mirror of
https://github.com/kasmtech/workspaces-core-images.git
synced 2024-11-25 00:43:11 +01:00
KASM-4348 Sysbox Support
This commit is contained in:
parent
8e9ade7899
commit
38f210f1a0
@ -107,6 +107,10 @@ RUN bash $INST_SCRIPTS/extra/$EXTRA_SH && rm -rf $INST_SCRIPTS/extra/
|
|||||||
COPY ./src/ubuntu/install/virtualgl $INST_SCRIPTS/virtualgl/
|
COPY ./src/ubuntu/install/virtualgl $INST_SCRIPTS/virtualgl/
|
||||||
RUN bash $INST_SCRIPTS/virtualgl/install_virtualgl.sh && rm -rf $INST_SCRIPTS/virtualgl/
|
RUN bash $INST_SCRIPTS/virtualgl/install_virtualgl.sh && rm -rf $INST_SCRIPTS/virtualgl/
|
||||||
|
|
||||||
|
### Sysbox support
|
||||||
|
COPY ./src/ubuntu/install/sysbox $INST_SCRIPTS/sysbox/
|
||||||
|
RUN bash $INST_SCRIPTS/sysbox/install_systemd.sh && rm -rf $INST_SCRIPTS/sysbox/
|
||||||
|
|
||||||
### Create user and home directory for base images that don't already define it
|
### Create user and home directory for base images that don't already define it
|
||||||
RUN (groupadd -g 1000 kasm-user \
|
RUN (groupadd -g 1000 kasm-user \
|
||||||
&& useradd -M -u 1000 -g 1000 kasm-user \
|
&& useradd -M -u 1000 -g 1000 kasm-user \
|
||||||
|
@ -131,6 +131,10 @@ RUN bash $STARTUPDIR/set_user_permission.sh $STARTUPDIR $HOME && \
|
|||||||
COPY ./src/ubuntu/install/extra $INST_SCRIPTS/extra/
|
COPY ./src/ubuntu/install/extra $INST_SCRIPTS/extra/
|
||||||
RUN bash $INST_SCRIPTS/extra/$EXTRA_SH && rm -rf $INST_SCRIPTS/extra/
|
RUN bash $INST_SCRIPTS/extra/$EXTRA_SH && rm -rf $INST_SCRIPTS/extra/
|
||||||
|
|
||||||
|
### Sysbox support
|
||||||
|
COPY ./src/ubuntu/install/sysbox $INST_SCRIPTS/sysbox/
|
||||||
|
RUN bash $INST_SCRIPTS/sysbox/install_systemd.sh && rm -rf $INST_SCRIPTS/sysbox/
|
||||||
|
|
||||||
### Create user and home directory for base images that don't already define it
|
### Create user and home directory for base images that don't already define it
|
||||||
RUN (groupadd -g 1000 kasm-user \
|
RUN (groupadd -g 1000 kasm-user \
|
||||||
&& useradd -M -u 1000 -g 1000 kasm-user \
|
&& useradd -M -u 1000 -g 1000 kasm-user \
|
||||||
|
@ -106,6 +106,10 @@ RUN bash $STARTUPDIR/set_user_permission.sh $STARTUPDIR $HOME && \
|
|||||||
COPY ./src/ubuntu/install/extra $INST_SCRIPTS/extra/
|
COPY ./src/ubuntu/install/extra $INST_SCRIPTS/extra/
|
||||||
RUN bash $INST_SCRIPTS/extra/$EXTRA_SH && rm -rf $INST_SCRIPTS/extra/
|
RUN bash $INST_SCRIPTS/extra/$EXTRA_SH && rm -rf $INST_SCRIPTS/extra/
|
||||||
|
|
||||||
|
### Sysbox support
|
||||||
|
COPY ./src/ubuntu/install/sysbox $INST_SCRIPTS/sysbox/
|
||||||
|
RUN bash $INST_SCRIPTS/sysbox/install_systemd.sh && rm -rf $INST_SCRIPTS/sysbox/
|
||||||
|
|
||||||
### Create user and home directory for base images that don't already define it
|
### Create user and home directory for base images that don't already define it
|
||||||
RUN (groupadd -g 1000 kasm-user \
|
RUN (groupadd -g 1000 kasm-user \
|
||||||
&& useradd -M -u 1000 -g 1000 kasm-user \
|
&& useradd -M -u 1000 -g 1000 kasm-user \
|
||||||
|
108
src/ubuntu/install/sysbox/install_systemd.sh
Normal file
108
src/ubuntu/install/sysbox/install_systemd.sh
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
# Setup systemd based on distro type
|
||||||
|
if [[ "${DISTRO}" == @(ubuntu|debian|parrotos5|kali) ]] ; then
|
||||||
|
# Install deps
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
dbus \
|
||||||
|
iproute2 \
|
||||||
|
iptables \
|
||||||
|
kmod \
|
||||||
|
libsystemd0 \
|
||||||
|
sudo \
|
||||||
|
systemd \
|
||||||
|
systemd-sysv \
|
||||||
|
udev
|
||||||
|
elif [[ "${DISTRO}" == @(oracle8|oracle9|rockylinux9|rockylinux8|almalinux9|almalinux8|fedora37) ]]; then
|
||||||
|
# Install deps
|
||||||
|
dnf install -y \
|
||||||
|
dbus \
|
||||||
|
iproute \
|
||||||
|
iptables \
|
||||||
|
kmod \
|
||||||
|
sudo \
|
||||||
|
systemd \
|
||||||
|
udev
|
||||||
|
elif [ "${DISTRO}" == "opensuse" ]; then
|
||||||
|
# Install deps
|
||||||
|
zypper install -y \
|
||||||
|
dbus-1 \
|
||||||
|
iproute2 \
|
||||||
|
iptables \
|
||||||
|
kmod \
|
||||||
|
sudo \
|
||||||
|
systemd \
|
||||||
|
systemd-sysvinit \
|
||||||
|
udev
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Disable systemd stuff that does not work
|
||||||
|
echo "ReadKMsg=no" >> /etc/systemd/journald.conf
|
||||||
|
systemctl mask \
|
||||||
|
systemd-udevd.service \
|
||||||
|
systemd-journald-audit.socket \
|
||||||
|
systemd-udevd-kernel.socket \
|
||||||
|
systemd-udevd-control.socket \
|
||||||
|
systemd-modules-load.service \
|
||||||
|
systemd-udev-trigger.service \
|
||||||
|
sys-kernel-config.mount \
|
||||||
|
sys-kernel-debug.mount \
|
||||||
|
sys-kernel-tracing.mount
|
||||||
|
rm -f /usr/share/dbus-1/system-services/org.freedesktop.UPower.service
|
||||||
|
|
||||||
|
# Generate our standard init systemd service and init helper
|
||||||
|
cat >/etc/systemd/system/kasm.service<<EOL
|
||||||
|
[Unit]
|
||||||
|
Description=Kasm Workspaces Init
|
||||||
|
After=kasm-setup.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=kasm-user
|
||||||
|
Group=kasm-user
|
||||||
|
EnvironmentFile=/envdump
|
||||||
|
Type=simple
|
||||||
|
ExecStart=/bin/bash /dockerstartup/kasm_default_profile.sh /dockerstartup/vnc_startup.sh /dockerstartup/kasm_startup.sh
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOL
|
||||||
|
cat >/etc/systemd/system/kasm-setup.service<<EOL
|
||||||
|
[Unit]
|
||||||
|
Description=Kasm Workspaces root level setup
|
||||||
|
Before=kasm.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/bin/bash /kasm-sysbox-setup.sh
|
||||||
|
RemainAfterExit=yes
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOL
|
||||||
|
cat >/kasm-sysbox-setup.sh<<EOL
|
||||||
|
#!/bin/bash
|
||||||
|
mkdir -p /var/run/pulse
|
||||||
|
chown kasm-user:kasm-user /var/run/pulse
|
||||||
|
cat /proc/1/environ | xargs --null --max-args=1 > /envdump
|
||||||
|
if [ -f /usr/sbin/policy-rc.d ]; then
|
||||||
|
printf '#!/bin/sh\nexit 0' > /usr/sbin/policy-rc.d
|
||||||
|
fi
|
||||||
|
systemctl disable gdm
|
||||||
|
systemctl disable power-profiles-daemon
|
||||||
|
systemctl disable sshd
|
||||||
|
systemctl disable unattended-upgrades
|
||||||
|
systemctl disable upower
|
||||||
|
systemctl disable wpa_supplicant
|
||||||
|
systemctl stop gdm
|
||||||
|
systemctl stop power-profiles-daemon
|
||||||
|
systemctl stop sshd
|
||||||
|
systemctl stop unattended-upgrades
|
||||||
|
systemctl stop upower
|
||||||
|
systemctl stop wpa_supplicant
|
||||||
|
EOL
|
||||||
|
chmod +x /kasm-sysbox-setup.sh
|
||||||
|
chmod 644 /etc/systemd/system/kasm.service /etc/systemd/system/kasm-setup.service
|
||||||
|
systemctl enable kasm kasm-setup
|
Loading…
Reference in New Issue
Block a user