X-Git-Url: https://git.sommitrealweird.co.uk/lxc-debian-unprivileged.git/blobdiff_plain/f42fa838780d8d13e7a08c01a83c039d94580de6..e442c7dafe02a235c2f2e4696f73ae9c81dcaf49:/templates/lxc-debian-unprivileged diff --git a/templates/lxc-debian-unprivileged b/templates/lxc-debian-unprivileged index 8673944..89dbd50 100755 --- a/templates/lxc-debian-unprivileged +++ b/templates/lxc-debian-unprivileged @@ -31,9 +31,13 @@ done if [ "$MAPPED" == "no" ]; then echo "This template can only be used for unprivileged containers." 1>&2 - echo "You might want the \"debian\" template instead." 1|&2 + echo "You might want the \"debian\" template instead." 1>&2 + exit 1 fi +set -e +set -u + # Make sure the usual locations are in PATH export PATH=/usr/sbin:/usr/bin:/sbin:/bin:$PATH export GREP_OPTIONS="" @@ -208,11 +212,11 @@ deb $DEBIAN_MIRROR $DEBIAN_RELEASE main deb http://security.debian.org/ $DEBIAN_RELEASE/updates main EOF -# disable bits of systemd that we hates -chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f checkroot.sh disable > /dev/null 2>&1 -chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f umountfs disable > /dev/null 2>&1 -chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclock.sh disable > /dev/null 2>&1 -chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclockfirst.sh disable > /dev/null 2>&1 +# disable bits of systemd / initrd that break things +chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f checkroot.sh disable > /dev/null 2>&1 || true +chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f umountfs disable > /dev/null 2>&1 || true +chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclock.sh disable > /dev/null 2>&1 || true +chroot "${LXC_ROOTFS}" /usr/sbin/update-rc.d -f hwclockfirst.sh disable > /dev/null 2>&1 || true if [ -e "${LXC_ROOTFS}/etc/systemd/system/" ]; then touch "${LXC_ROOTFS}/etc/systemd/system/systemd-setup-dgram-qlen.service" @@ -223,6 +227,10 @@ if [ -e "${LXC_ROOTFS}/etc/systemd/system/" ]; then chroot "${LXC_ROOTFS}" ln -s /lib/systemd/system/halt.target /etc/systemd/system/sigpwr.target fi +if [ -e "${LXC_ROOTFS}/lib/systemd/system/systemd-journald-audit.socket" ]; then + touch "${LXC_ROOTFS}/etc/systemd/system/systemd-journald-audit.socket" +fi + cat <> "${LXC_ROOTFS}${NETWORK_FILE}" auto eth0 iface eth0 inet dhcp