X-Git-Url: https://git.sommitrealweird.co.uk/lxc-debian-unprivileged.git/blobdiff_plain/9661fcd3a054117152d5215abe3fcc5a292ea638..0706287ab500d02db0257d2321156da6f01a38a6:/templates/lxc-debian-unprivileged?ds=sidebyside diff --git a/templates/lxc-debian-unprivileged b/templates/lxc-debian-unprivileged index bc6288b..c7134a7 100755 --- a/templates/lxc-debian-unprivileged +++ b/templates/lxc-debian-unprivileged @@ -66,6 +66,21 @@ eval set -- "$options" DEBIAN_MIRROR="http://mirror.mythic-beasts.com/debian/" DEBIAN_RELEASE="jessie" +disable_initscripts() { + cat < ${LXC_ROOTFS}/usr/sbin/policy-rc.d +#!/bin/sh + +exit 101 +EOF + chmod 755 ${LXC_ROOTFS}/usr/sbin/policy-rc.d +} + +enable_initscripts() { + if [ -e ${LXC_ROOTFS}/usr/sbin/policy-rc.d ]; then + rm ${LXC_ROOTFS}/usr/sbin/policy-rc.d + fi +} + while :; do case "$1" in -h|--help) usage && exit 1;; @@ -80,12 +95,6 @@ while :; do esac done -echo "Mapped UID: $MAPPED_UID" -echo "Mapped GID: $MAPPED_GID" -echo "RootFS: $LXC_ROOTFS" -echo "Name: $LXC_NAME" -echo "Path: $LXC_PATH" - # rewrite the default config file sed -i -e "/lxc./{w ${LXC_PATH}/config-auto" -e "d}" ${LXC_PATH}/config @@ -140,7 +149,7 @@ for file in /var/lib/lxcfs/proc/*; do mount -n -o bind $file ${LXC_ROOTFS}/proc/$fname done -for dev in random urandom; do +for dev in null random urandom; do touch ${LXC_ROOTFS}/dev/$dev mount -n -o bind /dev/$dev ${LXC_ROOTFS}/dev/$dev done @@ -149,15 +158,14 @@ done echo "debootstrapping - hahaha" > ${LXC_ROOTFS}/proc/cmdline # and disable initscripts -cat < ${LXC_ROOTFS}/usr/sbin/policy-rc.d -#!/bin/sh - -exit 101 -EOF +disable_initscripts # and run the second stage chroot ${LXC_ROOTFS} /debootstrap/debootstrap --second-stage +# make sure that initscripts are still disabled +disable_initscripts + # configure locales lang=en_GB.UTF-8 enc=UTF-8 @@ -191,6 +199,9 @@ fi # remove some interesting breakages in pam for unpriv foo sed -i -e 's#^\(session.*required.*pam_loginuid.so\)#\#\1#;' ${LXC_ROOTFS}/etc/pam.d/* +# set the hostname +echo $LXC_NAME > ${LXC_ROOTFS}/etc/hostname + # setup sources.list cat < ${LXC_ROOTFS}/etc/apt/sources.list deb $DEBIAN_MIRROR $DEBIAN_RELEASE main @@ -225,7 +236,7 @@ chroot ${LXC_ROOTFS} apt-get -y upgrade [ -e ${LXC_ROOTFS}/usr/sbin/policy-rc.d ] && rm ${LXC_ROOTFS}/usr/sbin/policy-rc.d rm ${LXC_ROOTFS}/proc/cmdline -for dev in random urandom; do +for dev in null random urandom; do umount ${LXC_ROOTFS}/dev/$dev rm ${LXC_ROOTFS}/dev/$dev done @@ -236,4 +247,8 @@ for file in /var/lib/lxcfs/proc/*; do rm ${LXC_ROOTFS}/proc/$fname done +enable_initscripts + +rm -r ${LXC_PATH}/bin + exit 0