diff --git a/src/mad/sh/create_container_image.sh b/src/mad/sh/create_container_image.sh index 1cedf291a2..cfdbaee25b 100755 --- a/src/mad/sh/create_container_image.sh +++ b/src/mad/sh/create_container_image.sh @@ -18,6 +18,16 @@ set -e +function is_mounted { + grep -qs "$1" /proc/mounts +} + +function clean { + if is_mounted "${tmp_dir}/${id}"; then + umount "${tmp_dir}/${id}" + fi +} + #------------------------------------------------------------------------------- # Configuration attributes and parameters #------------------------------------------------------------------------------- @@ -27,14 +37,14 @@ GROUP=oneadmin DRIVER_PATH=$(dirname $0) -tmp_dir=$1 -id=$2 -extension=$3 -terminal=$4 +tmp_dir="$1" +id="$2" +extension="$3" +terminal="$4" commands=$(cat /dev/stdin) -case $extension in +case "$extension" in "tar.xz") untar_options="xvJpf" ;; @@ -47,21 +57,29 @@ esac # Mount container disk image and untar rootfs contents to it #------------------------------------------------------------------------------- +trap clean EXIT + # try first to mount with the fuse2fs command and if that fails fallback to the # regular mount -if ! fuse2fs -o nosuid $tmp_dir/$id.raw $tmp_dir/$id >/dev/null 2>&1 ; then - mount -o nosuid $tmp_dir/$id.raw $tmp_dir/$id +# NOTE: fuse2fs returns zero even when actual mount fails +_fuse_failed='' +if ! fuse2fs -o nosuid "${tmp_dir}/${id}.raw" "${tmp_dir}/${id}" >/dev/null 2>&1 ; then + _fuse_failed=yes fi -chown $USER:$GROUP $tmp_dir/$id -tar $untar_options $tmp_dir/$id.$extension -C $tmp_dir/$id > /dev/null 2>&1 +if [ "$_fuse_failed" = "yes" ] || ! is_mounted "${tmp_dir}/${id}" ; then + mount -o nosuid "${tmp_dir}/${id}.raw" "${tmp_dir}/${id}" +fi + +chown $USER:$GROUP "${tmp_dir}/${id}" +tar $untar_options "${tmp_dir}/${id}.${extension}" -C "${tmp_dir}/${id}" > /dev/null 2>&1 sync #------------------------------------------------------------------------------- # Execute context script to install OpenNebula contextualization packages #------------------------------------------------------------------------------- -cat << EOF | chroot $tmp_dir/$id $terminal +cat << EOF | chroot "${tmp_dir}/${id}" $terminal $commands echo "#Generated by OpenNebula" > /etc/resolv.conf rm -f /etc/ssh/ssh_host_* > /dev/null 2>&1 @@ -69,4 +87,4 @@ usermod -p '*' root > /dev/null 2>&1 EOF sync -umount $tmp_dir/$id +exit 0 diff --git a/src/mad/sh/create_docker_image.sh b/src/mad/sh/create_docker_image.sh index 3a7f5addc9..178a9e57e3 100755 --- a/src/mad/sh/create_docker_image.sh +++ b/src/mad/sh/create_docker_image.sh @@ -19,9 +19,13 @@ # exit when any command fails set -e +function is_mounted { + grep -qs "$1" /proc/mounts +} + function clean { - if grep -qs "$dockerdir/mnt" /proc/mounts; then - umount $dockerdir/mnt + if is_mounted "${dockerdir}/mnt"; then + umount "${dockerdir}/mnt" fi } @@ -52,7 +56,7 @@ fi # Check dockerdir is different than / and the directory name is an uuid regex_uuid="^\{?[0-9]+-[0-9]+-[0-9]+-[0-9]+-[0-9]+\}?$" -if [ ! -d $dockerdir ] || [[ ! $(basename $dockerdir) =~ $regex_uuid ]]; then +if [ ! -d "$dockerdir" ] || [[ ! $(basename "$dockerdir") =~ $regex_uuid ]]; then exit -1 fi @@ -62,14 +66,19 @@ trap clean EXIT # try first to mount with the fuse2fs command and if that fails fallback to the # regular mount -if ! fuse2fs -o noexec,nodev,nosuid $img_raw $dockerdir/mnt >/dev/null 2>&1 ; then - mount -o noexec,nodev,nosuid $img_raw $dockerdir/mnt +# NOTE: fuse2fs returns zero even when actual mount fails +_fuse_failed='' +if ! fuse2fs -o noexec,nodev,nosuid "$img_raw" "${dockerdir}/mnt" >/dev/null 2>&1 ; then + _fuse_failed=yes fi -chmod o+w $dockerdir/mnt -tar xpf $tarball -C $dockerdir/mnt > /dev/null 2>&1 +if [ "$_fuse_failed" = "yes" ] || ! is_mounted "${dockerdir}/mnt" ; then + mount -o noexec,nodev,nosuid "$img_raw" "${dockerdir}/mnt" +fi + +chmod o+w "${dockerdir}/mnt" +tar xpf "$tarball" -C "${dockerdir}/mnt" > /dev/null 2>&1 sync exit 0 -