}"
            cp "${fn_mnt_context}" "${CONTEXT_NEW}"
        fi
    elif vmware_context ; then
        log debug "Reading context via vmtoolsd"
        vmtoolsd --cmd 'info-get guestinfo.opennebula.context' | \
            openssl base64 -d > ${CONTEXT_NEW}
    elif curl -s -o ${CONTEXT_NEW} http://169.254.169.254/latest/user-data; then
        log debug "Reading EC2 user-data"
        echo -n ""
    fi
 }
 function check_context {
    local _f_new=$1
    local _f_old=$2
    local _rtn=1
    log debug "Comparing ${_f_new} and ${_f_old} for changes"
    if [ -s "${_f_new}" ]; then
        diff "${_f_old}" "${_f_new}" >/dev/null 2>&1 || _rtn=0
    fi
    if [ ${_rtn} -eq 0 ]; then
        log debug "New context with changes"
    else
        log info "No changes in context, skipping"
    fi
    return ${_rtn}
 }
 function run_context {
    local _type=$1
    local _command=$2
    export CONTEXT_FILE="${CONTEXT_BASE}.${_type}"
    if check_context "${CONTEXT_NEW}" "${CONTEXT_FILE}"; then
        cp -f "${CONTEXT_NEW}" "${CONTEXT_FILE}"
        export_rc_vars "${CONTEXT_FILE}"
        execute_scripts "${_type}" "${_command}"
    fi
 }
 function acquire_lock {
    # acquire for execution lock
    log debug "Acquiring lock ${LOCK_FILE}"
    while true; do
        if mkdir "${LOCK_FILE}" 2>/dev/null; then
            trap 'cleanup' EXIT
            log debug "Acquired lock ${LOCK_FILE}"
            break
        fi
        sleep 1
    done
 }
 function cleanup {
    # unmount context
    if [ -d "${MOUNT_DIR}" ]; then
        log debug "Unmounting ${MOUNT_DIR}"
        umount -l "${MOUNT_DIR}"
        rmdir "${MOUNT_DIR}"
    fi
    # remove remporary files
    if [ -f "${CONTEXT_NEW}" ]; then
        unlink "${CONTEXT_NEW}"
    fi
    # remove lock
    log debug "Releasing lock ${LOCK_FILE}"
    rm -rf "${LOCK_FILE}"
 }
 #####
 if ! [[ ${TYPE} =~ ^(local|network|all)$ ]]; then
    log err "Error: Invalid or missing execution type ${TYPE}" 2
    exit 1
 fi
 log info "Started ${TYPE:+for type $TYPE} ${COMMAND:+to $COMMAND}"
 acquire_lock
 get_new_context
 if [ "${TYPE}" = 'all' ]; then
    run_context 'local' "${COMMAND}"
    run_context 'network' "${COMMAND}"
 else
    run_context "${TYPE}" "${COMMAND}"
 fi
 log info "Done"
--- a/targets.sh
+++ b/targets.sh
@ -0,0 +1,78 @@
 case "${TARGET}" in
    'el6')
        NAME=${NAME:-one-context}
        RELSUFFIX=${RELSUFFIX:-.el6}
        TYPE=${TYPE:-rpm}
        TAGS=${TAGS:-rpm sysv one}
        DEPENDS=${DEPENDS:-util-linux-ng bind-utils cloud-utils-growpart ruby rubygem-json}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.one}
        PREUN=${PREUN:-preuninstall.one}
        ;;
    'el6_ec2')
        NAME=${NAME:-one-context-ec2}
        RELSUFFIX=${RELSUFFIX:-.el6}
        TYPE=${TYPE:-rpm}
        TAGS=${TAGS:-rpm sysv ec2}
        DEPENDS=${DEPENDS:-util-linux-ng bind-utils cloud-utils-growpart ruby rubygem-json}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.ec2}
        PREUN=${PREUN:-preuninstall.ec2}
        ;;
    'el7')
        NAME=${NAME:-one-context}
        RELSUFFIX=${RELSUFFIX:-.el7}
        TYPE=${TYPE:-rpm}
        TAGS=${TAGS:-rpm systemd one}
        DEPENDS=${DEPENDS:-util-linux bind-utils cloud-utils-growpart ruby rubygem-json}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.one}
        PREUN=${PREUN:-preuninstall.one}
        ;;
    'el7_ec2')
        NAME=${NAME:-one-context-ec2}
        RELSUFFIX=${RELSUFFIX:-.el7}
        TYPE=${TYPE:-rpm}
        TAGS=${TAGS:-rpm sysv ec2}
        DEPENDS=${DEPENDS:-util-linux bind-utils cloud-utils-growpart ruby rubygem-json}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.ec2}
        PREUN=${PREUN:-preuninstall.ec2}
        ;;
    'deb')
        NAME=${NAME:-one-context}
        RELSUFFIX=${RELSUFFIX:-}
        TYPE=${TYPE:-deb}
        TAGS=${TAGS:-deb one}
        DEPENDS=${DEPENDS:-util-linux bind9-host cloud-utils ruby python}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.one}
        PREUN=${PREUN:-preuninstall.one}
        ;;
    'deb_ec2')
        NAME=${NAME:-one-context-ec2}
        RELSUFFIX=${RELSUFFIX:-}
        TYPE=${TYPE:-deb}
        TAGS=${TAGS:-deb ec2}
        DEPENDS=${DEPENDS:-util-linux bind9-host cloud-utils ruby python}
        REPLACES=${REPLACES:-cloud-init}
        POSTIN=${POSTINST:-postinstall.ec2}
        PREUN=${PREUN:-preuninstall.ec2}
        ;;
    'arch')
        NAME=${NAME:-one-context}
        TYPE=${TYPE:-dir}
        TAGS=${TAGS:-arch one}
        ;;
    *)
        echo "Invalid target ${TARGET}"
        exit 1
 esac