#!/bin/sh
#
# Setup script for lxd-agent that is executed by the lxd-agent systemd unit before lxd-agent is started.
# The script sets up a temporary mount point, copies data from the mount (including lxd-agent binary),
# and then unmounts it. It also ensures appropriate permissions for the LXD agent's runtime directory.
#
set -eu
PREFIX="/run/lxd_agent"
# Functions.
mount_virtiofs() {
mount -t virtiofs config "${PREFIX}/.mnt" -o ro >/dev/null 2>&1
}
mount_9p() {
modprobe 9pnet_virtio >/dev/null 2>&1 || true
mount -t 9p config "${PREFIX}/.mnt" -o ro,access=0,trans=virtio >/dev/null 2>&1
}
fail() {
umount -l "${PREFIX}" >/dev/null 2>&1 || true
rmdir "${PREFIX}" >/dev/null 2>&1 || true
echo "${1}"
exit 1
}
# Setup the mount target.
umount -l "${PREFIX}" >/dev/null 2>&1 || true
mkdir -p "${PREFIX}"
mount -t tmpfs tmpfs "${PREFIX}" -o mode=0700,nodev,nosuid,noatime,size=50M
mkdir -p "${PREFIX}/.mnt"
# Try virtiofs first.
mount_virtiofs || mount_9p || fail "Couldn't mount virtiofs or 9p, failing."
# Copy the data.
cp -Ra --no-preserve=ownership "${PREFIX}/.mnt/"* "${PREFIX}"
# Unmount the temporary mount.
umount "${PREFIX}/.mnt"
rmdir "${PREFIX}/.mnt"
# Attempt to restore SELinux labels.
restorecon -R "${PREFIX}" >/dev/null 2>&1 || true
|