qm subpackage - qm_mount_bind_tty7

/dev/tty7 is typically the virtual terminal associated with the graphical user interface (GUI) on Linux systems. It is where the X server or the Wayland display server usually runs, handling the graphical display, input, and windowing environment. When you start a graphical session (such as GNOME, KDE, etc.), it usually runs on this virtual console. This patch mount bind /dev/tty7 to QM container and also to the nested containers. Just run: make qm_dropin_mount_bind_tty7 Signed-off-by: Douglas Schilling Landgraf <[email protected]>
containers · Oct 3, 2024 · 71df311 · 71df311
1 parent 4d9e753
commit 71df311
Show file tree

Hide file tree

Showing 5 changed files with 84 additions and 14 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,7 +1,8 @@
 /*.tar.gz
+rpmbuild/
 tmp
 qm.pp.bz2
 *~
 qm_file_contexts
 *.8
-tests/e2e/ContainerFile.template
+tests/e2e/ContainerFile.template
diff --git a/Makefile b/Makefile
@@ -14,11 +14,11 @@ VERSION ?= $(shell cat VERSION)
 .PHONY: help
 help:
 	@echo "Available targets:"
-	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}'
+	@grep -E '^[a-zA-Z0-9_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}'
 	@grep -E '^##@ .*$$' $(MAKEFILE_LIST) | sed 's/##@/\n\033[1;32m/' | sed 's/$$/\033[0m/'
 
 .PHONY: file_contexts
-file_contexts: qm.fc ##  - Generates the qm_file_contexts
+file_contexts: qm.fc ##             - Generates the qm_file_contexts
 	sed \
 	-e "s|${QMDIR}/rootfs||" \
 	 -e "s/gen_context(//g" \
@@ -28,7 +28,7 @@ file_contexts: qm.fc ##  - Generates the qm_file_contexts
 all: selinux file_contexts  man
 
 .PHONY: selinux
-selinux: qm.pp ##  - Compresses the QM SELinux policy file (qm.pp)
+selinux: qm.pp ##             - Compresses the QM SELinux policy file (qm.pp)
 	@echo Compressing $^ -\> $@
 	bzip2 -f -9 $^
 
@@ -41,47 +41,53 @@ selinux: qm.pp ##  - Compresses the QM SELinux policy file (qm.pp)
 	cp tmp/qm.pp .; rm -rf tmp
 
 .PHONY: codespell
-codespell: ##  - Runs codespell to check for spelling errors
+codespell: ##             - Runs codespell to check for spelling errors
 	@codespell -S tmp,.git -L te -w
 
-clean: ##  - Removes generated files and dirs
+clean: ##             - Removes generated files and dirs
 	rm -f *~  *.tc *.pp *.pp.bz2
 	rm -rf tmp *.tar.gz ${RPM_TOPDIR}
 
-man: qm.8.md ##  - Generates the QM man page
+man: qm.8.md ##             - Generates the QM man page
 	go-md2man --in qm.8.md --out qm.8
 
 .PHONY: dist
-dist: ##  - Creates the QM distribution package
+dist: ##             - Creates the QM distribution package
 	tar cvz --transform s/qm/qm-${VERSION}/ -f /tmp/v${VERSION}.tar.gz ../qm
 	mv /tmp/v${VERSION}.tar.gz ./rpm
 
 .PHONY: rpm
-rpm: clean dist ##  - Creates a local RPM package, useful for development
+rpm: clean dist ##             - Creates a local RPM package, useful for development
 	mkdir -p ${RPM_TOPDIR}/{RPMS,SRPMS,BUILD,SOURCES}
 	cp ./rpm/v${VERSION}.tar.gz ${RPM_TOPDIR}/SOURCES
 	rpmbuild -ba \
 		--define="enable_qm_dropin_img_tempdir 0" \
+		--define="enable_qm_mount_bind_tty7 0" \
 		--define="_topdir ${RPM_TOPDIR}" \
 		--define="version ${VERSION}" \
 		${SPECFILE}
 
 # ostree target is a helper for everything required for ostree
 .PHONY: ostree
-ostree: qm_dropin_img_tempdir ##  - A helper for creating QM packages for ostree based distros
+ostree: qm_dropin_img_tempdir ##             - A helper for creating QM packages for ostree based distros
 
 .PHONY: qm_dropin_img_tempdir
-qm_dropin_img_tempdir: ## - Creates a QM RPM sub-package qm_dropin_img_tempdir
+qm_dropin_img_tempdir: ##            - Creates a QM RPM sub-package qm_dropin_img_tempdir
 	sed -i 's/%define enable_qm_dropin_img_tempdir 0/%define enable_qm_dropin_img_tempdir 1/' ${SPECFILE}
 	sed -i 's/^Version:.*/Version: ${VERSION}/' ${SPECFILE}
 	make VERSION=${VERSION} rpm
 
+.PHONY: qm_dropin_mount_bind_tty7
+qm_dropin_mount_bind_tty7: ##        - Creates a QM RPM sub-package to mount bind /dev/tty7 in the nested containers
+	sed -i 's/%define enable_qm_mount_bind_tty7 0/%define enable_qm_mount_bind_tty7 1/' ${SPECFILE}
+	sed -i 's/^Version:.*/Version: ${VERSION}/' ${SPECFILE}
+	make VERSION=${VERSION} rpm
 
-install-policy: all ##  - Install selinux policies only
+install-policy: all ##             - Install selinux policies only
 	semodule -i ${TARGETS}.pp.bz2
 	sepolicy manpage --path . --domain ${TARGETS}_t
 
-install: man all ##  - Install QM files (including selinux)
+install: man all ##             - Install QM files (including selinux)
 	install -D -pm 644 ${TARGETS}.pp.bz2 ${DESTDIR}${DATADIR}/selinux/packages/qm.pp.bz2
 	install -D -pm 644 qm.if ${DESTDIR}${DATADIR}/selinux/devel/include/services/qm.if
 	install -D -pm 644 qm_selinux.8 ${DESTDIR}${DATADIR}/man/man8/qm_selinux.8

diff --git a/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf b/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
@@ -0,0 +1,12 @@
+# Drop-in configuration for Podman to mount bind /dev/tty7 from host to container
+#
+# /dev/tty7 is typically the virtual terminal associated
+# with the graphical user interface (GUI) on Linux systems.
+# It is where the X server or the Wayland display server usually runs,
+# handling the graphical display, input, and windowing environment.
+# When you start a graphical session (such as GNOME, KDE, etc.),
+# it usually runs on this virtual console.
+[containers]
+devices = [
+	"/dev/tty7:/dev/tty7"
+]
diff --git a/rpm/.gitignore b/rpm/.gitignore
@@ -0,0 +1 @@
+v*.tar.gz
diff --git a/rpm/qm.spec b/rpm/qm.spec
@@ -2,8 +2,25 @@
 
 # Define the feature flag: 1 to enable, 0 to disable
 # By default it's disabled: 0
+
+###########################################
+# subpackage QM - img_tempdir             #
+###########################################
+# use img temp dir as /var/tmp
 %define enable_qm_dropin_img_tempdir 0
 
+###########################################
+# subpackage QM - mount bind /dev/tty7    #
+###########################################
+# mount bind /dev/tty7 from host to nested containers as /dev/tty7:rw
+# Please note: /dev/tty7 is typically the virtual terminal associated
+# with the graphical user interface (GUI) on Linux systems.
+# It is where the X server or the Wayland display server usually runs,
+# handling the graphical display, input, and windowing environment.
+# When you start a graphical session (such as GNOME, KDE, etc.),
+# it usually runs on this virtual console.
+%define enable_qm_mount_bind_tty7 0
+
 # Some bits borrowed from the openstack-selinux package
 %global selinuxtype targeted
 %global moduletype services
@@ -94,12 +111,27 @@ sed -i 's/^install: man all/install:/' Makefile
 
 %install
 # Create the directory for drop-in configurations
+install -d %{buildroot}%{_sysconfdir}/containers/containers.conf.d
 install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d
 
+# START - qm dropin sub-package - img tempdir
 %if %{enable_qm_dropin_img_tempdir}
     install -m 644 %{_builddir}/qm-%{version}/etc/qm/containers/containers.conf.d/qm_dropin_img_tempdir.conf \
         %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_img_tempdir.conf
 %endif
+# END - qm dropin sub-package - img tempdir
+
+# START - qm dropin sub-package - mount bind /dev/tty7
+%if %{enable_qm_mount_bind_tty7}
+    # first step - add drop-in file in /etc/containers/containers.d.conf/qm_dropin_mount_bind_tty.conf
+    # to QM container mount bind /dev/tty7
+    install -m 644 %{_builddir}/qm-%{version}/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf %{buildroot}%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
+
+    # second step - add drop-in file in /etc/qm/containers/containers.d.conf/qm_dropin/mount_bind_tty.conf
+    # to nested containers in QM env mount bind it in /dev/tty7
+    install -m 644 %{_builddir}/qm-%{version}/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
+%endif
+# END - qm dropin sub-package - mount bind /dev/tty7
 
 # install policy modules
 %_format MODULES $x.pp.bz2
@@ -157,9 +189,10 @@ fi
 %ghost %dir %{_installscriptdir}/rootfs
 %ghost %{_installscriptdir}/rootfs/*
 
+# sub-package QM Img TempDir
 %if %{enable_qm_dropin_img_tempdir}
 %package -n qm-dropin-img-tempdir
-Summary: Drop-in configuration for QM containers
+Summary: Drop-in configuration for QM nested containers to img tempdir
 Requires: %{name} = %{version}-%{release}
 BuildArch: noarch
 
@@ -172,6 +205,23 @@ additional drop-in configurations.
 %{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_img_tempdir.conf
 %endif
 
+# sub-package QM Mount Bind /dev/tty7
+%if %{enable_qm_mount_bind_tty7}
+%package -n qm_mount_bind_tty7
+Summary: Drop-in configuration for QM containers to mount bind /dev/tty7
+Requires: %{name} = %{version}-%{release}
+BuildArch: noarch
+
+%description -n qm_mount_bind_tty7
+This sub-package installs a drop-in configurations for the QM.
+It creates the `/etc/qm/containers/containers.conf.d/` directory for adding
+additional drop-in configurations.
+
+%files -n qm_mount_bind_tty7
+%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
+%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_tty7.conf
+%endif
+
 %changelog
 %if %{defined autochangelog}
 %autochangelog