6年前 · 07108c4eeb
--- a/README.md
+++ b/README.md
@@ -138,13 +138,18 @@ TODO:

 ## LXC tips

 `bin/gbuild` runs `lxc-execute`, which may require root.  If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:
 `bin/gbuild` runs `lxc-execute` or `lxc-start`, which may require root.  If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:

    %admin ALL=NOPASSWD: /usr/bin/lxc-execute
    %admin ALL=NOPASSWD: /usr/bin/lxc-start

 Recent distributions allow lxc-execute to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.
 Right now `lxc-start` is the default, but you can force `lxc-execute` (useful for Ubuntu 14.04) with:

 If you have a runaway `lxc-execute` command, just use `kill -9` on it.
    export LXC_EXECUTE=lxc-execute

 Recent distributions allow lxc-execute / lxc-start to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.

 If you have a runaway `lxc-start` command, just use `kill -9` on it.

 The machine configuration requires access to br0 and assumes that the host address is `10.0.2.2`:

--- a/RELEASE_NOTES
+++ b/RELEASE_NOTES
@@ -1,5 +1,9 @@
 Important:

 We switched from using lxc-start to using lxc-execute.  lxc-execute requires lxc-init (or init.lxc) to be available on the guest at one of the expected places.  You might have to manually install lxc on your base VM image or recreate the image.
 We are planning on switching from using lxc-start to using lxc-execute.  lxc-execute requires lxc-init (or init.lxc) to be available on the guest at one of the expected places.  You might have to manually install lxc on your base VM image or recreate the image.

 To enable this now (required for Ubuntu 14.04), do:

  export LXC_EXECUTE=lxc-execute

 If your guest is more recent than the host, all bets are off, since lxc-execute may not be able to find the lxc init.
--- a/libexec/copy-from-target
+++ b/libexec/copy-from-target
@@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then
    scp $QUIET_FLAG -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -P $VM_SSH_PORT -r $TUSER@localhost:$1 $2
 else
    config-lxc
    sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf -
    sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -cf - "$1" | tar -C "$2" -xkf -
 fi
--- a/libexec/copy-to-target
+++ b/libexec/copy-to-target
@@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then
    scp $QUIET_FLAG -r -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -P $VM_SSH_PORT $1 $TUSER@localhost:$2
 else
    config-lxc
    tar -C `dirname "$1"` -cf - `basename "$1"` | sudo lxc-execute -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf -
    tar -C `dirname "$1"` -cf - `basename "$1"` | sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -i -u $TUSER tar -C "$2" -xf -
 fi
--- a/libexec/gconfig
+++ b/libexec/gconfig
@@ -1 +1,4 @@
 VM_SSH_PORT=2223
 if [ -z "$LXC_EXECUTE" ]; then
  LXC_EXECUTE=lxc-start
 fi
--- a/libexec/on-target
+++ b/libexec/on-target
@@ -50,5 +50,5 @@ if [ -z "$USE_LXC" ]; then
    ssh -oConnectTimeout=30 -oNoHostAuthenticationForLocalhost=yes -i ${GITIAN_BASE:-.}/var/id_dsa -p $VM_SSH_PORT $TUSER@localhost $*
 else
    config-lxc
    sudo lxc-execute -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $*
    sudo $LXC_EXECUTE -n gitian -f var/lxc.config -- sudo -u $TUSER $ENV -i -- $*
 fi