In systemd-209 libsystemd-login was merged into libsystemd and a
compatibility libsystemd-login library was created. Unfortunately,
distributions like Fedora don't ship the compatibility libraries so
runningFromUnitFile will always return false.
Fix it by dlopening libsystemd.so instead of libsystemd-login.so.
- remove --disable-readahead
- remove --disable-multi-seat-x
- add --disable-selinux
Also, write one option per line for better readability.
I kept the configure --help output order.
When building stage1 from sources with RKT_STAGE1_USR_FROM=src,
it is now possible to choose which systemd tag or branch should be
built:
$ export RKT_STAGE1_USR_FROM=src
$ export RKT_STAGE1_SYSTEMD_SRC=git://anongit.freedesktop.org/systemd/systemd
$ export RKT_STAGE1_SYSTEMD_VER=v215
$ ./build
By default, it still fetch the upstream git repository with tag v215 as
before. So defining the new variables is not necessary.
It is also possible to build against a local systemd repository:
$ export RKT_STAGE1_USR_FROM=src
$ export RKT_STAGE1_SYSTEMD_SRC=/home/user/git/systemd
$ export RKT_STAGE1_SYSTEMD_VER=HEAD
$ ./build
This should help developers to test newer systemd versions.
The patches in stage1/rootfs/usr_from_src/patches/ are versioned: the
subdirectory used is defined by $RKT_STAGE1_SYSTEMD_VER. If "HEAD" is
used, the master patchset will be selected.
- Fixup pod.getPID() to cover race between xToRun() and stage1 getting
around to writing the pid file.
- Rework `rkt enter` to retrieve the pid in rkt/stage0 and supply it to
stage1 enter.
- Rework stage1 enter to consume pid from argv instead of opening it
itself, so as to not have to duplicate the same race coverage.
- Some stage1 enter code cleanups thrown in for good measure, particularly
around the argv forwarding copy which started simple had become unwieldy.
Ports that were defined in app manifest can be
exposed via --port=name:host-port option on cmd line.
For example, given app manifest with ports entry:
{
"name": "http",
"port": 80,
"protocol": "tcp"
}
rkt run --private-net --port=http:8888 myapp.aci
will forward traffic from host's tcp port 8888 to
container's port 80.
Fixes#624
Since the spec requires AC_METADATA_URL env var,
well known IP is no longer needed. This removes
the iptables manipulation. Instead the IP address of the
host is passed in the AC_METADATA_URL. This host IP
is the address of the host end of the default veth.
Dimitri John Ledkov