%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python2.7/site-packages/salt/modules/
Upload File :
Create Path :
Current File : //usr/lib/python2.7/site-packages/salt/modules/lxc.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlmZm Z ddl!Zddl"m#Z$ddl%m&Z&ddl'm(Z(ddl)m*Z+e
j,e-�Z.id	d
6dd6Z/d
Z0dZ1dZ2dZ3dZ4dZ5e6�Z7d�Z8d�Z9d�Z:d�Z;d�Z<d�Z=d�Z>d�Z?e@d�ZAd�ZBe@d�ZCe@d�ZDd�ZEe@d �ZFd!�ZGe@eHd"�ZId#�ZJd$e6fd%��YZKd&�ZLe@e@e@e@e@e@e@e@eMe@e@e@e@e@e@e@e@e@eHeHe@e@e@e@d'�ZNe@d(�ZOe@d)�ZPd*�ZQd+�ZRe@e@e@e@d,�ZSe@e@e@d-�ZTe@eMe@d.�ZUeHe@e@d/�ZVe7e7e7e7e7e@d0�ZWe@d1�ZXeHe@d2�ZYe@e@eHd3�ZZd4�Z[eHe@e@d5�Z\d6�Z]e@e@d7�Z^eHe@d8�Z_ej`jajbe_d9�Zce@d:�Zde@d;�Zee@d<�Zfe@d=�Zge@d>�ZheMe@d?�Ziej`jajbeid@�Zje@dA�Zke@e@e@dB�ZleMe@dC�Zme@dD�Zne@dE�Zoe@dF�Zpe@dGdH�Zqe@dI�Zre@eMeMe@e@e@eHeHe@e@e@e@dJ�Zse@dK�Zte@eHeMe@eMdLeHe@eHe@dMdN�ZueHeMe@eMdLeHe@eHeHdMdO�
ZveHeMe@eMdLeHe@eHeHdMdP�
ZweHeMe@eMdLeHe@eHeHdMdQ�
ZxeHeMe@eMdLeHe@eHeHdMdR�
ZyeHeMe@eMdLeHe@eHeHdMdS�
ZzdT�Z{eHeHe@dU�Z|ej`jajbe|dV�Z}dWdX�Z~dY�ZdWeHe@dZ�Z�e@d[�Z�e@e@e@e@e@e@e@e@e@e@e@e@e@d\�
Z�e@e@d]�Z�e@d^�Z�e@e@d_�Z�dS(`uv
Control Linux Containers via Salt

:depends: lxc package for distribution

lxc >= 1.0 (even beta alpha) is required

i(tabsolute_importtprint_functiontunicode_literalsN(tCommandExecutionErrortSaltInvocationError(tLooseVersion(tsix(trange(turlparseulistulist_ulsuls_ulxcueth0ubr0u/lxc.initial_seedu
lxc-attachu/var/lib/lxccC@s#tjjjd�rtStdfS(Nu	lxc-startuSThe lxc execution module cannot be loaded: the lxc-start binary is not in the path.(tsalttutilstpathtwhicht__virtualname__tFalse(((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt__virtual__DscC@s|stjdt�}n|S(u�
    Get the configured lxc root for containers

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.get_root_path

    u
lxc.root_path(t__opts__tgettDEFAULT_PATH(R((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
get_root_path]s
cC@s�d}tj|d	�s|tdd�}|ds|t|d�}|td�krctd��ndj|�t|<q|ntj|d	�S(
u�
    Return the actual lxc client version

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.version

    ulxc.versionucmd.run_allulxc-info --versionuretcodeustdoutu1.0uLXC should be at least 1.0u{0}N(t__context__RtNonet__salt__t
_LooseVersionRtformat(tktcversiontver((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytversionos

cC@sWxPgtD]}|jd�r
|^q
D]&}tjd|�tj|d�q)WdS(u4
    Clear any lxc variables set in __context__
    ulxc.uClearing __context__['%s']N(Rt
startswithtlogttracetpopR(txtvar((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_clear_context�s/cC@sUd}|dkrd}n|dkr0d}nd|krEd}ndj||�S(	u
Ip sortingu001u	127.0.0.1u200u::1u201u::u100u	{0}___{1}(R(tiptidx((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_ip_sort�s			cC@s\tjdd�}|sXt�}t�}|jt�ybtdd�}xK|dj�dD]5}|jd�s_|j|j	�dj
��q_q_WWnttfk
r�nXxpt
jtjdi��D]S\}}||kr�|j|�q�tjjd	j|��r�|j|�q�q�Wt|�}d
�}|jd|�|td<n|S(
u�
    Search which bridges are potentially available as LXC bridges

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.search_lxc_bridges

    ulxc.bridgesucmd.run_allu
brctl showustdoutiu iu
ip_interfacesu#/sys/devices/virtual/net/{0}/bridgecS@s@d}d|krd}nd|kr0d}ndj||�S(Nuzulxcuaubr0ucu{0}_{1}(R(tatpref((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytsort_bridges�s		tkeyN(RRRtsettaddt
DEFAULT_BRRt
splitlinesRtsplittstripRRRt	iteritemst
__grains__tosRtexistsRtlisttsort(tbridgestrunning_bridgestoutputtlinetifcR$R)((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytsearch_lxc_bridges�s0		
(			
cC@st�dS(u�
    Search the first bridge which is potentially available as LXC bridge

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.search_lxc_bridge

    i(R<(((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytsearch_lxc_bridge�sc
K@s�|s|jdi�}n|s*i}n|jd|jdtjdtd���|jd|jdtjdtjdtjd�����|ds�i}n|S(Numinionumasteruidumaster_porturet_portu4506(Rt
setdefaultR(tconfigtkwargs((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_get_salt_config�s"							
	c5@s�dAkri�ntj���tjjj�|��tj�jd�jdi���}t|t	t
jf�s�i}nt|��dA��fd�}|dAkr��d}nd}t
jdd�dBkr�d}n|d	�}|s|d
|�n|dd�}|r)|�d
<n|d
dA�}|rK|�d
<n|r^|�d<n|dt�}	t|dt��}
|dg�}|dt�}|dd�}
|dt�}|ddA�}|ddA�}|ddA�}|ddA�}|ddA�}|dd�}|ddA�}|ddA�}|ddA�}|dAkrZg}n|ddA�}|r�||kr�|j|�n|d dA�}|jd!dA�}|d"d#�}|d$dA�}|d%dA�}|d&dA�}|d't�}|d(t�} t|d)i���}!|d*t�}"t|t	�sQtjjj�}n|j|"tjjj��}#t|tjjj�s�tjjj�}$|$j|�|$}ndA}%|d%dA�}|d+dA�}&|d,dA�}'|&r0|&}(|r
|(d-j|�7}(n|(|#d.<|'dAk	r0|'|#d,<q0nx�t|d/g��D]q\})}*d0j|)d1�}+|j|+i�},|%dAkr�|*jd&|,jd&dA��}%|%r�|#jd&dA�dA}|%|,d&<q�n|*jd2|,jd2dA��}-|-r�|-|,d2<n|*jd.|*jd+dA��}.|.r/|.|,d.<n|*jd"d�}/|/rc|,d.cd-j|/�7<nx,dCD]$}0|0|*krj|*|0|,d,<PqjqjWd,|,krFtjjj�|,d,<qFqFWdA}%xcg|D]}1|1^q�D]H},||,}2|%r|2jd&dA�nd&|2kr�|2d&}%dA}q�q�W|r:||#d2<n|rM||#d&<ni}3||3d<|!|3d)<|d4d5�|3d4<||3d<||3d<||3d!<x>d6d7d8gD]-}4||4dA�|3d6<|3d6dAk	r�Pq�q�W�|3d<|	|3d<||3d<||3d<||3d$<||3d
<||3d<||3d<||3d<| |3d(<||3d'<||3d9<||3d:<|d;d<�|3d;<|d=dA�|3d=<|
|3d<||3d<|
|3d<||3d<||3d <x]d>d?d@gD]L}0||0dA�r�y�|0|3|0<Wqtk
r�|0|3|0<qXq�q�W|3S(Du�
    Interface between salt.cloud.lxc driver and lxc.init
    ``vm_`` is a mapping of vm opts in the salt.cloud format
    as documented for the lxc driver.

    This can be used either:

    - from the salt cloud driver
    - because you find the argument to give easier here
      than using directly lxc.init

    .. warning::
        BE REALLY CAREFUL CHANGING DEFAULTS !!!
        IT'S A RETRO COMPATIBLE INTERFACE WITH
        THE SALT CLOUD DRIVER (ask kiorky).

    name
        name of the lxc container to create
    pub_key
        public key to preseed the minion with.
        Can be the keycontent or a filepath
    priv_key
        private key to preseed the minion with.
        Can be the keycontent or a filepath
    path
        path to the container parent directory (default: /var/lib/lxc)

        .. versionadded:: 2015.8.0

    profile
        :ref:`profile <tutorial-lxc-profiles-container>` selection
    network_profile
        :ref:`network profile <tutorial-lxc-profiles-network>` selection
    nic_opts
        per interface settings compatibles with
        network profile (ipv4/ipv6/link/gateway/mac/netmask)

        eg::

              - {'eth0': {'mac': '00:16:3e:01:29:40',
                          'gateway': None, (default)
                          'link': 'br0', (default)
                          'gateway': None, (default)
                          'netmask': '', (default)
                          'ip': '22.1.4.25'}}
    unconditional_install
        given to lxc.bootstrap (see relative doc)
    force_install
        given to lxc.bootstrap (see relative doc)
    config
        any extra argument for the salt minion config
    dnsservers
        list of DNS servers to set inside the container
    dns_via_dhcp
        do not set the dns servers, let them be set by the dhcp.
    autostart
        autostart the container at boot time
    password
        administrative password for the container
    bootstrap_delay
        delay before launching bootstrap script at Container init


    .. warning::

        Legacy but still supported options:

        from_container
            which container we use as a template
            when running lxc.clone
        image
            which template do we use when we
            are using lxc.create. This is the default
            mode unless you specify something in from_container
        backing
            which backing store to use.
            Values can be: overlayfs, dir(default), lvm, zfs, brtfs
        fstype
            When using a blockdevice level backing store,
            which filesystem to use on
        size
            When using a blockdevice level backing store,
            which size for the filesystem to use on
        snapshot
            Use snapshot when cloning the container source
        vgname
            if using LVM: vgname
        lvname
            if using LVM: lvname
        thinpool:
            if using LVM: thinpool
        ip
            ip for the primary nic
        mac
            mac address for the primary nic
        netmask
            netmask for the primary nic (24)
            = ``vm_.get('netmask', '24')``
        bridge
            bridge for the primary nic (lxcbr0)
        gateway
            network gateway for the container
        additional_ips
            additional ips which will be wired on the main bridge (br0)
            which is connected to internet.
            Be aware that you may use manual virtual mac addresses
            providen by you provider (online, ovh, etc).
            This is a list of mappings {ip: '', mac: '', netmask:''}
            Set gateway to None and an interface with a gateway
            to escape from another interface that eth0.
            eg::

                  - {'mac': '00:16:3e:01:29:40',
                     'gateway': None, (default)
                     'link': 'br0', (default)
                     'netmask': '', (default)
                     'ip': '22.1.4.25'}

        users
            administrative users for the container
            default: [root] and [root, ubuntu] on ubuntu
        default_nic
            name of the first interface, you should
            really not override this

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.cloud_init_interface foo

    ulxc_profileuprofilec@s�j|�j||��S(N(R(Rtdefault(tprofiletvm_(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
_cloud_get�sunameuuosuUbuntuuubuntuuimageutemplateubackingudiruvgnameusnapshotu	autostartu
dnsserversudns_via_dhcpupasswordus3cr3tupassword_encryptedufstypeulvnameuthinpoolupub_keyupriv_keyusizeu20Guscriptuscript_argsuusersussh_usernameunetwork_profileunic_optsunetmasku24upathubridgeugatewayuunconditional_installu
force_installuconfigudefault_nicuipumacu/{0}uipv4uadditional_ipsueth{0}iulinkuhwaddrumemoryiu
clone_fromucloneufrom_containeru
bootstrap_urlubootstrap_argsubootstrap_shellushubootstrap_delayucpuucpusetucpushareN(uUbuntu(umacuhwaddr(RtcopytdeepcopyR	R
t
dictupdatetupdateRt
isinstancetdictRtstring_typestget_container_profileR2RtbooltTruetappendRAtDEFAULT_NICtodicttOrderedDictR>Rt	enumerateR tnetworktgen_mactKeyError(5tnameRDR@tprofile_dataREtdefault_templatetimagetbackingtvgnametsnapshott	autostartt
dnsserverstdns_via_dhcptpasswordtpassword_encryptedtfstypetlvnametthinpooltpub_keytpriv_keytsizetscripttscript_argstuserstssh_usernametnetwork_profiletnic_optstnetmaskRtbridgetgatewaytunconditional_installt
force_installR?tdefault_nicteth0t	bnic_optstgwR$tmactfulliptixtioptstifhtethxtelinktaiptnmtiR'tndatatlxc_init_interfacet
clone_from((RCRDs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytcloud_init_interface�s,�			
	


		
	
"


 




























cK@s�t|t�r1|jdd�}t|||�S|dkrFi}n=tddj||�dddd�}|dkr�i}nt|t�s�tdj|���ntj	j
jtj
|��}tj	jjtj
|�|�}|S(Nunameu
config.getulxc.{1}:{0}RBtmergeurecurseulxc.{0} must be a dictionary(RJRKR Rt_get_profileRRRR	R
targstclean_kwargsRFRGRHRI(R*RXR@tprofilenamet
profile_matcht	overrides((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�*s$				cK@std||�}|S(u�
    .. versionadded:: 2015.5.0

    Gather a pre-configured set of container configuration parameters. If no
    arguments are passed, an empty profile is returned.

    Profiles can be defined in the minion or master config files, or in pillar
    or grains, and are loaded using :mod:`config.get
    <salt.modules.config.get>`. The key under which LXC profiles must be
    configured is ``lxc.container_profile.profile_name``. An example container
    profile would be as follows:

    .. code-block:: yaml

        lxc.container_profile:
          ubuntu:
            template: ubuntu
            backing: lvm
            vgname: lxc
            size: 1G

    Parameters set in a profile can be overridden by passing additional
    container creation arguments (such as the ones passed to :mod:`lxc.create
    <salt.modules.lxc.create>`) to this function.

    A profile can be defined either as the name of the profile, or a dictionary
    of variable names and values. See the :ref:`LXC Tutorial
    <tutorial-lxc-profiles>` for more information on how to use LXC profiles.

    CLI Example:

    .. code-block:: bash

        salt-call lxc.get_container_profile centos
        salt-call lxc.get_container_profile ubuntu template=ubuntu backing=overlayfs
    ucontainer_profile(R�(RXR@RC((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRMIs%cK@std||�}|S(uy
    .. versionadded:: 2015.5.0

    Gather a pre-configured set of network configuration parameters. If no
    arguments are passed, the following default profile is returned:

    .. code-block:: python

        {'eth0': {'link': 'br0', 'type': 'veth', 'flags': 'up'}}

    Profiles can be defined in the minion or master config files, or in pillar
    or grains, and are loaded using :mod:`config.get
    <salt.modules.config.get>`. The key under which LXC profiles must be
    configured is ``lxc.network_profile``. An example network profile would be
    as follows:

    .. code-block:: yaml

        lxc.network_profile.centos:
          eth0:
            link: br0
            type: veth
            flags: up

    To disable networking entirely:

    .. code-block:: yaml

        lxc.network_profile.centos:
          eth0:
            disable: true

    Parameters set in a profile can be overridden by passing additional
    arguments to this function.

    A profile can be passed either as the name of the profile, or a
    dictionary of variable names and values. See the :ref:`LXC Tutorial
    <tutorial-lxc-profiles>` for more information on how to use network
    profiles.

    .. warning::

        The ``ipv4``, ``ipv6``, ``gateway``, and ``link`` (bridge) settings in
        network profiles will only work if the container doesn't redefine the
        network configuration (for example in
        ``/etc/sysconfig/network-scripts/ifcfg-<interface_name>`` on
        RHEL/CentOS, or ``/etc/network/interfaces`` on Debian/Ubuntu/etc.)

    CLI Example:

    .. code-block:: bash

        salt-call lxc.get_network_profile default
    unetwork_profile(R�(RXR@RC((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytget_network_profilers8cC@s�t|�}td�}||kr2dj|�St�}xQt|�|kr�tjd|d�}||kr>|jtj	|��q>q>Wdj
t|��S(u>
    Return a random subset of cpus for the cpuset config
    ustatus.nprocu0-{0}iiu,(tintRRR+tlentrandomtrandintR,Rt	text_typetjointsorted(tcputavailtto_settchoice((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
_rand_cpu_str�s

	c'K@s�|jdd!�}g}|jdi�}|d!kr?i}n|sNg}nt|�}|sii}n|r�t|tjtf�r�t|�}ni}t|kr�i|t<nt	j
|�}|jdd!�}|jdd!�}|r_xntj|�D]Z\}	}
|j
|	i�}ytjjj||
�}Wq�tk
rWtd��q�Xq�Wng|D]}|^qf}
|
g|D]}||kr�|^q�7}
|
j�t}x%|
D]}	|j|	i�}
|r�|j|	i�ni}|j|	i�}|jd|
jdt��}|r*q�n|jd|jd|
jd|
jdd	����}|jd
|
jd
d	��}|jd|
jdd	��}|jd|
jdd	��}|jd
|
jd
d	��}|jd|
jdd	��}tjjjdi|d6|d6|jd�d6dd6fditd6|	d6|	d6|	d6fdi|d6|d6|jd�d6dd6fdi|d6|d6|jd�d6t�d6fdi|d6|d6|jd�d6tjjj�d6fdi|d6|d6|jdd	�d6d!d6fdi|d6|d6|jdd	�d6d!d6fg�}xgt|j��D]S}||}|drr|dr�|d|d<q�|dr�|d|d<q�qrqrWxBtj|�D]1\}}|dr�|ji|d|6�q�q�Wxytj|
�D]h\}}|dkrE|rE|}n|j||�}|d"kriqn|ji|dj|�6�qW|s�|
jdd!�}n|d!k	r�|r�|ji|d6�t}q�q�W|d!k	r	|r	|ji|d6�t}nt|�}x�g|D]}|^qD]�}||} | jdd	�}!| jdd	�}"d#\}#}$||kr�||}%|%jdd	�}#|%jdd	�}$n|$r�|"r�|$}"n|"s�d}"n|"||d<|#r/|!r/|#||d<q/q/Wg}xQtj |�D]@}x7|D]/}&|jtjjj|&||&fg��q$WqWt!t"��t!d�kr�tg|D]}d|k^q�kr�tg|D]}d|k^q�kr�|jid d6�n|S($u<
    Network configuration defaults

        network_profile
            as for containers, we can either call this function
            either with a network_profile dict or network profile name
            in the kwargs
        nic_opts
            overrides or extra nics in the form {nic_name: {set: tings}

    unetwork_profileunic_optsugatewayubridgeuInvalid nic_opts configurationudisableumacuhwaddruutypeuflagsulinkuipv4uipv6ulxc.network.typeutestuvalueuolduvethudefaultulxc.network.nameulxc.network.flagsuupulxc.network.linkulxc.network.hwaddrulxc.network.ipv4ulxc.network.ipv6unameulxc.network.{0}ulxc.network.ipv4.gatewayu1.0.7uautoN(utypeuflagsunameugatewayumaculinkuipv4uipv6(uu(#RRt
_get_vethsRJRRLRKR�RQRFRGR R1R>R	R
RHRItAttributeErrorRR6RRRRSR=RURVR5tkeysRPRROt
itervaluesRR('tconf_tuplesR@tnictretRotoldtnicpRrRqtdevR�R~R'tifstgateway_settoptstold_iftdisableRyttype_tflagstlinktipv4tipv6tinfostinfotbundletdataR*tvaltnewtifaceR�tnmactntypetomactotypetodatatrow((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
_network_conf�s			

)

			









		!
	 


		

1%%c	K@sWtj|�}i}xHddgD]:}|j|d�}|dk	r"||dj|�<q"q"W|jd�}|dkr�t}n|dkr�|r�d|d<q�d|d<n|jd	�}|dk	r�|d
d
|d<n|jd�}|r||d
<n|jd�}|jd�}|r3||d<n|rS|rSt|�|d
<n|S(Nuutsnameurootfsulxc.{0}u	autostartukeepu1ulxc.start.autou0umemoryiu lxc.cgroup.memory.limit_in_bytesucpusetulxc.cgroup.cpuset.cpusucpushareucpuulxc.cgroup.cpu.shares(RFRGRRRROR�(	R@R�RR�R_tmemorytcpusettcpushareR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_get_lxc_default_datams4	




cK@s�t|�}|sg}ntj|�}g}|syt|�}x4tj|�D] \}}|ji||6�qRWntd||�}|j|�|S(u
    Return a list of dicts from the salt level configurations

    conf_tuples
        _LXCConfig compatible list of entries which can contain

            - string line
            - tuple (lxc config param,value)
            - dict of one entry: {lxc config param: value)

    only_net
        by default we add to the tuples a reflection of both
        the real config if avalaible and a certain amount of
        default values like the cpu parameters, the memory
        and etc.
        On the other hand, we also no matter the case reflect
        the network configuration computed from the actual config if
        available and given values.
        if no_default_loads is set, we will only
        reflect the network configuration back to the conf tuples
        list

    R�(	RNRFRGR�RR1RPR�textend(R�tonly_netR@R�tdefault_dataRR�t	net_datas((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_config_list�s	
cC@s�t|t�r$t|j��}ntjjj�}tjjj�}t}x)|D]!}|r�t|t�r�t|j��d}n}t|t	j
�r|j�}|jd�sU|r�qUqd|krt
g|jdd�D]}|j�^q��}qn|ddkr+tjjj�}n|ddkrXt}|||dj�<n|dj�||dj�<qUW|r�|r�||t<n|S(uj
    Parse the nic setup inside lxc conf tuples back to a dictionary indexed by
    network interface
    iu#u=iulxc.network.typeulxc.network.name(RJRKR5titemsR	R
RRRSRORRLR0RttupleR/RRQ(tnet_datatnicstcurrent_nictno_namestitemtsitemR'((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��s.
7"
t
_LXCConfigcB@sYeZdZejd�Zejd�Zd�Zd�Zd�Z	d�Z
d�ZRS(u 
    LXC configuration data
    u^(\S+)(\s*)(=)(\s*)(.*)u^((#.*)|(\s*))$c	@s3tj|�}|jdd��_t|jdd��}g�_�jrTtj	j
|�jd��_	tj	j�j	�r]tj
jj�j	���}x�tj
jj|j��D]�}�jj|j��}|r�jj|dd|ddf�n�jj|j��}|r��jjd|ddf�q�q�WWdQXq]n	d�_	�fd�}t|�}x*tj|�D]\}}	|||	�q�W�jd�}
td	|
|�}|r�x-|D]"}�jjt|j���q�Wnx0d
gD]%}
|j|
�s�j|
�qqWdS(Nunameupathuconfigii����uc@s0|r,�j|��jj||f�ndS(N(t_filter_dataR�RP(R*R�(tself(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_replace�s
ulxc.networkR�u lxc.cgroup.memory.limit_in_bytes(RFRGR RRXRRR�R3RR�tisfileR	R
tfilestfopentdecodet	readlinestpatterntfindallR0RPtnon_interpretable_patternR�RR1R�R�R�R5R�(R�R@RtfhrR:tmatchR�R�R*R�told_netR�R�R%((R�s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt__init__�s:		")	1	
#cC@s$d�|jD�}dj|�dS(Ncs@s1|]'}dj||dr"dnd�VqdS(u{0[0]}{1}{0[1]}iu = uN(R(t.0R�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>su
(R�R�(R�tchunks((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt	as_string
scC@sf|jrb|j�}tjjj|jd��-}|jtjjj|��|j	�WdQXndS(Nuw(
RR�R	R
R�R�twritetstringutilstto_strtflush(R�tcontenttfic((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�s
	cC@s-tj�}|j|j��|j�|S(N(ttempfiletNamedTemporaryFileR�R�R�(R�tntf((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�s
cC@s]g}g}xA|jD]6}|dj|�s?|j|�q|j|�qW||_|S(uQ
        Removes parameters which match the pattern from the config data
        i(R�RRP(R�R�tremovedtfilteredtparam((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�s	(t__name__t
__module__t__doc__tretcompileR�R�R�R�R�R�R�(((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��s	'				c
@s2ttj|jd����tj|��d��fd�}|d�}|d�}|d�}|jdd�}xdD]}|j|d�qW|r�t|�j}td|�}t	j
j|�}	tj
jj|tdd	��}
d
j||	|
�}t|d|�s�t|d|d
|d|d||�|r�t	j
jd||�}tt|d|�dddi|d6�q�n|S|r.dj|�}t|d|�s*t|d|d
|d|d||�|r*t	j
jd||�}tt|d|�dddi|d6�q*n|SdS(u�
    If the needed base does not exist, then create it, if it does exist
    create nothing and return the name of the base lxc container so
    it can be cloned.
    uprofilec@s8�j|t�}�j||�}|tkr4|S|S(N(R t_marker(R*RBtkw_overrides_matchR�(tkw_overridesRC(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytselect7s
utemplateuimageuvgnameupathu
cp.cache_fileu
config.getu	hash_typeu__base_{0}_{1}_{2}RttemplateR[R]u/devuconfigt
out_formatu	commentedu
lxc.rootfsu
__base_{0}uN(upathuimageuvgnameutemplate(RMRFRGRRR t	_urlparsetschemeRR3RtbasenameR	R
t	hashutilstget_hashRR4tcreateR�t	edit_confR�(
R@R�R�R[R]RR�tprototimg_tartimg_namethash_RXtrootfs((R�RCs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt	_get_base.sH

c<"@s(
i�d6id6}ttj����|sA�jd�}n|sPt}nigd6}|jd�}|d(kr�g}ndg}x*|D]"}||kr�|j|�q�q�Wtj|��d(��fd�}|d��t��} t�d��}!|d	�}"|"r|"n
t	d
d�}#|dt
�}$|d
|	�}	|dt
�}%|dt
�}&|d�}'t||�}(|dt
�})|d�}*|#r.|*r.y |#|d	<td�|�}*Wn:t
tfk
r}+|+j|d<|r||d<n|SX|jd�tk	r.t
|d<q.nt�d��},t}-t}.|,rUn�|*r�t
}.y.t�|*d�|�|jidd6�Wnmt
tfk
r�}+d|+jkr�|jidd6�q�t|d<|+j|d<|r�||d<n|SnXtd�d|d|d|d�d|d |	d!|d"|d#|�
}/t|/jd$d%�}0|/j�t|/jd$d%�}1|0|1krHt
}-qHn�t
}.td|d|d!|d�d|d|d |	d"|d#|�	}/|/j���}2y4t�d&|2jd�|�|jid'd6�Wnct
tfk
r}}+d|+jkrV|jidd6�q~|+j|d<|rv||d<n|SnXWd(QXtjj| �d)�}3g}0tjj|3�r�t|3d$d%�}0ntd*|0d+|d|d|d|d!|d"|d#|�}4|4r!t|3d$d%d,|4�nt|3d$d%�}1|0|1krHt
}-ntd�d|d|d|d�d|d |	d!|d"|d#|�
}/g}0tjj|/j�r�t|/jd$d%�}0n|/j�t|/jd$d%�}1|0|1kr|jid-d)6�t
}-n|-rhyt�d��Wqht
tfk
rd}+d.j|+�|d<|r`||d<n|SXn|,s�|,r�t�d��d/kr�yt �d��Wq�t
tfk
r�}+d.j|+�|d<|r�||d<n|SXn|.rt!�d0jt"�d�d1td2t�n|jdt
�r	|
r	d3}5|5d4d5j��g}6t#��fd6�|6D��s	xcd7gD]X}7|7|krwt$�d8j|7�d2td�d1t
d9t
�d:krw|j|7�qwqwWx�|D]�}y+t%�d;|gd�d<|
d=|�}8Wq�t
tfk
rl}+d>j|�|+j}9|dkr\|9|d<t|d<qmt&j'|9�q�Xq�W|jdt
�r	|jid?d@6�t$�dAj|5�d�d1t
d9t
�d:kr	dB|d<|dCd@cdD|ddE7<t|d<q	q	q	n|jdt
�r4
|
r4
dF}5|5dGdHj��g}6t#��fdI�|6D��s4
y t(�d�dJ|
dK|�Wn4t
tfk
r�	}+dL|+j|d<t|d<q1
X|jidMdN6�t$�dAj|5�d1t
d�d9t
�d:kr1
dO|d<|dCdNcdD|ddE7<t|d<q1
q4
n|.r_
t!�d0jt"�d�d2t�ndP}5|5dQg}6t#��fdR�|6D��s3|jdt
�r�
n�|%s�
|'r3|%r{yXt)�d&|(d�dS|)dT|dU|dV|&dW|dX|dY|dZ|d[|d\|�}:Wn4t
tfk
rF}+d]|+j|d<t|d<q0X|:sdd^|d<t|d<q0|jid_d`6�q3|'r3y*t	|'t*�d��da�|(�}:Wn<t
tfk
r�}+dbj|'|+j�|d<t|d<q0X|:sdcj|'�|d<t|d<q0|jiddj|'�d`6�q3n|jdt
�r�|$r�yt�d��Wq�t
tfk
r�}+d.j|+�|d<t|d<q�Xnt�d��};|!|;kr�|jii|!de6|;df6dg6�n|jdt
�r
dhj��|d<t
|d<n|r$
||d<n|S(iuO
    Initialize a new container.

    This is a partial idempotent function as if it is already provisioned, we
    will reset a bit the lxc configuration file but much of the hard work will
    be escaped as markers will prevent re-execution of harmful tasks.

    name
        Name of the container

    image
        A tar archive to use as the rootfs for the container. Conflicts with
        the ``template`` argument.

    cpus
        Select a random number of cpu cores and assign it to the cpuset, if the
        cpuset option is set then this option will be ignored

    cpuset
        Explicitly define the cpus this container will be bound to

    cpushare
        cgroups cpu shares

    autostart
        autostart container on reboot

    memory
        cgroups memory limit, in MB

        .. versionchanged:: 2015.5.0
            If no value is passed, no limit is set. In earlier Salt versions,
            not passing this value causes a 1024MB memory limit to be set, and
            it was necessary to pass ``memory=0`` to set no limit.

    gateway
        the ipv4 gateway to use
        the default does nothing more than lxcutils does

    bridge
        the bridge to use
        the default does nothing more than lxcutils does

    network_profile
        Network profile to use for the container

        .. versionadded:: 2015.5.0

    nic_opts
        Extra options for network interfaces, will override

        ``{"eth0": {"hwaddr": "aa:bb:cc:dd:ee:ff", "ipv4": "10.1.1.1", "ipv6": "2001:db8::ff00:42:8329"}}``

        or

        ``{"eth0": {"hwaddr": "aa:bb:cc:dd:ee:ff", "ipv4": "10.1.1.1/24", "ipv6": "2001:db8::ff00:42:8329"}}``

    users
        Users for which the password defined in the ``password`` param should
        be set. Can be passed as a comma separated list or a python list.
        Defaults to just the ``root`` user.

    password
        Set the initial password for the users defined in the ``users``
        parameter

    password_encrypted : False
        Set to ``True`` to denote a password hash instead of a plaintext
        password

        .. versionadded:: 2015.5.0

    profile
        A LXC profile (defined in config or pillar).
        This can be either a real profile mapping or a string
        to retrieve it in configuration

    start
        Start the newly-created container

    dnsservers
        list of dns servers to set in the container, default [] (no setting)

    seed
        Seed the container with the minion config. Default: ``True``

    install
        If salt-minion is not already installed, install it. Default: ``True``

    config
        Optional config parameters. By default, the id is set to
        the name of the container.

    master
        salt master (default to minion's master)

    master_port
        salt master port (default to minion's master port)

    pub_key
        Explicit public key to preseed the minion with (optional).
        This can be either a filepath or a string representing the key

    priv_key
        Explicit private key to preseed the minion with (optional).
        This can be either a filepath or a string representing the key

    approve_key
        If explicit preseeding is not used;
        Attempt to request key approval from the master. Default: ``True``

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    clone_from
        Original from which to use a clone operation to create the container.
        Default: ``None``

    bootstrap_delay
        Delay in seconds between end of container creation and bootstrapping.
        Useful when waiting for container to obtain a DHCP lease.

        .. versionadded:: 2015.5.0

    bootstrap_url
        See lxc.bootstrap

    bootstrap_shell
        See lxc.bootstrap

    bootstrap_args
        See lxc.bootstrap

    force_install
        Force installation even if salt-minion is detected,
        this is the way to run vendor bootstrap scripts even
        if a salt minion is already present in the container

    unconditional_install
        Run the script even if the container seems seeded

    CLI Example:

    .. code-block:: bash

        salt 'minion' lxc.init name [cpuset=cgroups_cpuset] \
                [cpushare=cgroups_cpushare] [memory=cgroups_memory] \
                [nic=nic_profile] [profile=lxc_profile] \
                [nic_opts=nic_opts] [start=(True|False)] \
                [seed=(True|False)] [install=(True|False)] \
                [config=minion_config] [approve_key=(True|False) \
                [clone_from=original] [autostart=True] \
                [priv_key=/path_or_content] [pub_key=/path_or_content] \
                [bridge=lxcbr0] [gateway=10.0.3.1] \
                [dnsservers[dns1,dns2]] \
                [users=[foo]] [password='secret'] \
                [password_encrypted=(True|False)]

    unameuchangesunetwork_profileuiniturootc@s8�j|t�}�j||�}|tkr4|S|S(N(R R�(R*RBR�R�(R�RC(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�9s
upathRuvgnameu
config.getu
lxc.vgnameustartu	autostartuseeduinstalluseed_cmduapprove_keyu
clone_fromRCucommentusnapshotuContainer cloneducreateualready existsuContainer already existsuresultRXRnRoRqRrR_R�R�R�R�u	commentedR?uContainer createdNuconfigR�R�t
lxc_configuContainer configuration updateduUnable to stop container: {0}urunningurm -f '{0}'tchroot_fallbacktpython_shellu/.lxc.initial_passu/lxc.initial_passu/.lxc.{0}.initial_passc
3@s?|]5}t�dj|�dtd�dt�dkVqdS(u
test -e "{0}"RRtignore_retcodeiN(tretcodeRRO(R�R!(RXR(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>�suubuntuuid {0}RiRlRbt	encryptedu{0}: Failed to set passworduPassword(s) updatedupasswordu"sh -c 'touch "{0}"; test -e "{0}"'uFailed to set password markeri����u. u.u/.lxc.initial_dnsu/lxc.initial_dnsu/lxc.{0}.initial_dnsc
3@s?|]5}t�dj|�dtd�dt�dkVqdS(u
test -e "{0}"RRRiN(R	RRO(R�R!(RXR(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>�sR`t
searchdomainsuFailed to set DNS: uDNS updatedudnsuFailed to set DNS markeru/.lxc.initial_seedu/lxc.initial_seedc
3@s?|]5}t�dj|�d�dtdt�dkVqdS(utest -e {0}RRRiN(R	RRO(R�R!(RXR(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>!stapprove_keyRgRhtinstallRtRstbootstrap_delayt
bootstrap_urltbootstrap_shelltbootstrap_argsuBootstrap failed: u5Bootstrap failed, see minion log for more informationu#Container successfully bootstrappedu	bootstrapurootfsu(Bootstrap via seed_cmd '{0}' failed: {1}uIBootstrap via seed_cmd '{0}' failed, see minion log for more information u8Container successfully bootstrapped using seed_cmd '{0}'uoldunewustateu(Container '{0}' successfully initialized(+RMRFRGRRQRRPRtstateRRORARRRtstrerrorRR4tcloneR�t	read_confRR�R�R�RXR3R�R�R�tstopRtstarttruntSEED_MARKERtanyR	tset_passwordRtdebugtset_dnst	bootstrapR�(<RXR?R�R�R�RCRnRoR�R_RbRcRlR`RRqRrRgRhRtRsRRRRR@R�tchanges_dicttchangestduserstuserR�tbpatht	state_prettvgR]tstart_tseedR
tseed_cmdtsalt_configRR�texct
does_existt	to_reboottremove_seed_markertcfgt
old_chunksR�tcfiletcpathtnew_cfgtgidtgidstdefault_usertcrettmsgtresultt
state_post((R�RXRRCs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytinites�

	
		










		
	
%



		


	
 
		
 
 





	%


cK@s1t|||�}|jd|�}t||�S(u8
    Thin wrapper to lxc.init to be used from the saltcloud lxc driver

    name
        Name of the container
        may be None and then guessed from saltcloud mapping
    `vm_`
        saltcloud mapping defaults for the vm

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.cloud_init foo
    uname(R�R R:(RXRDR@tinit_interface((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
cloud_initmscC@stdddt�}d|kr1td��ni}t}x�|j�D]�}y|j�\}}}}}	Wntk
r�qJnX|s�|dkrJt}qJqJn|j|g�}
|
ji|d6|d6|d6|	d	6�qJW|d
k	rt
||j|g�fg�S|S(u'
    .. versionadded:: 2015.5.0

    List the available images for LXC's ``download`` template.

    dist : None
        Filter results to a single Linux distribution

    CLI Examples:

    .. code-block:: bash

        salt myminion lxc.images
        salt myminion lxc.images dist=centos
    ucmd.run_stdoutu.lxc-create -n __imgcheck -t download -- --listRuDISTu>Unable to run the 'download' template script. Is it installed?ureleaseuarchuvariantu
build_timeN(RRORRR.R/t
ValueErrorR>RPRRKR(tdisttoutR�t
passed_headerR:tdistrotreleasetarchtvariantt
build_timet	dist_list((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytimages�s4	
		cC@sVytjd�}Wntk
r'gSXg|D]}|jd�r/|d^q/SdS(u�
    .. versionadded:: 2015.5.0

    List the available LXC template scripts installed on the minion

    CLI Examples:

    .. code-block:: bash

        salt myminion lxc.templates
    u/usr/share/lxc/templatesulxc-iN(R3tlistdirtOSErrorR(ttemplate_scriptsR!((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt	templates�s

cC@s%t�|ddkr�t|d|�r�|rlt||d|d|�}|rltjd|||�qlnt|d|�}itd6idd6|d6d	6St|d|�rd
}|r�|djt	j
|��7}n|dj|�7}td
|dt�nt
dj||d���dS(NuretcodeiRRouVNetwork changes from applying network profile '%s' to newly-created container '%s':
%suresultuoldunewustateulxc-destroyu -P {0}u -n {0}ucmd.retcodeRu2Container could not be created with cmd '{0}': {1}ustderr(R#R4tapply_network_profileRR�RRORRtpipestquoteRRR(tcmdR�RXRnRRotnetwork_changestc_state((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_after_ignition_network_profile�s."	
c
@sJd4}dj|�}ttj����tj|��d5��fd�}|d�}	t|d|	�r�tdj|���n|d	�}
|
r�|
n
td
d�}|d�}|d
�}
|r�|
r�td��n$t	||
�f�std��n|d�pi}|d�}|r7|r7d}n|d�}|d�}|d�}|dd�}|d�}|d6kr�d5}d5}n|d7kr�d5}}}n|
r�td|
�}t
jjt
jj
tj�dd d!�}||d"<n|	rB|d#jtj|	��7}t
jj|	�sBt
j|	�qBn|r^|d$j|�7}n|rz|d%j|�7}n|rw|j�}|d&j|�7}|d8kr�|r�|d'j|�7}q�n|d9kr-|r�|d(j|�7}n|r|d)j|�7}n|r-|d*j|�7}q-n|d:krw|rU|d+j|�7}n|rt|d,j|�7}qtqwn|r|d-kr�g|D]}||kr�|^q�}|r�td.jd/j|����q�n|d07}x6tj|�D]"\}}|d1j||�7}q�Wntd2|d3t�}t|||||	|�S(;u�
    Create a new container.

    name
        Name of the container

    config
        The config file to use for the container. Defaults to system-wide
        config (usually in /etc/lxc/lxc.conf).

    profile
        Profile to use in container creation (see
        :mod:`lxc.get_container_profile
        <salt.modules.lxc.get_container_profile>`). Values in a profile will be
        overridden by the **Container Creation Arguments** listed below.

    network_profile
        Network profile to use for container

        .. versionadded:: 2015.5.0

    **Container Creation Arguments**

    template
        The template to use. For example, ``ubuntu`` or ``fedora``.
        For a full list of available templates, check out
        the :mod:`lxc.templates <salt.modules.lxc.templates>` function.

        Conflicts with the ``image`` argument.

        .. note::

            The ``download`` template requires the following three parameters
            to be defined in ``options``:

            * **dist** - The name of the distribution
            * **release** - Release name/version
            * **arch** - Architecture of the container

            The available images can be listed using the :mod:`lxc.images
            <salt.modules.lxc.images>` function.

    options
        Template-specific options to pass to the lxc-create command. These
        correspond to the long options (ones beginning with two dashes) that
        the template script accepts. For example:

        .. code-block:: bash

            options='{"dist": "centos", "release": "6", "arch": "amd64"}'

        For available template options, refer to the lxc template scripts
        which are ususally located under ``/usr/share/lxc/templates``,
        or run ``lxc-create -t <template> -h``.

    image
        A tar archive to use as the rootfs for the container. Conflicts with
        the ``template`` argument.

    backing
        The type of storage to use. Set to ``lvm`` to use an LVM group.
        Defaults to filesystem within /var/lib/lxc.

    fstype
        Filesystem type to use on LVM logical volume

    size : 1G
        Size of the volume to create. Only applicable if ``backing=lvm``.

    vgname : lxc
        Name of the LVM volume group in which to create the volume for this
        container. Only applicable if ``backing=lvm``.

    lvname
        Name of the LVM logical volume in which to create the volume for this
        container. Only applicable if ``backing=lvm``.

    thinpool
        Name of a pool volume that will be used for thin-provisioning this
        container. Only applicable if ``backing=lvm``.

    nic_opts
        give extra opts overriding network profile values

    path
        parent path for the container creation (default: /var/lib/lxc)

    zfsroot
        Name of the ZFS root in which to create the volume for this container.
        Only applicable if ``backing=zfs``. (default: tank/lxc)

        .. versionadded:: 2015.8.0
    udistureleaseuarchulxc-create -n {0}c@s8�j|d�}�j||�}|dkr4|S|S(N(R R(R*RBR�R�(R�RC(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�Ys
upathRuContainer '{0}' already existsuvgnameu
config.getu
lxc.vgnameutemplateuimageu/Only one of 'template' and 'image' is permittedu>At least one of 'template', 'image', and 'profile' is requireduoptionsubackingulvmulvnameuthinpoolufstypeusizeu1Guzfsrootudiru	overlayfsubtrfsuzfsuaufsu
cp.cache_fileu	templatesulxcusalt_tarballuimgtaru -P {0}u -f {0}u -t {0}u -B {0}u --zfsroot {0}u
 --lvname {0}u
 --vgname {0}u --thinpool {0}u
 --fstype {0}u
 --fssize {0}udownloadu%Missing params in 'options' dict: {0}u, u --u
 --{0} {1}ucmd.run_allR(udistureleaseuarchN(udiru	overlayfsubtrfsuzfs(uaufsudiru	overlayfsubtrfs(uzfs(ulvm(udiru	overlayfs(RRMRFRGRR4RRRRR3RR�tdirnameR	t__file__RMRNtmakedirstlowerRR1RRR(RXR?RCRnRoR@tdownload_template_depsROR�RR%R]R�R[toptionsR\ReRfRdRitzfsrootRR!tmissing_depsR*R�R�((R�RCs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��s�d	
				


c
@s:ttj����tj|��d��fd�}|d�}t|d|�rotdj|���nt|d|�t|d|�dkr�tdj|���n|d�}|d�}	|dkr�t	}	n|	s�d
}	nd}	|dd
�}
|dkrd}
nt
t��t
d�krRd}|dj|	||�7}nd}|dj|	||�7}|r�|djtj
|��7}tjj|�s�tj|�q�n|r|j�}|dj|�7}|dkr|
r|dj|
�7}qqntd|dt	�}t||||||�S(u�
    Create a new container as a clone of another container

    name
        Name of the container

    orig
        Name of the original container to be cloned

    profile
        Profile to use in container cloning (see
        :mod:`lxc.get_container_profile
        <salt.modules.lxc.get_container_profile>`). Values in a profile will be
        overridden by the **Container Cloning Arguments** listed below.

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    **Container Cloning Arguments**

    snapshot
        Use Copy On Write snapshots (LVM)

    size : 1G
        Size of the volume to create. Only applicable if ``backing=lvm``.

    backing
        The type of storage to use. Set to ``lvm`` to use an LVM group.
        Defaults to filesystem within /var/lib/lxc.

    network_profile
        Network profile to use for container

        .. versionadded:: 2015.8.0

    nic_opts
        give extra opts overriding network profile values

        .. versionadded:: 2015.8.0


    CLI Examples:

    .. code-block:: bash

        salt '*' lxc.clone myclone orig=orig_container
        salt '*' lxc.clone myclone orig=orig_container snapshot=True
    c@s8�j|d�}�j||�}|dkr4|S|S(N(R R(R*RBR�R�(R�RC(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��s
upathRuContainer '{0}' already existsustoppedu,Container '{0}' must be stopped to be clonedubackingusnapshotudiruu-susizeu1Gu	overlayfsubtrfsu2.0ulxc-copyu {0} -n {1} -N {2}u	lxc-cloneu {0} -o {1} -n {2}u -P {0}u -B {0}u -L {0}ucmd.run_allRN(udir(udiru	overlayfsubtrfs(udiru	overlayfs(RMRFRGRR4RRt_ensure_existsRRRRRMRNR3RRURVRRR(
RXtorigRCRnRoR@R�RR\R^RiROR�((R�RCs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�sV9			cC@s�dj|�}|r"|d7}n|r<|tkr<t|Sg}d}|rm|djtj|��7}n|r�|d7}ntd|dt�}x'|j�D]}|j|j��q�W|t|<|SdS(	u�
    Return a list of the containers available on the minion

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    active
        If ``True``, return only active (i.e. running) containers

        .. versionadded:: 2015.5.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.ls
        salt '*' lxc.ls active=True
    u	lxc.ls{0}u.activeulxc-lsu -P {0}u	 --activeucmd.run_stdoutRN(	RRRMRNRRR.R�R/(tactivetcacheRt
contextvarR�ROR9R:((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytls_=s 


cC@std|�}|r*i}i}i}ng}g}g}i|d6|d6|d6}x�|D]�}d}	|r�|	djtj|��7}	n|	dj|�7}	td|	d	td
d�}
d}xG|
j�D]9}|jd�}
|
d
dkr�|
dj	�}Pq�q�W|s^|dk	r9|j
�|kr9q^n|rgt|d|�}d}i||6}nd}|}|dkr�t||�|�q^n|dkr�t||�|�q^n|dkr^t||�|�q^q^q^W|dk	r|j
||ring�S|S(u�
    List containers classified by state

    extra
        Also get per-container specific info. This will change the return data.
        Instead of returning a list of containers, a dictionary of containers
        and each container's output from :mod:`lxc.info
        <salt.modules.lxc.info>`.

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    limit
        Return output matching a specific state (**frozen**, **running**, or
        **stopped**).

        .. versionadded:: 2015.5.0

    CLI Examples:

    .. code-block:: bash

        salt '*' lxc.list
        salt '*' lxc.list extra=True
        salt '*' lxc.list limit=running
    Rurunningustoppedufrozenulxc-infou -P {0}u -n {0}ucmd.runRtoutput_logleveludebugu:iuStateustateiuupdateuappenduSTOPPEDuFROZENuRUNNINGN(uStateustate(R`RRMRNRRRR.R/R0RVR�tgetattrR(textratlimitRtctnrststoppedtfrozentrunningR�t	containerROtc_infoRQR:tstatR�tmethodtvalue((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytlist_fs\	


	%
c	C@smt|d|�}	|	|krQitd6i|d6|d6d6dj||�d6S|dkr�d	}
|r�|
d
jtj|��7}
n|
dj|�7}
td|
d
t�n|r�d|kr�|d
jtj|��7}n|dj|�7}itd6td6|d6|d6|d6|d6}xJg|D]}|^q0D]/}
||
}|tkr@|j|
d�q@q@Wtd||�}|ddkr�t
dj|||d���n|dk	r(d}|r�|d
jtj|��7}n|dj||j��7}td|d
tdd�nt�t|d|�}i||kd6i|	d6|d6d6}|S(NRuresultuoldunewustateuContainer '{0}' already {1}ucommentulxc-destroyulxc-stopu -P {0}u
 -k -n {0}ucmd.runRu -P u -n {0}upython_shelluredirect_stderruwith_communicateuuse_vtustdinustdoutucmd.run_alluretcodeiuAError changing state for container '{0}' using command '{1}': {2}ulxc-waitu -n {0} -s {1}ttimeouti(
RRORRMRNRRR�R RRtupperR#(RORXtexpectedtstdintstdouttstderrtwith_communicatetuse_vtRtpretscmdtpkwargsR'R�R�t_cmdouttrcmdtpostR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
_change_state�sT	




 
cC@s.t|d|�s*tdj|���ndS(u<
    Raise an exception if the container does not exist
    RuContainer '{0}' does not existN(R4RR(RXR((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR[�scC@s�t|d|�t|d|�}|dkr>t|d|�S|dkrx|rhtdj|���nt|d|�S|dkr�|r�tdj|���nt|d|�SdS(u
    If the container is not currently running, start it. This function returns
    the state that the container was in before changing

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0
    RurunningustoppeduContainer '{0}' is not runningufrozenN(R[RRRRtunfreeze(RXtno_startRRw((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_ensure_running	scC@s�t|d|�t|d|�}|dkrGt|d|d|�nt|d|d|�}||dd<|dkr�t|d<n|S(u�
    .. versionadded:: 2015.5.0

    Restart the named container. If the container was not running, the
    container will merely be started.

    name
        The name of the container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    lxc_config
        path to a lxc config file
        config file will be guessed from container name otherwise

        .. versionadded:: 2015.8.0

    force : False
        If ``True``, the container will be force-stopped instead of gracefully
        shut down

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.restart name
    RustoppedtkillRustateuoldu	restarted(R[RRRRO(RXRRtforcet
orig_stateR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytrestart'	s 
cK@s*|jdd�}t|�}|jdd�}d}|sWtjj||d�}ntjj|�r�|djtj	|��7}n|d7}t
|d|�t|d|�dkr�td	j|���n|jd
d�}|jdt
�}t||dd
dddddd|d|d|�S(u�
    Start the named container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    lxc_config
        path to a lxc config file
        config file will be guessed from container name otherwise

        .. versionadded:: 2015.8.0

    use_vt
        run the command through VT

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.start name
    upathu
lxc_configu	lxc-startuconfigu -f {0}u -dRufrozenu+Container '{0}' is frozen, use lxc.unfreezeuuse_vtuwith_communicateurunningRsRtRrRuRvN(RRRR3RR�R4RRMRNR[RRRR}(RXR@RR1RRORvRu((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRR	s,
c	C@s�t|d|�t|d|�}|dkrH|rHt|d|�nd}|ra|d7}nt||dd|d|�}||dd<|S(	ua
    Stop the named container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    kill: False
        Do not wait for the container to stop, kill all tasks in the container.
        Older LXC versions will stop containers like this irrespective of this
        argument.

        .. versionchanged:: 2015.5.0
            Default value changed to ``False``

    use_vt
        run the command through VT

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.stop name
    Rufrozenulxc-stopu -kustoppedRvustateuold(R[RR~R}(RXR�RRvR�ROR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�	s
cK@s)|jdd�}|jdd�}t|d|�t|d|�}|jdt�}|dkr�|s�tdj|���nt|d|�nd}|r�|djtj	|��7}nt
||d	d
|d|�}|dkr|r||dd<t|d
<nt|d|�|dd<|S(u�
    Freeze the named container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    start : False
        If ``True`` and the container is stopped, the container will be started
        before attempting to freeze.

        .. versionadded:: 2015.5.0

    use_vt
        run the command through VT

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.freeze name
    uuse_vtupathRustartustoppeduContainer '{0}' is stoppedu
lxc-freezeu -P {0}ufrozenRvustateuoldustartedunewN(RRR[RRRRRRMRNR}RO(RXR@RvRR�R&ROR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytfreeze�	s&
cC@s�t|d|�t|d|�dkr@tdj|���nd}|rk|djtj|��7}nt||dd|d|�S(uN
    Unfreeze the named container.

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    use_vt
        run the command through VT

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.unfreeze name
    RustoppeduContainer '{0}' is stoppedulxc-unfreezeu -P {0}urunningRv(R[RRRRMRNR}(RXRRvRO((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR~�	scC@s]t|d|�|rGt|d|�dkrGtdj|���ntd|dd|�S(u

    Destroy the named container.

    .. warning::

        Destroys all data associated with the container.

    path
        path to the container parent directory (default: /var/lib/lxc)

        .. versionadded:: 2015.8.0

    stop : False
        If ``True``, the container will be destroyed even if it is
        running/frozen.

        .. versionchanged:: 2015.5.0
            Default value changed to ``False``. This more closely matches the
            behavior of ``lxc-destroy(1)``, and also makes it less likely that
            an accidental command will destroy a running container that was
            being used for important things.

    CLI Examples:

    .. code-block:: bash

        salt '*' lxc.destroy foo
        salt '*' lxc.destroy foo stop=True
    RustoppeduContainer '{0}' is not stoppedulxc-destroyN(R[RRRR}R(RXRR((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytdestroy
s
uremovecC@s=|td|�k}|s9|tdtd|�k}n|S(u�
    Returns whether the named container exists.

    path
        path to the container parent directory (default: /var/lib/lxc)

        .. versionadded:: 2015.8.0


    CLI Example:

    .. code-block:: bash

        salt '*' lxc.exists name
    RR^(R`R(RXRt_exists((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR4/
sc	C@sLdj||�}yt|SWn#tk
rCt|d|�sMdt|<qDd}|rx|djtj|��7}n|dj|�7}td|dt�}|dd	kr�t	�t
d
j|���n|dj�}d}xM|D]E}|jd�}|d	j
�d
kr�|dj�j
�}Pq�q�W|t|<nXt|S(u�
    Returns the state of a container.

    path
        path to the container parent directory (default: /var/lib/lxc)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.state name
    ulxc.state.{0}{1}Rulxc-infou -P {0}u -n {0}ucmd.run_allRuretcodeiu&Unable to get state of container '{0}'ustdoutu:ustateiN(RRRWR4RRMRNRRR#RR.R/RVR0(	RXRtcachekeyROR�tc_infosRQRjRk((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRH
s0


cC@s�t|d|�d}|r;|djtj|��7}n|dj||�7}td|dt�}|ddkr�td	j|���n|d
j�S(u:
    Returns the value of a cgroup parameter for a container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.get_parameter container_name memory.limit_in_bytes
    Ru
lxc-cgroupu -P {0}u -n {0} {1}ucmd.run_allRuretcodeiu"Unable to retrieve value for '{0}'ustdout(R[RRMRNRRRR0(RXt	parameterRROR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
get_parameteru
scC@s�t|d|�sd	Sd}|rA|djtj|��7}n|dj|||�7}td|dt�}|ddkr�tStSd	S(
u'
    Set the value of a cgroup parameter for a container.

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.set_parameter name parameter value
    Ru
lxc-cgroupu -P {0}u -n {0} {1} {2}ucmd.run_allRuretcodeiN(R4RRRMRNRRRO(RXR�RmRROR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
set_parameter�
sc	C@sJdj||�}yt|SWn!tk
rAt|d|�t|�}ytjj||d�}Wn2tk
r�tjj|t	j
|�d�}nXtjj|�s�tdj|���ni}g}t
jjj|���}x�|D]�}t
jjj|�}g|jdd�dj�jdd�D]}	|	j�^q4}
t|
�d	kr�|jt|
��q�q�WWd
QXg}d
}xt|D]l\}
}|
dkr�i|d6}|j|�q�|s�q�q�|
jd
�r�|||
jd
dd�<q�q�W|r||d<ntd�|D�d
�|d<t|d|�|d<g|d<g|d<g|d<g|d<g|d<g|d<g|d<g|d<g|d<d
|d<||d<|ddkr�ytt|d��}Wn ttt fk
rd}nXytt|d��}Wn ttt fk
r<d}nX||}||d <||d!<t!|d"d|d#t"�}|j#�d$j�d|d<t$|d%d|d#t"�}|d&dkr|d'}t$|d(d|d#t"�}|d)|d'7}t
jj%j&|�}n]t$|d*d|d#t"�}|d&dkrUt
jj%j'|d'�}nt(j)d+|�i}t
jj%j*d,t+d-|�|d<t
jj%j,d,t+d-|�|d<|d|d|d<x�|dD]�}|d.kr|dj|�|dj|�q�t
jj-j.|�rA|dj|�|dj|�q�|dj|�|dj|�q�Wxw|dD]h}|d/ks�|jd0�r�|dj|�|dj|�qr|dj|�|dj|�qrWnxPg|D]'}	|	dks|	j/d�r�|	^q�D]}
||
j0d1t1�qW|t|<nXt|S(2u�
    Returns information about a container

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.info name
    ulxc.info.{0}{1}Ruconfigu"LXC config file {0} does not existu#iiu=iNulxc.network.typeutypeulxc.network.uunicscs@s)|]}|ddkr|dVqdS(iu
lxc.rootfsiN((R�R!((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>�
surootfsustateuipsu
public_ipsuprivate_ipsupublic_ipv4_ipsupublic_ipv6_ipsuprivate_ipv4_ipsuprivate_ipv6_ipsuipv4_ipsuipv6_ipsusizeurunningumemory.limit_in_bytesumemory.usage_in_bytesumemory_limitumemory_freeudf /Ri����uip link showuretcodeustdoutuip addr showu
uifconfigu.Unable to run ip or ifconfig in container '%s'tinclude_loopbacktinterface_datau	127.0.0.1u::1ufe80R*(2RRRWR[RR3RR�R�RR�R�RR	R
R�R�R�t
to_unicodeR/R0R�RPR�RRtreplacetnextRR�R�t	TypeErrorR=t
run_stdoutRR.trun_allRUt_interfaces_ipt_interfaces_ifconfigRtwarningtip_addrsROt	ip_addrs6tcloudtis_public_iptendswithR6R&(RXRR�R1t	conf_fileR�R?tfp_R:R!tcompstifacestcurrentR*R�RdtusagetfreeRitip_cmdtip_datataddress((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��
s�

%
> 
 






















;c	C@sd�}t|t�sIy|jd�}WqItk
rE|�qIXn|sY|�ng}x{|D]s}t|dj|r�dnd�ddj||f�dtd	|d
tdd�}|d
krf|j	|�qfqfW|rt
djdj|����ntS(u

    .. versionchanged:: 2015.5.0
        Function renamed from ``set_pass`` to ``set_password``. Additionally,
        this function now supports (and defaults to using) a password hash
        instead of a plaintext password.

    Set the password of one or more system users inside containers


    users
        Comma-separated list (or python list) of users to change password

    password
        Password to set for the specified user(s)

    encrypted : True
        If true, ``password`` must be a password hash. Set to ``False`` to set
        a plaintext password (not recommended).

        .. versionadded:: 2015.5.0

    path
        path to the container parent directory
        default: /var/lib/lxc (system)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.set_pass container-name root '$6$uJ2uAyLU$KoI67t8As/0fXtJOPcHKGXmUpcoYUcVR2K6x93walnShTCQvjRwq25yIkiCBOqgbfdKQSFnAo28/ek6716vEV1'
        salt '*' lxc.set_pass container-name root foo encrypted=False

    cS@std��dS(Nu#Invalid input for 'users' parameter(R(((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_bad_user_inputfsu,uchpasswd{0}u -euRru:RRRRauquietiu5Password change failed for the following user(s): {0}u, (RJR5R/R�R	RR�RRORPR(	RXRlRbR
RR�tfailed_usersR"R8((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRBs0$	


	uset_passc@s�t|d|�t|�}tjj||d�}tjj|�s^tdj|���nigd6gd6gd6�i�d6td6d	d
6}t	j
jj|d���}g}xN|D]F}	|	s�q�nx1|	D])}
|j
|
j�|	|
j�f�q�Wq�Wd|d
<g}t	j
jj|j��}x�|j�D]�}
|
jd
�s`|
j�rv|j
|
d	g�q>|
jd�}
|
jd�}|j�dj|
�j�f}||kr>|j
|�q>q>Wx|D]�\}}t}x�t|�D]�\}}
|
d|kr�t}||f||<dj|
d�j�|j�kr��dj
i|
d|
d6i||6f�Pq�q�q�W|s�||f|kr�|j
||f�n�dj
i||6�q�q�Wg}|rJxi|D]X}
xO|D]G}|
dj|�r.|
|kr.|j
|
�q��dj
|�q�Wq�Wn|}d	}
xR|D]J\}}|s�|
dj|�7}
q]|
dj|j�|j��7}
q]W|
|k}tjj�jd�}|rrt	j
jjdj||�d��#}|jt	j
jj|
��WdQXt	j
jj|d��#}|jt	j
jj|
��WdQXd|d
<t|d<nWdQXt�fd��D��s�i|d<n|S(uz
    Edit LXC configuration options

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.update_lxc_conf ubuntu \
                lxc_conf="[{'network.ipv4.ip':'10.0.3.5'}]" \
                lxc_conf_unset="['lxc.utsname']"

    Ruconfigu%Configuration file {0} does not existuediteduaddeduremoveduchangesuresultuucommenturulxc.conf is up to dateu#u=iiu{0}
u
{0} = {1}
u%Y-%m-%d_%H-%M-%Su{0}.{1}uwNuUpdatedc3@s|]}�|VqdS(N((R�R!(R (s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>�s(R[RR3RR�R4RRROR	R
R�R�RPR0R�R�treadR.RR/R RRTtdatetimetnowtstrftimeR�R�R(RXtlxc_conftlxc_conf_unsetRR1t
lxc_conf_pR�R�tfiltered_lxc_confR�tconftlinestorig_configR:tindexR�R*R�tmatchedR%t
dest_lxc_conftopttconf_changedtchronotwfic((R s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytupdate_lxc_conf�s�


!%
#

&'""

cC@sL|d"krddg}nEt|t�s`y|jd�}Wq`tk
r\td��q`Xn|d"krug}nEt|t�s�y|jd�}Wq�tk
r�td��q�Xng|D]}dj|�^q�}|jg|D]}dj|�^q��dj|�d}t	d	�}d
j|�}djddd
dddd|ddddd|ddg�}t
|dj|�d|d|dt�}	|	ddkr�t
|dj|�d|dt�}	nt
|dj|�d|dt�|	ddkrHdj|�}
|	d r9|
d!j|	d �7}
nt|
��ntS(#u�
    .. versionchanged:: 2015.5.0
        The ``dnsservers`` and ``searchdomains`` parameters can now be passed
        as a comma-separated list.

    Update /etc/resolv.confo

    path

        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.set_dns ubuntu "['8.8.8.8', '4.4.4.4']"

    u8.8.8.8u4.4.4.4u,u(Invalid input for 'dnsservers' parameteru+Invalid input for 'searchdomains' parameterunameserver {0}u
search {0}u
utest.random_hashu/sbin/{0}_dns.shu#!/usr/bin/env bashuif [ -h /etc/resolv.conf ];thenuO if [ "x$(readlink /etc/resolv.conf)" = "x../run/resolvconf/resolv.conf" ];thenu#  if [ ! -d /run/resolvconf/ ];thenu   mkdir -p /run/resolvconfu  fiu0  cat > /etc/resolvconf/resolv.conf.d/head <<EOFuEOFuu fiufiucat > /etc/resolv.conf <<EOFutee {0}RRrRuretcodeiush -c "chmod +x {0};{0}"u+sh -c 'if [ -f "{0}" ];then rm -f "{0}";fi'u6Unable to write to /etc/resolv.conf in container '{0}'ustderru: {0}N(
RRJR5R/R�RRR�R�RR�ROR(RXR`RRR!tdnstrstrRjt
DNS_SCRIPTR8terror((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�sn
	
")

	
c

C@ssdj||�}tj|d�}|dks7|rotd�}dj|�}tjd�}t|dj|�d|d|dt�}|d	d
kr�t|dj|�d|dt�}nt	dj|���t|d
j|�d|dtdt�|d	d
krFdj|�}	|drF|	dj|d�7}	qFn|d	dkro|d	t|<}qon|S(u�
    Determine if systemD is running

    path
        path to the container parent

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.running_systemd ubuntu

    ulxc.systemd.test.{0}{1}utest.random_hashu/sbin/{0}_testsystemd.shu)            #!/usr/bin/env bash
            set -x
            if ! command -v systemctl 1>/dev/null 2>/dev/null;then exit 2;fi
            for i in \
                /run/systemd/journal/dev-log\
                /run/systemd/journal/flushed\
                /run/systemd/journal/kernel-seqnum\
                /run/systemd/journal/socket\
                /run/systemd/journal/stdout\
                /var/run/systemd/journal/dev-log\
                /var/run/systemd/journal/flushed\
                /var/run/systemd/journal/kernel-seqnum\
                /var/run/systemd/journal/socket\
                /var/run/systemd/journal/stdout\
            ;do\
                if test -e ${i};then exit 0;fi
            done
            if test -d /var/systemd/system;then exit 0;fi
            exit 2
            utee {0}RRrRuretcodeiush -c "chmod +x {0};{0}"u#lxc {0} failed to copy initd testeru+sh -c 'if [ -f "{0}" ];then rm -f "{0}";fi'RuTUnable to determine if the container '{0}' was running systemd, assmuming it is not.ustderru: {0}iN(ii(
RRRRRttextwraptdedentR�ROR(
RXR^RRR�R�Rjt_scriptR8R�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytrunning_systemdNs>
			
cC@sAy#t|dd|dt�d}Wntk
r<d}nX|S(u'
    Get the operational state of a systemd based container

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.systemd_running_state ubuntu

    usystemctl is-system-runningRRustdoutu(R�ROR(RXRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytsystemd_running_state�s

cC@s:t|d|�}|dkr"tS|dkr2dStSdS(u
    Test if a systemd container is fully started

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0


    CLI Example:


    .. code-block:: bash

        salt myminion lxc.test_sd_started_state ubuntu

    RuinitializingustartinguN(uinitializingustarting(R�RRRO(RXRtqstate((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyttest_sd_started_state�scC@sJy)t|dd|dt�ddk}Wntfk
rEd}nX|S(ui
    Test if a non systemd container is fully started
    For now, it consists only to test if the container is attachable

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.test_bare_started_state ubuntu

    ulsRRuretcodeiN(R�RORR(RXRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyttest_bare_started_state�s
i,c	C@s2t|d|�s*tdj|���nt|d|�dksZtdj|���nt}t|d|�r�t}tj}nt	}tj
}tj�}||}tj�}||d|�}x<tj�|kr|rtjd�||d|�}q�W|dkr(|d|�t}n|}|S(u�
    Check that the system has fully inited

    This is actually very important for systemD based containers

    see https://github.com/saltstack/salt/issues/23847

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion lxc.wait_started ubuntu

    RuContainer {0} does does existsurunninguContainer {0} is not runningg333333�?uTAssuming %s is started, although we failed to detect that is fully started correctlyN(R4RRRRR�R�RR�R�RttimetsleepRRO(	RXRRoR�ttest_startedtloggerR�texpiretstarted((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytwait_started�s4	

	cC@skd}t|dd|dt�}|rat|dd|�}d|krQd}qgt|d�nd}|S(	Niuwhich salt-minionRRups auxusalt-minioniu*salt-call --local service.stop salt-minion(R	ROR�(RXRR�t
has_miniont	processes((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_needs_install"
s		c

C@s�t|d|	�|
d0k	rdy$tjd||
�tj|
�Wqdtk
r`tjd�qdXnt|d|	�}
|
s�d0S|r�d|kr�|d7}q�nd}|s�d}nt|d|	�}|s�|S|s�t|d|	�}nt	}t
|djt�d|	d	t	d
t	�dk}t
j�}|rF|rFt	}nIt}td|d
|d|d|d|d|�}|s�|s�|rn|retd�}dj|�}dj|�}t||d|	dt�ddkr�tjd||�tStdd|�}dj|�}t|||d|	�t|dj|�d|	dt	�}t||dtjj|d�d|	�t||dtjj|d�d|	�t||d tjj|d!�d|	�|j|�}d"j||jd#d$�|�}tjd%||�t
||d&d'd|	d(t	�dk}t|d)j|�d|	d
t	dt	�qt}n�tjj|d�}|d*}t||dd+d|	�t||dtjj|d�d|	�t||d tjj|d!�d|	�t|d,d|	dt�t	}tj|�|d-krEt|d|	�n|d.krdt|d|	�n|r�t|d/jt�d|	dt�n|S(1u
    Install and configure salt in a container.

    config
        Minion configuration options. By default, the ``master`` option is set
        to the target host's master.

    approve_key
        Request a pre-approval of the generated minion key. Requires
        that the salt-master be configured to either auto-accept all keys or
        expect a signing request from the target host. Default: ``True``

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    pub_key
        Explicit public key to pressed the minion with (optional).
        This can be either a filepath or a string representing the key

    priv_key
        Explicit private key to pressed the minion with (optional).
        This can be either a filepath or a string representing the key

    bootstrap_delay
        Delay in seconds between end of container creation and bootstrapping.
        Useful when waiting for container to obtain a DHCP lease.

        .. versionadded:: 2015.5.0

    bootstrap_url
        url, content or filepath to the salt bootstrap script

    bootstrap_args
        salt bootstrap script arguments

    bootstrap_shell
        shell to execute the script into

    install
        Whether to attempt a full installation of salt-minion if needed.

    force_install
        Force installation even if salt-minion is detected,
        this is the way to run vendor bootstrap scripts even
        if a salt minion is already present in the container

    unconditional_install
        Run the script even if the container seems seeded

    CLI Examples:

    .. code-block:: bash

        salt 'minion' lxc.bootstrap container_name [config=config_data] \
                [approve_key=(True|False)] [install=(True|False)]

    RuLXC %s: bootstrap_delay: %siu{0}u -c {0}u-c {0}ushu
test -e '{0}'RRiu
seed.mkconfigttmptid_RRgRhutest.random_hashu/var/tmp/.c_{0}uinstall -m 0700 -d {0}Ruretcodeutmpdir %s creation failed %suconfig.gather_bootstrap_scriptRu/sbin/{0}_bootstrap.shush -c "chmod +x {0}"uconfiguminionuprivkeyu
minion.pemupubkeyu
minion.pubu{0} {2} {1}u'u''u Running %s in LXC container '%s'RauinfoRvu+sh -c 'if [ -f "{0}" ];then rm -f "{0}";fi'upki_diru/etc/salt/minionu,salt-call --local service.enable salt-minionustoppedufrozenutouch '{0}'N( R�RRR�R�R�R�R�R�ROR	RRR�tmkdtempRRR�R�tcopy_toR3RR�R�R	R?t
minion_configRtshutiltrmtreeRR�(RXR?RR
RgRhRRtRsRRRRRjR�t
needs_installtseededR�R�t	cfg_filesR�t	configdirROtbs_RjR8R�tpki_dir((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR7
s�I
	
	


		


		
	


cC@s�dj||�}yt|SWn�tk
r�t|d|�tjd|�d}|ry|djtj|��7}n|dj|�7}td|dt	d	d
dt
�dk}|t|<nXt|S(
u9
    Return True if the named container can be attached to via the lxc-attach
    command

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt 'minion' lxc.attachable ubuntu
    ulxc.attachable{0}{1}Ru*Checking if LXC container %s is attachableu
lxc-attachu -P {0}u# --clear-env -n {0} -- /usr/bin/envucmd.retcodeRRauquietRi(RRRWR[RRRMRNRRRO(RXRR�ROR8((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
attachables 

udebuguhttp_proxy,https_proxy,no_proxyc
C@s�t|d|	�}
z�y�t|d|	�r�td||d|	dtdtd|d|d|d|d	|d
|
d|d|�}nr|s�td
j|���nt|d|	�jd�}tdt	d<td||d|d|d	|d
|
�}Wnt
k
r�nXWdt|d|	�}|r�|
dkrS|dkrSt|d|	�q�|
dkr�|dkr�t|dt
d|	�q�nX|dkr�|S||SdS(u�
    Common logic for lxc.run functions

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    Rucontainer_resource.runtcontainer_typetexec_driverR9RRrRRaRRvtkeep_envu{0} is not attachable.urootfsucmd.runucmd.run_chroot.funcucmd.run_chrootNustoppedufrozenRuall(Nuall(RR�RR
tEXEC_DRIVERRRR�RRt	ExceptionRR�ROR(RXROR9Rtpreserve_stateRrRRaRvRRRR�R�R�Rt	new_state((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_run'sP


cC@sOt||d|ddd|d|d|d|d|d|d	|	d
|
d|�S(
u�
    .. versionadded:: 2015.8.0

    Run :mod:`cmd.run <salt.modules.cmdmod.run>` within a container

    .. warning::

        Many shell builtins do not work, failing with stderr similar to the
        following:

        .. code-block:: bash

            lxc_container: No such file or directory - failed to exec 'command'

        The same error will be displayed in stderr if the command being run
        does not exist. If no output is returned using this function, try using
        :mod:`lxc.run_stderr <salt.modules.lxc.run_stderr>` or
        :mod:`lxc.run_all <salt.modules.lxc.run_all>`.

    name
        Name of the container in which to run the command

    cmd
        Command to run

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    no_start : False
        If the container is not running, don't start it

    preserve_state : True
        After running the command, return the container to its previous state

    stdin : None
        Standard input to be used for the command

    output_loglevel : debug
        Level at which to log the output from the command. Set to ``quiet`` to
        suppress logging.

    use_vt : False
        Use SaltStack's utils.vt to stream output to console. Assumes
        ``output=all``.

    chroot_fallback
        if the container is not running, try to run the command using chroot
        default: false

    keep_env : http_proxy,https_proxy,no_proxy
        A list of env vars to preserve. May be passed as commma-delimited list.


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.run mycontainer 'ifconfig -a'
    RR9RR�RrRRaRvRRR�N(R�R(RXRORR�RrRRaRvRRRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRnsJcC@sOt||d|ddd|d|d|d|d|d	|d
|	d|
d|�S(
u�
    .. versionadded:: 2015.5.0

    Run :mod:`cmd.run_stdout <salt.modules.cmdmod.run_stdout>` within a container

    .. warning::

        Many shell builtins do not work, failing with stderr similar to the
        following:

        .. code-block:: bash

            lxc_container: No such file or directory - failed to exec 'command'

        The same error will be displayed in stderr if the command being run
        does not exist. If no output is returned using this function, try using
        :mod:`lxc.run_stderr <salt.modules.lxc.run_stderr>` or
        :mod:`lxc.run_all <salt.modules.lxc.run_all>`.

    name
        Name of the container in which to run the command

    cmd
        Command to run

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    no_start : False
        If the container is not running, don't start it

    preserve_state : True
        After running the command, return the container to its previous state

    stdin : None
        Standard input to be used for the command

    output_loglevel : debug
        Level at which to log the output from the command. Set to ``quiet`` to
        suppress logging.

    use_vt : False
        Use SaltStack's utils.vt to stream output to console
        ``output=all``.

    keep_env : http_proxy,https_proxy,no_proxy
        A list of env vars to preserve. May be passed as commma-delimited list.

    chroot_fallback
        if the container is not running, try to run the command using chroot
        default: false


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.run_stdout mycontainer 'ifconfig -a'
    RR9ustdoutRR�RrRRaRvRRR�(R�(RXRORR�RrRRaRvRRRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��sJcC@sOt||d|ddd|d|d|d|d|d	|d
|	d|
d|�S(
u�
    .. versionadded:: 2015.5.0

    Run :mod:`cmd.run_stderr <salt.modules.cmdmod.run_stderr>` within a container

    .. warning::

        Many shell builtins do not work, failing with stderr similar to the
        following:

        .. code-block:: bash

            lxc_container: No such file or directory - failed to exec 'command'

        The same error will be displayed if the command being run does not
        exist.

    name
        Name of the container in which to run the command

    cmd
        Command to run

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    no_start : False
        If the container is not running, don't start it

    preserve_state : True
        After running the command, return the container to its previous state

    stdin : None
        Standard input to be used for the command

    output_loglevel : debug
        Level at which to log the output from the command. Set to ``quiet`` to
        suppress logging.

    use_vt : False
        Use SaltStack's utils.vt to stream output to console
        ``output=all``.

    keep_env : http_proxy,https_proxy,no_proxy
        A list of env vars to preserve. May be passed as commma-delimited list.

    chroot_fallback
        if the container is not running, try to run the command using chroot
        default: false


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.run_stderr mycontainer 'ip addr show'
    RR9ustderrRR�RrRRaRvRRR�(R�(RXRORR�RrRRaRvRRRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
run_stderr sHcC@sOt||ddd|d|d|d|d|d|d	|d
|	d|
d|�S(
u�
    .. versionadded:: 2015.5.0

    Run :mod:`cmd.retcode <salt.modules.cmdmod.retcode>` within a container

    .. warning::

        Many shell builtins do not work, failing with stderr similar to the
        following:

        .. code-block:: bash

            lxc_container: No such file or directory - failed to exec 'command'

        The same error will be displayed in stderr if the command being run
        does not exist. If the retcode is nonzero and not what was expected,
        try using :mod:`lxc.run_stderr <salt.modules.lxc.run_stderr>`
        or :mod:`lxc.run_all <salt.modules.lxc.run_all>`.

    name
        Name of the container in which to run the command

    cmd
        Command to run

    no_start : False
        If the container is not running, don't start it

    preserve_state : True
        After running the command, return the container to its previous state

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    stdin : None
        Standard input to be used for the command

    output_loglevel : debug
        Level at which to log the output from the command. Set to ``quiet`` to
        suppress logging.

    use_vt : False
        Use SaltStack's utils.vt to stream output to console
        ``output=all``.

    keep_env : http_proxy,https_proxy,no_proxy
        A list of env vars to preserve. May be passed as commma-delimited list.

    chroot_fallback
        if the container is not running, try to run the command using chroot
        default: false


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.retcode mycontainer 'ip addr show'
    R9uretcodeRRR�RrRRaRvRRR�(R�(RXRORR�RrRRaRvRRRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR	wsJcC@sOt||ddd|d|d|d|d|d|d	|d
|	d|
d|�S(
u�
    .. versionadded:: 2015.5.0

    Run :mod:`cmd.run_all <salt.modules.cmdmod.run_all>` within a container

    .. note::

        While the command is run within the container, it is initiated from the
        host. Therefore, the PID in the return dict is from the host, not from
        the container.

    .. warning::

        Many shell builtins do not work, failing with stderr similar to the
        following:

        .. code-block:: bash

            lxc_container: No such file or directory - failed to exec 'command'

        The same error will be displayed in stderr if the command being run
        does not exist.

    name
        Name of the container in which to run the command

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    cmd
        Command to run

    no_start : False
        If the container is not running, don't start it

    preserve_state : True
        After running the command, return the container to its previous state

    stdin : None
        Standard input to be used for the command

    output_loglevel : debug
        Level at which to log the output from the command. Set to ``quiet`` to
        suppress logging.

    use_vt : False
        Use SaltStack's utils.vt to stream output to console
        ``output=all``.

    keep_env : http_proxy,https_proxy,no_proxy
        A list of env vars to preserve. May be passed as commma-delimited list.

    chroot_fallback
        if the container is not running, try to run the command using chroot
        default: false


    CLI Example:

    .. code-block:: bash

        salt myminion lxc.run_all mycontainer 'ip addr show'
    R9uallRR�RrRRaRvRRRR�(R�(RXRORR�RrRRaRvRRRR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��sNcC@sOt|dj|�dtdt�}y|j�dSWntk
rJdSXdS(u9
    Get the MD5 checksum of a file from a container
    umd5sum "{0}"RRiN(R�RROR/t
IndexErrorR(RXRR9((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt_get_md5-s	
cC@sHt|dtd|�td|||dtd|dtd|d|�S(u�
    .. versionchanged:: 2015.8.0
        Function renamed from ``lxc.cp`` to ``lxc.copy_to`` for consistency
        with other container types. ``lxc.cp`` will continue to work, however.
        For versions 2015.2.x and earlier, use ``lxc.cp``.

    Copy a file or directory from the host into a container

    name
        Container name

    source
        File to be copied to the container

    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    dest
        Destination on the container. Must be an absolute path.

        .. versionchanged:: 2015.5.0
            If the destination is a directory, the file will be copied into
            that directory.

    overwrite : False
        Unless this option is set to ``True``, then if a file exists at the
        location specified by the ``dest`` argument, an error will be raised.

        .. versionadded:: 2015.8.0

    makedirs : False

        Create the parent directory on the container if it does not already
        exist.

        .. versionadded:: 2015.5.0

    CLI Example:

    .. code-block:: bash

        salt 'minion' lxc.copy_to /tmp/foo /root/foo
        salt 'minion' lxc.cp /tmp/foo /root/foo
    RRucontainer_resource.copy_toR�R�t	overwriteRU(R�RORR
R�(RXtsourcetdestR�RUR((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR�;s0ucpusimplec

C@shg}i}tjjj|d��.}x$tjjj|j��D]}d|krh|j|�qCn|jd�}dj	|d�j
�}d}|j
�jd�r|j
�jd�}	|	dj
�}dj	|	d�j
�}|jii|d6|d6|dj
�6�qC|ji||dj
�6�|||dj
�<qCWWdQX|d	krd|S|S(
u
    Read in an LXC configuration file. By default returns a simple, unsorted
    dict, but can also return a more detailed structure including blank lines
    and comments.

    out_format:
        set to 'simple' if you need the old and unsupported behavior.
        This won't support the multiple lxc values (eg: multiple network nics)

    CLI Examples:

    .. code-block:: bash

        salt 'minion' lxc.read_conf /etc/lxc/mycontainer.conf
        salt 'minion' lxc.read_conf /etc/lxc/mycontainer.conf out_format=commented
    uru=iu#uvalueucommentiNusimple(
R	R
R�R�R�R�R�RPR/R�R0RR(
R�R�t
ret_commentedt
ret_simpleR�R:R�Rmtcommenttvcomps((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRzs,"
cC@s�t|t�std��nd}x8|D]0}t|tjtjf�rY||7}q+t|t�r+x�t|j��D]�}d
}t||tjtjtj	t
f�r�dj|dj||�f�}nct||t�r7dj|||df�}d||kr7dj|||df�}q7n|r{||7}|d7}q{q{Wq+q+Wt
jjj|d	��#}|jt
jjj|��Wd
QXiS(u
    Write out an LXC configuration file

    This is normally only used internally. The format of the data structure
    must match that which is returned from ``lxc.read_conf()``, with
    ``out_format`` set to ``commented``.

    An example might look like:

    .. code-block:: python

        [
            {'lxc.utsname': '$CONTAINER_NAME'},
            '# This is a commented line\n',
            '\n',
            {'lxc.mount': '$CONTAINER_FSTAB'},
            {'lxc.rootfs': {'comment': 'This is another test',
                            'value': 'This is another test'}},
            '\n',
            {'lxc.network.type': 'veth'},
            {'lxc.network.flags': 'up'},
            {'lxc.network.link': 'br0'},
            {'lxc.network.mac': '$CONTAINER_MACADDR'},
            {'lxc.network.ipv4': '$CONTAINER_IPADDR'},
            {'lxc.network.name': '$CONTAINER_DEVICENAME'},
        ]

    CLI Example:

    .. code-block:: bash

        salt 'minion' lxc.write_conf /etc/lxc/mycontainer.conf \
            out_format=commented
    u&Configuration must be passed as a listuu = u{0}uvalueucommentu # u
uwN(RJR5RRR�RLRKR�Rt
integer_typestfloatR�RR	R
R�R�R�R�R�(R�R�R�R:R*tout_lineR�((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt
write_conf�s.#

%#
"cK@s-g}yt|d|�}Wntk
r5g}nX|sEg}ntj|�}g}x�||gD]�}i}	xfg|D]}
|
^q~D]K}|jd�r�q�n|jd�r�|||	|<|j|d�q�q�W|	rh|j|	�qhqhWtj	j
j�}x�|D]�}
|
jdt
�}|j|tj	j
j��}xG|
D]?}|jdd�}idd6j||�}|
|||<qMWqWg}|r�t|dtit
d	6|d
6�}|r�|j|�q�nx�|D]�}t|t�s|j|�q�q�x�t|j��D]�}||}|rI|jd�rIqnt}xXtt|��D]D}||}||krbt}|ji|||6�||=qbqbW|s|ji||6�qqWq�Wx7|D]/}x&|D]}|ji|||6�q�Wq�W|r|St||�t||�S(u�
    Edit an LXC configuration file. If a setting is already present inside the
    file, its value will be replaced. If it does not exist, it will be appended
    to the end of the file. Comments and blank lines will be kept in-tact if
    they already exist in the file.

    out_format:
        Set to simple if you need backward compatibility (multiple items for a
        simple key is not supported)
    read_only:
        return only the edited configuration without applying it
        to the underlying lxc configuration file
    lxc_config:
        List of dict containning lxc configuration items
        For network configuration, you also need to add the device it belongs
        to, otherwise it will default to eth0.
        Also, any change to a network parameter will result in the whole
        network reconfiguration to avoid mismatchs, be aware of that !

    After the file is edited, its contents will be returned. By default, it
    will be returned in ``simple`` format, meaning an unordered dict (which
    may not represent the actual file order). Passing in an ``out_format`` of
    ``commented`` will return a data structure which accurately represents the
    order and content of the file.

    CLI Example:

    .. code-block:: bash

        salt 'minion' lxc.edit_conf /etc/lxc/mycontainer.conf \
            out_format=commented lxc.network.type=veth
        salt 'minion' lxc.edit_conf /etc/lxc/mycontainer.conf \
            out_format=commented \
            lxc_config="[{'lxc.network.name': 'eth0', \
                          'lxc.network.ipv4': '1.2.3.4'},
                         {'lxc.network.name': 'eth2', \
                          'lxc.network.ipv4': '1.2.3.5',\
                          'lxc.network.gateway': '1.2.3.1'}]"
    R�u__ulxc.network.ulxc.network.nameuumacuhwaddrR�unetwork_profileunic_optsN(RR�RFRGRR RRPR	R
RRRSRRQR>R�R�ROR�RJRKR5R�RRR�R�(R�R�t	read_onlyRR@R�R�t
net_configtlxc_kwst
net_paramsR'tkwargRotparamsR�tdev_optsR�R�tnet_changesR:R*R�tfoundR{tkw((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��st,

	 









 
cC@s&itd6id6dj|�d6}t|d|�}|r�t|d|�dkr�yt|d|�Wq�ttfk
r�}dj|�|d<t|d<|SXn|rt|d|�dkryt|d|�Wqttfk
r}dj|�|d<t|d<|SXnd|d|<|S(	u�
    Reboot a container.


    path
        path to the container parent
        default: /var/lib/lxc (system default)

        .. versionadded:: 2015.8.0

    CLI Examples:

    .. code-block:: bash

        salt 'minion' lxc.reboot myvm

    uresultuchangesu{0} rebooteducommentRurunninguUnable to stop container: {0}urebooted(	RORR4RRRRRR(RXRR�R+R*((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytrebootWs(


c
@s~i}t|
�}tjj||d�}
i|d6dj|�d6td6|d6}ttj����tj|��d��fd�}|dk	r�|r�t
}n|
dk	r�|d|
�}
nd	}
|s�|d
|�}ntjj|
�rzt|
dd�}t
jjjd
|fd
|fd|
fd|fd|	fd|fd|fd|fd|fd|fg
�}|r�||d<nt
jjj�}x6tj|�D]%\}}|dk	r�|||<q�q�Wtd||�}|rt|
ddd|�nt|
dd�}||krzdj|�|d<t|d|
�dkrwt|d|
�}|d|d<qwqzn|S(u�
    Reconfigure a container.

    This only applies to a few property

    name
        Name of the container.
    utsname
        utsname of the container.

        .. versionadded:: 2016.3.0

    rootfs
        rootfs of the container.

        .. versionadded:: 2016.3.0

    cpu
        Select a random number of cpu cores and assign it to the cpuset, if the
        cpuset option is set then this option will be ignored
    cpuset
        Explicitly define the cpus this container will be bound to
    cpushare
        cgroups cpu shares.
    autostart
        autostart container on reboot
    memory
        cgroups memory limit, in MB.
        (0 for nolimit, None for old default 1024MB)
    gateway
        the ipv4 gateway to use
        the default does nothing more than lxcutils does
    bridge
        the bridge to use
        the default does nothing more than lxcutils does
    nic
        Network interfaces profile (defined in config or pillar).

    nic_opts
        Extra options for network interfaces, will override

        ``{"eth0": {"mac": "aa:bb:cc:dd:ee:ff", "ipv4": "10.1.1.1", "ipv6": "2001:db8::ff00:42:8329"}}``

        or

        ``{"eth0": {"mac": "aa:bb:cc:dd:ee:ff", "ipv4": "10.1.1.1/24", "ipv6": "2001:db8::ff00:42:8329"}}``

    path
        path to the container parent

        .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt-call -lall mc_lxc_fork.reconfigure foobar nic_opts="{'eth1': {'mac': '00:16:3e:dd:ee:44'}}" memory=4

    uconfigunameuconfig for {0} up to dateucommenturesultuchangesc@s8�j|t�}�j||�}|tkr4|S|S(N(R R�(R*RBR�R�(R�RC(s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyR��s
u	autostartukeepuutsnameR�u	commentedurootfsucpuugatewayucpusetucpushareunetwork_profileunic_optsubridgeumemoryR�Ru{0} lxc config updatedRurunningN(RR3RR�RRORMRFRGRRQR4RR	R
RRRSRR1R�R�RR(RXR�R�R�R�RCRnRoRqRrR_tutsnameRRR@R R1R�R�R/tmake_kwR�R*R�R2R�R6((R�RCs4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytreconfigures\J

										
c	C@sdt|�}tjj||d�}g}tjjj|d��%}x|D]}|j|�qLWWdQXt	d|d|�}	|	j
d�}
i}x0td|
d|d	|�D]}|j|�q�W|r�t
|d
d|�ng}
tjjj|d��%}x|D]}|
j|�q
WWdQXd}x0tj||
d
ddd�D]}||7}qLW|S(u�
    .. versionadded:: 2015.5.0

    Apply a network profile to a container

    network_profile
        profile name or default values (dict)

    nic_opts
        values to override in defaults (dict)
        indexed by nic card names

    path
        path to the container parent

        .. versionadded:: 2015.8.0

    CLI Examples:

    .. code-block:: bash

        salt 'minion' lxc.apply_network_profile web1 centos
        salt 'minion' lxc.apply_network_profile web1 centos \
                nic_opts="{'eth0': {'mac': 'xx:xx:xx:xx:xx:xx'}}"
        salt 'minion' lxc.apply_network_profile web1 \
                "{'eth0': {'mac': 'xx:xx:xx:xx:xx:yy'}}"
                nic_opts="{'eth0': {'mac': 'xx:xx:xx:xx:xx:xx'}}"

    The special case to disable use of ethernet nics:

    .. code-block:: bash

        salt 'minion' lxc.apply_network_profile web1 centos \
                "{eth0: {disable: true}}"
    uconfigurNRXRulxc.networkR�RnRoR�u	commentedutfromfileubeforettofileuafter(RR3RR�R	R
R�R�RPR�R�R�RIR�tdifflibtunified_diff(RXRnRoRR1tcfgpathtbeforeR�R:t	lxcconfigR�tnetwork_paramsR�taftertdiff((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyRLs4$
	

cC@s�|tddd|�kr3tdj|���ntddj|��jd�}g|D]7}tjd|�dk	r\|jd	�d
j�^q\d}|S(
u�
    Returns a container pid.
    Throw an exception if the container isn't running.

    CLI Example:

    .. code-block:: bash

        salt '*' lxc.get_pid name
    RdurunningRu1Container {0} is not running, can't determine PIDucmd.runulxc-info -n {0}u
u\s*PIDu:iiN(	RnRRRR/R�R�RR0(RXRR�R:tpid((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytget_pidIs
"Hc	C@svt|d|�}xJtr^ddjd�td�D��}|td�j�krPqqWtdd�s~td	��ntd
dj|��s�tdj|���ntdd
�s�tdd
�ntddj|��rtddj|��ntddj|�dj|��dtddjd|d|��k}|rutdjd|d|���ntddjd|��dkr�tdj|���ntddj|��dkr�tdj|���ndtddjd|d|d |��k}|s;td!jd|d|���ntddj|��|d#k	rrtd"||�nd#S($u�
    Add a veth to a container.
    Note : this function doesn't update the container config, just add the interface at runtime

    name
        Name of the container

    interface_name
        Name of the interface in the container

    bridge
        Name of the bridge to attach the interface to (facultative)

    CLI Examples:

    .. code-block:: bash

        salt '*' lxc.add_veth container_name eth1 br1
        salt '*' lxc.add_veth container_name eth1
    Ruvethucs@s(|]}tjtjtj�VqdS(N(R�R�tstringtascii_uppercasetdigits(R�t_((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pys	<genexpr>vsiunetwork.interfacesufile.directory_existsu	/var/run/u;Directory /var/run required for lxc.add_veth doesn't existsufile.file_existsu/proc/{0}/ns/netu<Proc file for container {0} network namespace doesn't existsu/var/run/netnsu
file.mkdirufile.is_linku/var/run/netns/{0}ufile.removeufile.symlinkiucmd.retcodeu1ip netns exec {netns} ip address list {interface}tnetnst	interfaceu3Interface {interface} already exists in {container}Riu4ip link add name {veth} type veth peer name {veth}_ctvethu&Error while creating the veth pair {0}uip link set dev {0} upu*Error while bringing up host-side veth {0}u@ip link set dev {veth}_c netns {container} name {interface_name}tinterface_nameu>Error while attaching the veth {veth} to container {container}ubridge.addifN(	RROR�RRR�RRR(RXRRqRRtrandom_vethtinterface_existstattached((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pytadd_veth[sH	##"(�R�t
__future__RRRR�RFRR�RtloggingR�R3RMR�R�R�R�tsalt.utils.argsR	tsalt.utils.cloudtsalt.utils.datatsalt.utils.dictupdatetsalt.utils.filestsalt.utils.functoolstsalt.utils.hashutilstsalt.utils.networktsalt.utils.odicttsalt.utils.pathtsalt.utils.stringutilstsalt.exceptionsRRtsalt.configtsalt.utils.versionsRRtsalt.extRtsalt.ext.six.movesRtsalt.ext.six.moves.urllib.parseRR�t	getLoggerR�Rt__func_alias__R
RQR-RR�RtobjectR�RRRR#R&R<R=RARR�R�RMR�R�R�R�RR�R�R�RROR:R<RGRKRRR�RR`RnR}R[R�R�RRR�R~R�R
t	functoolstalias_functiontremoveR4RR�R�R�Rtset_passR�RR�R�R�R�R�R�RR�R�RR�R�R	R�R�R�tcpRR�R�RRRLRR(((s4/usr/lib/python2.7/site-packages/salt/modules/lxc.pyt<module>	s�
								4		�9	)<	�	&'	"R	8��3		&�v)[8
+	6,	1 '-�Bg`M3�'=PPNPR	<,	An)wF

Zerion Mini Shell 1.0