lxxsh

0.991 (2013-06-09)

(This document is newer than what is provided in lxxsh-0.991.tar.xz)

TL;DR

Go directly to >examples<.

The software

lxxsh was created to fulfill the need to get multiple shells running inside Linux container from host machine easily.

This is achieved by copying lxxshd.py into the root directory of the lxc container and then executing it as an init program there. It creates a unix domain socket which lxxsh later connects to.

When connected, lxxshd.py creates pty/tty pair and sends pty fd to lxxsh via the socket. Then it forks child process, sets tty as the child's stdin, stdout and stderr, sets environment and execve's shell. After that lxxshd.py's work there is done.

lxxsh communicates between user terminal and the pty it got from lxxshd.py -- mostly doing IO but also manages (terminal) window size changes.

To work properly for this use lxxsh needs to be setuid root. The convenience target make suid will to that in place.

lxxsh itself is a generic tool. The wrapper for it, called lxcsh is specific to lxc (works with lxc's default setup). The examples (geared to lxc usage) uses lxcsh exclusively.

To start lxc container the tool run-in-lxc.sh is useful. After creating container it can be used to start /bin/bash (as root) in container -- to set up user and perhaps to do some other configurations. When container is properly set up, run-in-lxc.sh can be used to start lxxshd.py and finally it has convenience option to stop the container.

The final tool, redir-lxxshd.sh can be used to debug run-in-lxc.sh: When lxxshd.py is run as container's init program its stdout & stderr goes... I don't know where... redir-lxxshd.sh is simple wrapper which first redirects stdout & stderr to files and then exec's lxxshd.py. Now these files can be examined in case there is problems running lxxshd.py.

Files

sha 1 checksumsizename
- d6709b69470f430df1b1c77763203159c05855be 454 css.css
- bbd1e2e564bbd9294b63755cc452ed6db5d48a78 4 149 index.txt
x d302ce4853abfc37d6ad81b583db1ebe00e4834a 1 206 lxcsh
- dbba39c8c337909165d9725cf6837594a4307a23 10 476 lxxsh-0.991.tar.xz
- 46a17b05d4178d8b300213330342ae45a13248f4 5 602 lxxsh.c
x 26b2fe029598826137bf6f46b136317da6b50949 6 110 lxxshd.py
- 67afef8f9dd8360969c3ff905a6f1d222246907c 2 356 Makefile
x 7a3274c3e2d0d6e1529b43cb72121e990ee7db36 3 812 nih2html.pl
x b9c3e43c8bebc8665c0c07997cd181d721b070ef 298 redir-lxxshd.sh
x b8feb0b4e820c2286f407ce58073e91c9dd2e66b 3 773 run-in-lxc.sh

The latest tar archive contains all files listed above (sans tar archives).

Examples

If you have Debian 7 (Wheezy) first install packages lxc and debootstrap:

  $ sudo apt-get install lxc debootstrap

If you have Fedora 18, install lxc packages using command line:

  $ sudo yum install --enablerepo=updates-testing lxc lxc-doc lxc-templates redhat-lsb

If you have something else, check how to install lxc. The version 0.8.0 (or newer) is tested to work (run lxc-version to find out).

Then enter:

  $ sudo lxc-create -n squeeze -t debian -f /usr/share/doc/lxc/examples/lxc-no-netns.conf

As of 2013-06-09 (lxc 0.8.0) this will install Debian 6 (Squeeze) Linux container into /var/lib/lxc/squeeze and the container is configured to share the network stack with host.

(Note that when network stack is shared with host processes in container can connect to abstract unix sockets setup by host -- for example to
@<a href="#tmp">tmp</a>.X11-unix/X0. This might be desirable or not...)

Next run:

  $ sudo ./run-in-lxc.sh squeeze b

With this you get bash root shell running as pid 1 in the container. You have almost minimal Debian Squeeze environment to start with.

What you need to do before exiting this shell (and the container as a whole), create a user which (numeric) uid matches what you have in host:

  squeeze# useradd -m -s /bin/bash -u <uid> <name>

(hmm, -m did not work on Fedora 18, do without and then add dir by hand)

Now, after exiting shell, back in host machine enter:

  $ make lxxsh
  $ sudo make suid
  $ sudo ./run-in-lxc.sh squeeze .
  $ ./lxcsh squeeze

... and now you should have non-root shell prompt visible on your terminal, the shell running in container. Run ps axfg to see that this is the case.
With ./lxcsh squeeze from other terminals you can get more shells running on the container.

ยก Have a nice time experiencing lxc !

Todo