[vagrant-lxc] Ship precreated sudo-wrapper and sudoers file.

Fri Jan 30 16:06:05 UTC 2015

commit d53c42d43983a22ff41ce1d4776a0c12e77553ff
Author: Michael Adam <madam at redhat.com>
Date:   Tue Jan 27 00:52:07 2015 +0100

    Ship precreated sudo-wrapper and sudoers file.

 create_wrapper.rb |   63 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 vagrant-lxc.spec  |   18 +++++++++++++-
 2 files changed, 79 insertions(+), 2 deletions(-)
---

diff --git a/create_wrapper.rb b/create_wrapper.rb
new file mode 100644
index 0000000..5709762
--- /dev/null
+++ b/create_wrapper.rb
@@ -0,0 +1,63 @@
+#!/usr/bin/env ruby
+
+# Create the vagrant-lxc sudo-wrapper from the template.
+# Roughly taken from lib/vagrant-lxc/command/sudoers.rb
+#
+# Michael Adam <obnox at samba.org>
+
+require 'tempfile'
+
+require "vagrant/util/template_renderer"
+
+
+class CreateWrapper
+  class << self
+    def run!(argv)
+      raise "Argument missing" unless(argv)
+
+      template_root = argv.shift
+      wrapper_dst = "./vagrant-lxc-wrapper"
+
+      wrapper_tmp = create_wrapper!(template_root)
+
+      system "cp #{wrapper_tmp} #{wrapper_dst}"
+      puts "#{wrapper_dst} created"
+    end
+
+    private
+
+    # This requires vagrant 1.5.2+
+    # https://github.com/mitchellh/vagrant/commit/3371c3716278071680af9b526ba19235c79c64cb
+    def create_wrapper!(template_root)
+      wrapper = Tempfile.new('lxc-wrapper').tap do |file|
+        template = Vagrant::Util::TemplateRenderer.new(
+          'sudoers.rb',
+          #:template_root  => Vagrant::LXC.source_root.join('templates').to_s,
+          #:template_root  => "/usr/share/vagrant/gems/gems/vagrant-lxc-1.1.0/templates",
+          :template_root  => template_root,
+          :cmd_paths      => build_cmd_paths_hash,
+          #:pipework_regex => "#{ENV['HOME']}/\.vagrant\.d/gems/gems/vagrant-lxc.+/scripts/pipework"
+          :pipework_regex => "/usr/share/vagrant/gems/gems/vagrant-lxc.+/scripts/pipework"
+        )
+        file.puts template.render
+      end
+      wrapper.close
+      wrapper.path
+    end
+
+    # for fedora, we know that all these commands
+    # are found in /usr/bin ...
+    def build_cmd_paths_hash
+      {}.tap do |hash|
+        %w( which cat mkdir cp chown chmod rm tar chown ip ifconfig brctl ).each do |cmd|
+          #hash[cmd] = `which #{cmd}`.strip
+          hash[cmd] = "/usr/bin/#{cmd}"
+        end
+        #hash['lxc_bin'] = Pathname(`which lxc-create`.strip).parent.to_s
+        hash['lxc_bin'] = "/usr/bin"
+      end
+    end
+  end
+end
+
+CreateWrapper.run!(ARGV)
diff --git a/vagrant-lxc.spec b/vagrant-lxc.spec
index ad66a47..aa451a8 100644
--- a/vagrant-lxc.spec
+++ b/vagrant-lxc.spec
@@ -2,13 +2,17 @@
 
 Name: %{vagrant_plugin_name}
 Version: 1.1.0
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: LXC provider for vagrant
 Group: Development/Languages
 License: MIT
 URL: https://github.com/fgrehm/vagrant-lxc
 Source0: https://rubygems.org/gems/%{vagrant_plugin_name}-%{version}.gem
 
+# script needed to generate the vagrant-lxc sudo wrapper script from template.
+# part of this srpm
+Source1: create_wrapper.rb
+
 Patch1: vagrant-lxc-sudo-wrapper.patch
 
 Requires(pre): shadow-utils
@@ -60,7 +64,13 @@ mkdir -p %{buildroot}%{vagrant_plugin_dir}
 cp -a .%{vagrant_plugin_dir}/* \
         %{buildroot}%{vagrant_plugin_dir}/
 
-PATH=/usr/bin:$PATH vagrant lxc sudoers
+ruby -I /usr/share/vagrant/lib %{SOURCE1} %{buildroot}%{vagrant_plugin_instdir}/templates
+install -m 0555 ./vagrant-lxc-wrapper %{buildroot}%{vagrant_plugin_instdir}/scripts/vagrant-lxc-wrapper
+
+echo "%vagrant ALL=(root) NOPASSWD: %{vagrant_plugin_instdir}/scripts/vagrant-lxc-wrapper" > ./sudoers_file
+mkdir -p %{buildroot}%{_sysconfdir}/sudoers.d
+install -m 0440 ./sudoers_file %{buildroot}%{_sysconfdir}/sudoers.d/vagrant-lxc
+
 
 # polkit rule for vagrant group.
 #mkdir -p %{buildroot}%{_datadir}/polkit-1/rules.d
@@ -82,6 +92,7 @@ getent group vagrant >/dev/null || groupadd -r vagrant
 %posttrans
 %vagrant_plugin_register %{vagrant_plugin_name}
 
+
 %preun
 %vagrant_plugin_unregister %{vagrant_plugin_name}
 
@@ -120,6 +131,9 @@ getent group vagrant >/dev/null || groupadd -r vagrant
 %{vagrant_plugin_instdir}/vagrant-spec.config.rb
 
 %changelog
+* Mon Jan 26 2015 Michael Adam <madam at redhat.com> - 1.1.0-4
+- Ship precreated sudo-wrapper and sudoers file.
+
 * Mon Jan 26 2015 Michael Adam <madam at redhat.com> - 1.1.0-3
 - Capitalize summary and description.
 - Fix sudo wrapper and "vagrant lxc sudoers" mechansim from upstream.
