Debian Bug report logs - #657678
RFP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.

Package: wnpp; Maintainer for wnpp is wnpp@debian.org;

Reported by: Bekir Dogan <bekirdo@gmail.com>

Date: Fri, 27 Jan 2012 22:21:01 UTC

Severity: wishlist

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org, wnpp@debian.org:
Bug#657678; Package wnpp. (Fri, 27 Jan 2012 22:21:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bekir Dogan <bekirdo@gmail.com>:
New Bug report received and forwarded. Copy sent to debian-devel@lists.debian.org, wnpp@debian.org. (Fri, 27 Jan 2012 22:21:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Bekir Dogan <bekirdo@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Sat, 28 Jan 2012 00:15:15 +0200
Package: wnpp
Severity: wishlist
Owner: Bekir Dogan <bekirdo@gmail.com>

* Package name    : simplelxc
  Version         : 0.1
  Upstream Author : Bekir Dogan <bekirdo@gmail.com>
* URL             : https://github.com/bergerx/simplelxc#readme
* License         : GPL
  Programming Lang: Shell script
  Description     : Minimalist package to create LXC guests and then manage them simply.

Main objective is to make testing of any program easy on personal computers
(for now it works only for Debian systems) without losing time for these:
* does not require to manually configure networking on host system,
* does not require to manually create template,
* does not require to manually determining IP addresses,
* does not require to manually configuring any other parameters needed.

Just install simplelxc, create a guest and go.

Main purpose of this project is to handle only simple tasks, so if you want to
manage production lxc installation, you should consider using plain lxc
userspace control tool (http://lxc.sourceforge.net/) or projects like lxctl
(http://lxc.tl/).

Bekir Dogan




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>:
Bug#657678; Package wnpp. (Sat, 28 Jan 2012 05:18:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to daniel.baumann@progress-technologies.net:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>. (Sat, 28 Jan 2012 05:18:03 GMT) Full text and rfc822 format available.

Message #10 received at 657678@bugs.debian.org (full text, mbox):

From: Daniel Baumann <daniel.baumann@progress-technologies.net>
To: Bekir Dogan <bekirdo@gmail.com>
Cc: 657678@bugs.debian.org
Subject: Re: Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Sat, 28 Jan 2012 06:15:18 +0100
On 01/27/2012 11:15 PM, Bekir Dogan wrote:
> Main objective is to make testing of any program easy on personal computers
> (for now it works only for Debian systems) without losing time for these:
> * does not require to manually configure networking on host system,
> * does not require to manually create template,
> * does not require to manually determining IP addresses,
> * does not require to manually configuring any other parameters needed.
> 
> Just install simplelxc, create a guest and go.

i would rather much prefere if those little bits would be incorporated
into lxc-debconf in lxc itself. there's only minimal effort needed, as
lxc-debconf already determines all the defaults anyway and just needs
the one or other update to determine them better.

-- 
Address:        Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:          daniel.baumann@progress-technologies.net
Internet:       http://people.progress-technologies.net/~daniel.baumann/




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org:
Bug#657678; Package wnpp. (Sat, 28 Jan 2012 16:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bekir Dogan <bekirdo@gmail.com>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org. (Sat, 28 Jan 2012 16:45:03 GMT) Full text and rfc822 format available.

Message #15 received at 657678@bugs.debian.org (full text, mbox):

From: Bekir Dogan <bekirdo@gmail.com>
To: daniel.baumann@progress-technologies.net
Cc: 657678@bugs.debian.org
Subject: Re: Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Sat, 28 Jan 2012 18:41:21 +0200
On Sat, Jan 28, 2012 at 07:15, Daniel Baumann
<daniel.baumann@progress-technologies.net> wrote:
> On 01/27/2012 11:15 PM, Bekir Dogan wrote:
>> Main objective is to make testing of any program easy on personal computers
>> (for now it works only for Debian systems) without losing time for these:
>> * does not require to manually configure networking on host system,
>> * does not require to manually create template,
>> * does not require to manually determining IP addresses,
>> * does not require to manually configuring any other parameters needed.
>>
>> Just install simplelxc, create a guest and go.
>
> i would rather much prefere if those little bits would be incorporated
> into lxc-debconf in lxc itself. there's only minimal effort needed, as
> lxc-debconf already determines all the defaults anyway and just needs
> the one or other update to determine them better.
>

Thanks for you sugestion.

Simplelxc have conventions to ensure simplicity:

* Simplelxc creates a container even if no parameter is given and asks
  nothing, this is to help users who are not interested in what the
  system is.

* Simplelxc hardly asks something. If needed parameters not given just
  do the defaults else only show help and stop.

* No advanced configuration or cli parameters to avoid confusion of
  users.

* Simplelxc supports only one kind of networking (veth), preconfigures
  both host system and containers (not very good yet) and assumes the
  user will not change the configuration.

* Network architecture is nat based (because some wireless/ethernet
  drivers does not support to be added to a bridge) and ip addresses
  of new containers mainly managed automatically

* Simplelxc access to and controls continer's hostname, ipaddress and
  continer ssh authorized key when needed. (info, list, create and
  copy)

Actually in my opinion many of these are shouldn't be done by lxc.
But a wrapper like simplelxc is much more suitible for this. My
intention is not to replace lxc creation and mangement utils in lxc
package but when I've started to develop simplelxc idea, there is no
lxc wrapper (/usr/bin/lxc) around and writing 'lxc-start -d -n test'
irritates me.

After your mail I thought that, maybe I could use included lxc-debconf
script with a preseed file (which I've never tested before) for
container creation backend. This way I also can help debian lxc
package by recommending various solutions as an active user or may be
I can send patches. But at first I was not sure about lxc-debconf
development speed, it does not coming from upstream and seems like
changing very fast and I didn't want to update my package that often.


On the other side, here are my thoughts about lxc-debconf, and these
are my main motivation to crate a new package.

Many people around me tested lxc with lxc-debian script shipped with
debian lxc package but you need to give full path, so users must call
something like "sudo /usr/lib/lxc/templates/lxc-debian -p
/var/lib/lxc/test". This looks like an advanced operation that
generally fails for me. (I'm sorry for not reporting bugs, I will try
to be more participant as of now)

Then it asks confusing questions like preseed file, distribution,
archives, mirrors, archive areas for many users who are not familiar
with debian. But many users just want to get a running container don't
want to know which dist ribution they are using or not interested in
using mirrors. I've implented simplelxc with a lot of conventions to
prevent this, but in lxc package's case it doesn't looks right to have
this kind of conventions because it is the main infrastructure package
to support many scenarios.

The way lxc-debconf script chosen is not very easy and understandable
for many users who are not familiar with debian and debconf. And also
generally the first act of users who encounter to the blue screen
asking for a preseed file is pressing Ctrl-c which is not working with
debconf.


These are only my thoughts, and I am curious about yours?

bekir




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>:
Bug#657678; Package wnpp. (Sat, 28 Jan 2012 17:57:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to daniel.baumann@progress-technologies.net:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>. (Sat, 28 Jan 2012 17:57:03 GMT) Full text and rfc822 format available.

Message #20 received at 657678@bugs.debian.org (full text, mbox):

From: Daniel Baumann <daniel.baumann@progress-technologies.net>
To: Bekir Dogan <bekirdo@gmail.com>
Cc: 657678@bugs.debian.org
Subject: Re: Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Sat, 28 Jan 2012 18:53:27 +0100
On 01/28/2012 05:41 PM, Bekir Dogan wrote:
> * Simplelxc creates a container even if no parameter is given and asks
>   nothing, this is to help users who are not interested in what the
>   system is.

if we update the 'defaults' guessing in lxc-debconf and using higher
priority, then the outcome will be exactely like that.

> * Simplelxc hardly asks something. If needed parameters not given just
>   do the defaults else only show help and stop.

that's how it already works, yes.

> * No advanced configuration or cli parameters to avoid confusion of
>   users.

that's not a problem either; we can have debconf priority automatically
set to critical and frontend to non-interactive based on e.g. the
invokation name; such as 'lxc-create -t debian-simple'. if you insist,
this can even be a shortcut be in /usr/bin for that.

> * Simplelxc supports only one kind of networking (veth), preconfigures
>   both host system and containers (not very good yet) and assumes the
>   user will not change the configuration.

not so much of a problem to do the same in lxc-debconf.

> * Network architecture is nat based (because some wireless/ethernet
>   drivers does not support to be added to a bridge) and ip addresses
>   of new containers mainly managed automatically

not so much of a problem to do the same in lxc-debconf.

> * Simplelxc access to and controls continer's hostname, ipaddress and
>   continer ssh authorized key when needed. (info, list, create and
>   copy)

i think that's wrong; users should use lxc-console, or configure openssh
themselfs. it should not be the job of any lxc container creation script
to /configure/ services.

> Actually in my opinion many of these are shouldn't be done by lxc.
> But a wrapper like simplelxc is much more suitible for this. 

why?

> My intention is not to replace lxc creation and mangement utils in lxc
> package but when I've started to develop simplelxc idea

but that's basically what you're proposing.

there are so called lxc templates (the scripts that setup a container,
for debian, using debootstrap). the one in debian, named lxc-debconf and
accessible through 'lxc-create -t debian' or 'lxc-create -t progress' is
rather sophisticated. it allows to completely non-interactively create
containers with a preseed file, or asking all questions to the user
through debconf at the same time if he uses to make use of that.

to make lxc-debconf behave exactely like simplelxc, there are only a
handful of lines required, and you get all the rest that it /can/ do and
what it does best for free. rather than making use of that, and
extending lxc-debconf, you need to replicate and maintain all the basics
of creating a debian based container from scratch.

or, to put it arrogantly over exagerating: it's not a good idea to try
to rewrite lxc-debconf just because you don't like one default in it's
option.


regarding maintainability: lxc-debconf is quite mature as it's tested in
many, many use cases. i had a look at your creation method, and i must
say it's inherently insecure, even the most basic things are missing to
prevent taking over the host system from within the container. if you
intend to continue simplelxc, i suggest you have a look at what
lxc-debconf does (and reuse that).

> But at first I was not sure about lxc-debconf
> development speed, it does not coming from upstream

once lxc-debconf works also for ubuntu systems (there are two things
missing for that, the ubuntu specific defaults in lxc-debconf itself,
and upstart support in linux-container; both will happen in a couple of
weeks) and thus replacing lxc-ubuntu too, i'll work on mainlining it
upstream.

> and seems like
> changing very fast and I didn't want to update my package that often.

that's why there's imho no point in having another seperate thing.

> Many people around me tested lxc with lxc-debian script shipped with
> debian lxc package but you need to give full path, so users must call
> something like "sudo /usr/lib/lxc/templates/lxc-debian -p
> /var/lib/lxc/test".

no, this is wrong and nowhere can you find that way of invoking it.

the correct and only way to invoke *any* lxc template is through:

  lxc-create -t $name_of_the_template -n $name_of_the_container

e.g.:

  lxc-create -t debian -n example.org

> Then it asks confusing questions like preseed file, distribution,
> archives, mirrors, archive areas for many users who are not familiar
> with debian. But many users just want to get a running container don't
> want to know which dist ribution they are using or not interested in
> using mirrors.

like i said; making the debconf priority in a 'simple' wrapper isn't a
problem, that way it would be reduced to the following:

  lxc-create -t debian-simple -n example.org

and users would not see any question at all, while the same code is
running in the 'background'.

and right, the debconf texts should be explaining what it's all about
and what values should be entered for what reasons. just didn't got
arround doing that yet, patches welcome :).

Regards,
Daniel

-- 
Address:        Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:          daniel.baumann@progress-technologies.net
Internet:       http://people.progress-technologies.net/~daniel.baumann/




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org:
Bug#657678; Package wnpp. (Mon, 30 Jan 2012 20:27:09 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bekir Dogan <bekirdo@gmail.com>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org. (Mon, 30 Jan 2012 20:27:09 GMT) Full text and rfc822 format available.

Message #25 received at 657678@bugs.debian.org (full text, mbox):

From: Bekir Dogan <bekirdo@gmail.com>
To: daniel.baumann@progress-technologies.net
Cc: 657678@bugs.debian.org
Subject: Re: Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Mon, 30 Jan 2012 22:26:37 +0200
Hi Daniel;

I have some more questions below. I'm sorry about long posts.

lxc-debconf is not included in upstream. Is there anywhere other
than source lxc package to investigate/participate/generate patches
about lxc-debconf.

On Sat, Jan 28, 2012 at 19:53, Daniel Baumann
<daniel.baumann@progress-technologies.net> wrote:
>> ...
> that's not a problem either; we can have debconf priority automatically
> set to critical and frontend to non-interactive based on e.g. the
> invokation name; such as 'lxc-create -t debian-simple'. if you insist,
> this can even be a shortcut be in /usr/bin for that.
>
> ...
>
>> * Simplelxc access to and controls continer's hostname, ipaddress and
>>   continer ssh authorized key when needed. (info, list, create and
>>   copy)
>
> i think that's wrong; users should use lxc-console, or configure openssh
> themselfs. it should not be the job of any lxc container creation script
> to /configure/ services.
>
>> Actually in my opinion many of these are shouldn't be done by lxc.
>> But a wrapper like simplelxc is much more suitible for this.
> why?

simplelxc is trying to isolate users from any kind of problems which
prevents them to use it, using ssh with a key makes it easy to login
to a continer without thinking about what the user/pass is, I thought
that it should be easy to get in to the container and run some command
in it if needed which lxc-console can't do but ssh can, for example
restarting sshd from host system. But this is not that important,
lxc-consle should be enough.

You have a point about configuring services, but existing lxc creation
script in both upstream and Debian package is also doing similar
things. Seems like simplelxc adds only an ssh-key in
addition. lxc-debconf configures sources list, locales, networking,
hostname, tzdata, rootpw, nameserver on creation. But why not update
these on cloning or why not show some handy parameters in "lxc info"
of "lxc list". Or will I need to write my own scripts to collect this
kind of information? If so, in this manner we should write a helper program
to manage creation and management of containers along with some core
services in it. Instead of going on with simplelxc, maybe I can
help lxc upstream/package for creation process and I should write a
kind of helper tool for other needs if they are still needed. What do
you think about this?

And also there is an other similar package "lxctl", which you are
also the maintainer of, leads me the way simplelxc is going. In my
opinion simplelxc seems like a light and user friendly version of
lxctl which targets pc users rather than servers.

>> My intention is not to replace lxc creation and mangement utils in lxc
>> package but when I've started to develop simplelxc idea
>
> but that's basically what you're proposing.

Do you think same for lxctl?

> there are so called lxc templates (the scripts that setup a container,
> for debian, using debootstrap). the one in debian, named lxc-debconf and
> accessible through 'lxc-create -t debian' or 'lxc-create -t progress' is
> rather sophisticated. it allows to completely non-interactively create
> containers with a preseed file, or asking all questions to the user
> through debconf at the same time if he uses to make use of that.
>
> to make lxc-debconf behave exactely like simplelxc, there are only a
> handful of lines required, and you get all the rest that it /can/ do and
> what it does best for free. rather than making use of that, and
> extending lxc-debconf, you need to replicate and maintain all the basics
> of creating a debian based container from scratch.
>
> or, to put it arrogantly over exagerating: it's not a good idea to try
> to rewrite lxc-debconf just because you don't like one default in it's
> option.

This is a bit harsh, but, yes :) I can say that this is halfly true
with one note: Rather "I don't like it" it is "I coldn't trust
it". I'm not saying this to disturb you but lxc-debian changed a lot
in last few months and I didn't understand the main purpose of the
tool and there is a need for a more stable and working solution.

I should talk with you and upstream before developing simplelxc. But
as many tech guys, I am also a bit asocial to prefer communication
instead of creating a new project. (This can be my main excuse and
mistake :)

The right place to ask this question is the upstream but you are the
maintainer also, I think you have an idea (and I'm still asocial).
Which of these is true for lxc upstream?
* only the userspace part of lxc in kernel, or
* userspace part AND core management tools, or
* userspace part AND management tools to manage the lxc containers in
  the host. "management" in the meaning of managing containers along
  with the core services on it, like networking, name resolution.

> regarding maintainability: lxc-debconf is quite mature as it's tested in
> many, many use cases. i had a look at your creation method, and i must
> say it's inherently insecure, even the most basic things are missing to
> prevent taking over the host system from within the container. if you
> intend to continue simplelxc, i suggest you have a look at what
> lxc-debconf does (and reuse that).

This seems a bit offensive.  I've started with copying the core of
lxc-debian script. But in the case of simplelxc containers, security
is not one of the primary issues, containers are not accessible from
outside from the host, they are behind ip masquerade in the
host. Simplelxc is not a solution for shared systems or production
environments. Just for testing something in your pc. But you are still
right about maintainability and security issues. I will be copying the
solutions in the core lxc package constantly if I want to go on with
simplelxc.

>> But at first I was not sure about lxc-debconf
>> development speed, it does not coming from upstream
>
> once lxc-debconf works also for ubuntu systems (there are two things
> missing for that, the ubuntu specific defaults in lxc-debconf itself,
> and upstart support in linux-container; both will happen in a couple of
> weeks) and thus replacing lxc-ubuntu too, i'll work on mainlining it
> upstream.

Seems like you've forked the upstream with the "debian/local" in the
package. I'm wondering why don't you develop lxc-debconf with
upstream.  Do upstream developers know that you are developing this?
May be it's just the way it is evolved in time. I'm not experienced in
this kind of situations about open source projects.

>> Then it asks confusing questions like preseed file, distribution,
>> archives, mirrors, archive areas for many users who are not familiar
>> with debian. But many users just want to get a running container don't
>> want to know which dist ribution they are using or not interested in
>> using mirrors.
>
> like i said; making the debconf priority in a 'simple' wrapper isn't a
> problem, that way it would be reduced to the following:
>
>  lxc-create -t debian-simple -n example.org
>
> and users would not see any question at all, while the same code is
> running in the 'background'.
>
> and right, the debconf texts should be explaining what it's all about
> and what values should be entered for what reasons. just didn't got
> arround doing that yet, patches welcome :).

I can't find a vcs, so what is the correct way of generating patches
and sending them. Is it enough to use the source package in unstable
repo to generate patch and post it to you.

bekir




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>:
Bug#657678; Package wnpp. (Mon, 30 Jan 2012 21:33:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to daniel.baumann@progress-technologies.net:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>. (Mon, 30 Jan 2012 21:33:03 GMT) Full text and rfc822 format available.

Message #30 received at 657678@bugs.debian.org (full text, mbox):

From: Daniel Baumann <daniel.baumann@progress-technologies.net>
To: Bekir Dogan <bekirdo@gmail.com>
Cc: 657678@bugs.debian.org
Subject: Re: Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
Date: Mon, 30 Jan 2012 22:29:53 +0100
On 01/30/2012 09:26 PM, Bekir Dogan wrote:
> I have some more questions below. I'm sorry about long posts.

you're welcome, no problem.

> lxc-debconf is not included in upstream. Is there anywhere other
> than source lxc package to investigate/participate/generate patches
> about lxc-debconf.

i'm maintaining it (within the debian lxc source package) in a git repo
at http://vcs.progress-linux.org/?p=users/daniel/packages/lxc.git

> using ssh with a key makes it easy to login
> to a continer without thinking about what the user/pass is

personally, i think it is not too much to ask from a user to specify and
remember one passwort for a container. but ymmv.

> I thought that it should be easy to get in to the container and run some command
> in it if needed

there's lxc-attach and lxc-execute for the one or other case (some of
them depend on not yet mainlined kernel patches; but anyhow, this will
get solved at some point).

> which lxc-console can't do but ssh can, for example
> restarting sshd from host system. But this is not that important,
> lxc-consle should be enough.

well, using lxc-console requires one login at the first use. i might be
possible to do that non-interactively if needed, not sure. if that would
be possible, one could (even without the current restrictions of
lxc-execute/lxc-attach) do stuff within the container.

> You have a point about configuring services, but existing lxc creation
> script in both upstream and Debian package is also doing similar
> things.

i beg to differ; they only configure the minimal required things to make
a chroot 'bootable' as a container for lxc.

> lxc-debconf configures sources list, locales, networking,
> hostname, tzdata, rootpw, nameserver on creation.

just to be precise, most of the things that get done *within* the chroot
gets configured by linux-container, which is the only way to do this
properly and upgrade safe (not just for package updates, but also for
entire debian release dist-upgrades).

> But why not update
> these on cloning or why not show some handy parameters in "lxc info"
> of "lxc list". Or will I need to write my own scripts to collect this
> kind of information?

i'm not sure i understand what you mean, can you rephrase?

> If so, in this manner we should write a helper program
> to manage creation and management of containers along with some core
> services in it.

you mean like factoring out the 'common' things from lxc-debconf so that
it can be used by others? if so, then that doesn't make much sense imho.

lxc-debconf is debian specific, there is nothing in it that will be
usefull for non-debian based distributions.

handling the different debian distributions/derivatives is only a matter
of a different defaults, everything else stays the same anyway.

so.. factoring out wouldn't gain anything, imho.

> And also there is an other similar package "lxctl", which you are
> also the maintainer of, leads me the way simplelxc is going.

eventually, in my personal opition, lxctl will go away when lxc-debconf
supports those things that lxctl does and lxc-debconf doesn't (the
templating is a tad more customizable).

>> but that's basically what you're proposing.
> 
> Do you think same for lxctl?

yes, absolutely.

> This is a bit harsh, but, yes :)

i didn't mean to, i just tried to make my point 'clear'. i hope you're
not offended.

> lxc-debian changed a lot
> in last few months and I didn't understand the main purpose of the
> tool and

sure, it's debian-unstable :)

lxc-debconf (see TODO file for more information) is done, there are a
few cosmetic and minor enhancments planed, but otherwise.. it's ready
for wheezy...

> there is a need for a more stable and working solution.

...please note that there are two things on the side, one is
lxc-debconf, and the other one is the packages in debian itself. as it
currently stands, not even wheezy will be released with all the bugs
fixed to work properly as a container for lxc. this is sad, especially
since i've filled bugs about it 1.5 years ago already. but that's out of
my hands. and also, it's not the task of lxc-debconf to fix bugs in
debian. it should create containers, not more, not less. if debian
doesn't work nicer in a container, then, well, that's a bug in the
respective package, but not in lxc-debconf.

> I should talk with you and upstream before developing simplelxc. But
> as many tech guys, I am also a bit asocial to prefer communication
> instead of creating a new project. (This can be my main excuse and
> mistake :)

sure, not that i blame you for anything :) i just wanted to make you
aware, that, in order to safe everyones time and work, it would be
better to not 'reinvent the wheel' once again.

> Which of these is true for lxc upstream?
> * only the userspace part of lxc in kernel, or
> * userspace part AND core management tools, or
> * userspace part AND management tools to manage the lxc containers in
>   the host. "management" in the meaning of managing containers along
>   with the core services on it, like networking, name resolution.

the second.

though, to avoid misunderstandings since you've written about that
above.. lxc also contains the scripts in order to create containers for
certain linux distributions.

in the case of debian, that naturally does have to include e.g.
populating /etc/apt/sources.list*, as this is a required step in order
to create a debian(based) container. and networking is essential as
well. but certainly, it's not the job of the template to e.g. configure
openssh, or apache, or any other service, unless the service is required
in order to 'boot' the container and have the network access enabled.

> in the case of simplelxc containers, security
> is not one of the primary issues, containers are not accessible from
> outside from the host, they are behind ip masquerade in the
> host. Simplelxc is not a solution for shared systems or production
> environments. Just for testing something in your pc.

if you want to test something, then it's vital that whatever you're
resting is not able to trash your host system. as it currently stands,
you can easily get root access on the host system if you have root
access in a container created by simplelxc.

such misconfiguration is not acceptable, both from an 'outside' point of
view, and absolutely not from a debian point of view. this is an rc bug,
and we will not include a package in a debian release having such flaws.

(again, no offence intended).

> Seems like you've forked the upstream with the "debian/local" in the
> package. I'm wondering why don't you develop lxc-debconf with
> upstream.

first, because daniel lezcado is terribly busy and i don't want to waste
his time with merge requests unless  lxc-debconf has matured a bit in
debian itself (like i said in my previous mail).

second, although daniel is doing a good job as lxc maintainer, he's not
experienced enough with debian to make the debian template scripts good
enough.

third, lxc-debconf will not replace lxc-debian upstream wise, it will be
an addition that can, on debian systems, be used and should be used as a
replacement (it uses debconf, and if you e.g. want to create a debian
container on a fedora system, you would also require debconf to be
installed, not just debootstrap only; which might not necessarily
desirable).

fourth, lxc-debconf should also mainly replace the current lxc-ubuntu
(upstream wise), and, like i said in the previous mail, there's no point
yet upstreaming lxc-debconf as it not yet handles ubuntu.

but, like i said in the previous mail, i'll upstream it once it can
replace lxc-ubuntu as well.

> Do upstream developers know that you are developing this?

yes.

> I can't find a vcs, so what is the correct way of generating patches
> and sending them. Is it enough to use the source package in unstable
> repo to generate patch and post it to you.

i'd prefere patches (or, even better, a remote repo to merge from) based
on the debian branch from here:

http://vcs.progress-linux.org/?p=users/daniel/packages/lxc.git

-- 
Address:        Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:          daniel.baumann@progress-technologies.net
Internet:       http://people.progress-technologies.net/~daniel.baumann/




Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>:
Bug#657678; Package wnpp. (Mon, 27 May 2013 14:20:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Lucas Nussbaum <lucas@debian.org>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Bekir Dogan <bekirdo@gmail.com>. (Mon, 27 May 2013 14:20:03 GMT) Full text and rfc822 format available.

Message #35 received at 657678@bugs.debian.org (full text, mbox):

From: Lucas Nussbaum <lucas@debian.org>
To: 657678@bugs.debian.org
Cc: control@bugs.debian.org
Subject: simplelxc: changing back from ITP to RFP
Date: Mon, 27 May 2013 15:24:14 +0200
retitle 657678 RFP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
noowner 657678
tag 657678 - pending
thanks

Hi,

This is an automatic email to change the status of simplelxc back from ITP
(Intent to Package) to RFP (Request for Package), because this bug hasn't seen
any activity during the last 12 months.

If you are still interested in adopting simplelxc, please send a mail to
<control@bugs.debian.org> with:

 retitle 657678 ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
 owner 657678 !
 thanks

However, it is not recommended to keep ITP for a long time without acting on
the package, as it might cause other prospective maintainers to refrain from
packaging that software. It is also a good idea to document your progress on
this ITP from time to time, by mailing <657678@bugs.debian.org>.

Thank you for your interest in Debian,
-- 
Lucas, for the QA team <debian-qa@lists.debian.org>



Changed Bug title to 'RFP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.' from 'ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.' Request was from Lucas Nussbaum <lucas@debian.org> to control@bugs.debian.org. (Mon, 27 May 2013 14:33:00 GMT) Full text and rfc822 format available.

Removed annotation that Bug was owned by Bekir Dogan <bekirdo@gmail.com>. Request was from Lucas Nussbaum <lucas@debian.org> to control@bugs.debian.org. (Mon, 27 May 2013 14:33:01 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 07:03:32 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.