if [ "$MAPPED" == "no" ]; then
echo "This template can only be used for unprivileged containers." 1>&2
- echo "You might want the \"debian\" template instead." 1|&2
+ echo "You might want the \"debian\" template instead." 1>&2
+ exit 1
fi
+set -e
+set -u
+
# Make sure the usual locations are in PATH
export PATH=/usr/sbin:/usr/bin:/sbin:/bin:$PATH
export GREP_OPTIONS=""
deb http://security.debian.org/ $DEBIAN_RELEASE/updates main
EOF
-# disable bits of systemd that we hates
-chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f checkroot.sh disable > /dev/null 2>&1
-chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f umountfs disable > /dev/null 2>&1
-chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclock.sh disable > /dev/null 2>&1
-chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclockfirst.sh disable > /dev/null 2>&1
+# disable bits of systemd / initrd that break things
+chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f checkroot.sh disable > /dev/null 2>&1 || true
+chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f umountfs disable > /dev/null 2>&1 || true
+chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclock.sh disable > /dev/null 2>&1 || true
+chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclockfirst.sh disable > /dev/null 2>&1 || true
if [ -e "${LXC_ROOTFS}/etc/systemd/system/" ]; then
touch "${LXC_ROOTFS}/etc/systemd/system/systemd-setup-dgram-qlen.service"
chroot "${LXC_ROOTFS}" ln -s /lib/systemd/system/halt.target /etc/systemd/system/sigpwr.target
fi
+if [ -e "${LXC_ROOTFS}/lib/systemd/system/systemd-journald-audit.socket" ]; then
+ touch "${LXC_ROOTFS}/etc/systemd/system/systemd-journald-audit.socket"
+fi
+
cat <<EOF >> "${LXC_ROOTFS}${NETWORK_FILE}"
auto eth0
iface eth0 inet dhcp
projects / lxc-debian-unprivileged.git / blobdiff