Mini Shell
#!/usr/bin/bash
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
# Note: Also called from Debian
# Arguments:
# RPM
# $1 == 1 - install package
# $1 == 2 - upgrade package
# DEB
# $1 == configure - RPM post/posttrans
# "lve-utils POST INSTALL STARTED"
_sbindir=$2 # %{_sbindir}
rhel=$3 # 0%{?rhel}
solo_marker=$4 # %{solo_marker}
container_marker=$5 # %{container_marker}
cl_venv_path=$6 # %{cl_venv_path}
rm -f /etc/cl_plus/.cron_enabled
is_setup=0
if `/usr/bin/cldetect --cl-setup`; then
is_setup=1
fi
# We should skip lvectl calls on kernel without lve for cldeploy case
if [[ $is_setup != 1 && -f /proc/lve/list ]]; then
"${_sbindir}"/lvectl start
"${_sbindir}"/lvectl --apply all
fi
if [[ $rhel -lt 7 ]]; then
UPDATES='/etc/sysconfig/lve_updates'
if [ -f $UPDATES ]; then
. "$UPDATES"
else
LVE_NAMESPACES='0'
fi
if [ "$LVE_NAMESPACES" != '2' ]; then
# Start number of lvectl service has been changed to 65, so we should unregister lvectl service
/sbin/chkconfig --del lvectl > /dev/null 2>&1
sed -i -e '/LVE_NAMESPACES/d' "$UPDATES" > /dev/null 2>&1
echo 'LVE_NAMESPACES="2"' >> "$UPDATES"
fi
# Register services
/sbin/chkconfig --add lvectl
/sbin/chkconfig --add lve_namespaces
else
# TODO: do we really need these?
if [[ ! -f $solo_marker && ! -f $container_marker ]]; then
# CL 7, 8
systemctl enable lve_namespaces.service >/dev/null 2>&1
systemctl enable lvectl.service >/dev/null 2>&1
fi
fi
if [[ ! -f $solo_marker && ! -f $container_marker ]]; then
# ISPManager5 do not uses packages for users
if [[ "ISPManager" == "$(/usr/bin/cldetect --detect-cp-nameonly)" ]]; then
/usr/bin/isppackagesreducer
fi
/usr/bin/migration_ve1_to_v2.py
# set clsupergid group and add polkitd user to it
/usr/bin/clsupergid_process
fi
if [[ $rhel -gt 6 ]]; then
systemctl restart polkit
fi
/usr/bin/flock -n /var/run/cl_detect_for_users.cronlock /usr/bin/cldetect --detect-edition >| /opt/cloudlinux/cl_edition
# Set user.max_user_namespaces=0 in order to prevent user from creating user namespaces in isolated environment
if [[ ( "$1" == "1" && "$rhel" -ge 7 ) || "$1" == "install" ]]; then
"$cl_venv_path"/bin/cl_sysctl set --parameter user.max_user_namespaces --value 0
max_user_namespaces_available_flag=/opt/cloudlinux/flags/available-flags.d/sysctl-user-max-user-namespace-0.flag
echo 'description: "Max user namespaces limited by 0"' > $max_user_namespaces_available_flag
touch /opt/cloudlinux/flags/enabled-flags.d/sysctl-user-max-user-namespace-0.flag
fi
# "lve-utils POST INSTALL FINISHED"
Zerion Mini Shell 1.0