2014-04-02 03:42:54 +04:00
#!/usr/bin/env bash
set -e
# bits of this were adapted from lxc-checkconfig
# see also https://github.com/lxc/lxc/blob/lxc-1.0.2/src/lxc/lxc-checkconfig.in
2014-04-22 16:26:44 +04:00
possibleConfigs = (
'/proc/config.gz'
" /boot/config- $( uname -r) "
" /usr/src/linux- $( uname -r) /.config "
'/usr/src/linux/.config'
)
2015-01-23 11:36:55 +03:00
if [ $# -gt 0 ] ; then
CONFIG = " $1 "
else
2015-02-13 14:52:11 +03:00
: ${ CONFIG : = " ${ possibleConfigs [0] } " }
2015-01-23 11:36:55 +03:00
fi
2014-04-03 21:46:24 +04:00
if ! command -v zgrep & > /dev/null; then
zgrep( ) {
zcat " $2 " | grep " $1 "
}
fi
2014-04-02 03:42:54 +04:00
is_set( ) {
2014-04-03 21:46:24 +04:00
zgrep " CONFIG_ $1 =[y|m] " " $CONFIG " > /dev/null
2014-04-02 03:42:54 +04:00
}
2014-04-02 12:44:12 +04:00
# see http://en.wikipedia.org/wiki/ANSI_escape_code#Colors
declare -A colors = (
[ black] = 30
[ red] = 31
[ green] = 32
[ yellow] = 33
[ blue] = 34
[ magenta] = 35
[ cyan] = 36
[ white] = 37
)
2014-04-02 03:42:54 +04:00
color( ) {
2014-04-02 12:44:12 +04:00
color = ( )
2014-04-02 03:42:54 +04:00
if [ " $1 " = 'bold' ] ; then
2014-04-02 12:44:12 +04:00
color += ( '1' )
2014-04-02 03:42:54 +04:00
shift
fi
2014-04-02 12:44:12 +04:00
if [ $# -gt 0 ] && [ " ${ colors [ $1 ] } " ] ; then
color += ( " ${ colors [ $1 ] } " )
fi
local IFS = ';'
echo -en '\033[' " ${ color [*] } " m
}
wrap_color( ) {
text = " $1 "
shift
color " $@ "
echo -n " $text "
color reset
echo
}
wrap_good( ) {
echo " $( wrap_color " $1 " white) : $( wrap_color " $2 " green) "
}
wrap_bad( ) {
echo " $( wrap_color " $1 " bold) : $( wrap_color " $2 " bold red) "
}
wrap_warning( ) {
wrap_color >& 2 " $* " red
2014-04-02 03:42:54 +04:00
}
check_flag( ) {
if is_set " $1 " ; then
2014-04-02 12:44:12 +04:00
wrap_good " CONFIG_ $1 " 'enabled'
2014-04-02 03:42:54 +04:00
else
2014-04-02 12:44:12 +04:00
wrap_bad " CONFIG_ $1 " 'missing'
2014-04-02 03:42:54 +04:00
fi
}
check_flags( ) {
for flag in " $@ " ; do
2014-04-02 12:44:12 +04:00
echo " - $( check_flag " $flag " ) "
2014-04-02 03:42:54 +04:00
done
2014-12-03 15:57:23 +03:00
}
2014-04-02 03:42:54 +04:00
2014-04-02 12:44:12 +04:00
if [ ! -e " $CONFIG " ] ; then
wrap_warning " warning: $CONFIG does not exist, searching other paths for kernel config... "
2014-04-22 16:26:44 +04:00
for tryConfig in " ${ possibleConfigs [@] } " ; do
2014-04-02 12:44:12 +04:00
if [ -e " $tryConfig " ] ; then
CONFIG = " $tryConfig "
break
fi
done
if [ ! -e " $CONFIG " ] ; then
wrap_warning "error: cannot find kernel config"
wrap_warning " try running this script again, specifying the kernel config:"
2015-02-13 14:52:11 +03:00
wrap_warning " CONFIG=/path/to/kernel/.config $0 or $0 /path/to/kernel/.config "
2014-04-02 12:44:12 +04:00
exit 1
fi
fi
2014-04-02 03:42:54 +04:00
2014-04-02 12:44:12 +04:00
wrap_color " info: reading kernel config from $CONFIG ... " white
echo
2014-04-02 03:42:54 +04:00
echo 'Generally Necessary:'
2014-04-02 12:44:12 +04:00
echo -n '- '
2014-06-07 18:43:40 +04:00
cgroupSubsystemDir = " $( awk '/[, ](cpu|cpuacct|cpuset|devices|freezer|memory)[, ]/ && $3 == "cgroup" { print $2 }' /proc/mounts | head -n1) "
2014-04-08 08:53:42 +04:00
cgroupDir = " $( dirname " $cgroupSubsystemDir " ) "
if [ -d " $cgroupDir /cpu " -o -d " $cgroupDir /cpuacct " -o -d " $cgroupDir /cpuset " -o -d " $cgroupDir /devices " -o -d " $cgroupDir /freezer " -o -d " $cgroupDir /memory " ] ; then
2014-04-02 12:44:12 +04:00
echo " $( wrap_good 'cgroup hierarchy' 'properly mounted' ) [ $cgroupDir ] "
else
2014-04-08 08:53:42 +04:00
if [ " $cgroupSubsystemDir " ] ; then
echo " $( wrap_bad 'cgroup hierarchy' 'single mountpoint!' ) [ $cgroupSubsystemDir ] "
else
echo " $( wrap_bad 'cgroup hierarchy' 'nonexistent??' ) "
fi
2014-04-02 12:44:12 +04:00
echo " $( wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow) "
fi
2014-07-22 20:08:41 +04:00
if [ " $( cat /sys/module/apparmor/parameters/enabled 2>/dev/null) " = 'Y' ] ; then
echo -n '- '
if command -v apparmor_parser & > /dev/null; then
echo " $( wrap_good 'apparmor' 'enabled and tools installed' ) "
else
echo " $( wrap_bad 'apparmor' 'enabled, but apparmor_parser missing' ) "
echo -n ' '
if command -v apt-get & > /dev/null; then
echo " $( wrap_color '(use "apt-get install apparmor" to fix this)' ) "
elif command -v yum & > /dev/null; then
echo " $( wrap_color '(your best bet is "yum install apparmor-parser")' ) "
else
echo " $( wrap_color '(look for an "apparmor" package for your distribution)' ) "
fi
fi
fi
2014-04-02 03:42:54 +04:00
flags = (
NAMESPACES { NET,PID,IPC,UTS} _NS
DEVPTS_MULTIPLE_INSTANCES
2015-03-13 18:18:10 +03:00
CGROUPS CGROUP_CPUACCT CGROUP_DEVICE CGROUP_FREEZER CGROUP_SCHED CPUSETS
2014-04-02 03:42:54 +04:00
MACVLAN VETH BRIDGE
2014-11-05 01:47:13 +03:00
NF_NAT_IPV4 IP_NF_FILTER IP_NF_TARGET_MASQUERADE
2014-04-08 08:53:42 +04:00
NETFILTER_XT_MATCH_{ ADDRTYPE,CONNTRACK}
2014-04-02 03:42:54 +04:00
NF_NAT NF_NAT_NEEDED
2014-12-27 00:59:25 +03:00
# required for bind-mounting /dev/mqueue into containers
POSIX_MQUEUE
2014-04-02 03:42:54 +04:00
)
check_flags " ${ flags [@] } "
echo
echo 'Optional Features:'
2015-04-02 03:38:39 +03:00
{
check_flags MEMCG_SWAP
check_flags MEMCG_SWAP_ENABLED
if is_set MEMCG_SWAP && ! is_set MEMCG_SWAP_ENABLED; then
echo " $( wrap_color '(note that cgroup swap accounting is not enabled in your kernel config, you can enable it by setting boot option "swapaccount=1")' bold black) "
fi
}
2014-04-02 03:42:54 +04:00
flags = (
RESOURCE_COUNTERS
2014-08-19 15:48:55 +04:00
CGROUP_PERF
2014-04-02 03:42:54 +04:00
)
check_flags " ${ flags [@] } "
echo '- Storage Drivers:'
{
2014-04-02 12:44:12 +04:00
echo '- "' $( wrap_color 'aufs' blue) '":'
2014-11-18 22:20:49 +03:00
check_flags AUFS_FS | sed 's/^/ /'
2014-04-02 03:42:54 +04:00
if ! is_set AUFS_FS && grep -q aufs /proc/filesystems; then
2014-04-02 12:44:12 +04:00
echo " $( wrap_color '(note that some kernels include AUFS patches but not the AUFS_FS flag)' bold black) "
2014-04-02 03:42:54 +04:00
fi
2014-11-18 22:20:49 +03:00
check_flags EXT4_FS_POSIX_ACL EXT4_FS_SECURITY | sed 's/^/ /'
2014-04-02 03:42:54 +04:00
2014-04-02 12:44:12 +04:00
echo '- "' $( wrap_color 'btrfs' blue) '":'
2014-04-02 03:42:54 +04:00
check_flags BTRFS_FS | sed 's/^/ /'
2014-04-02 12:44:12 +04:00
echo '- "' $( wrap_color 'devicemapper' blue) '":'
2014-09-17 11:03:13 +04:00
check_flags BLK_DEV_DM DM_THIN_PROVISIONING EXT4_FS EXT4_FS_POSIX_ACL EXT4_FS_SECURITY | sed 's/^/ /'
2014-11-18 22:20:49 +03:00
2014-12-03 15:57:23 +03:00
echo '- "' $( wrap_color 'overlay' blue) '":'
2015-01-28 21:08:27 +03:00
check_flags OVERLAY_FS EXT4_FS_SECURITY EXT4_FS_POSIX_ACL | sed 's/^/ /'
2014-04-02 03:42:54 +04:00
} | sed 's/^/ /'
echo
#echo 'Potential Future Features:'
#check_flags USER_NS
#echo