On Thu, Jul 14, 2011 at 12:22:52PM +0200, Adam Borowski wrote: > In containers like vserver, even root cannot mount things from the inside, > for obvious security reasons. > > This makes the new postinst fail: > dpkg: error processing initscripts (--configure): > subprocess installed post-installation script returned error exit status 1 > > I don't know about openvz or lxc, but I guess the situation is same there.
If the environment doesn't support mounting, we need a means to detect that in the postinst. We started using ischroot(1) from debianutils rather than hardcoding the logic. Perhaps what's needed is for that script to have explict support for vserver added, and perhaps openvz and lxc as well. The distinction we make in the initscripts postinst is whether or not the standard initscripts (mountkernfs, mountdevsubfs, mtab, mountall etc.) are run when the system is started up. If they aren't, we can't do a proper transition to /run. A chroot falls into this category, and it may well be that vservers and other lightweight virtualisation systems also fall into this catergory. "Full" virtualisation, in comparison, does not due to booting a kernel and running all the scripts. IIRC we were explicitly supporting vserver in the postinst prior to the switch to ischroot, though I didn't test it myself. If the logic in older versions detects vservers correctly for you and ischroot does not, we need to get that logic added to ischroot (or back in the postinst if that's the best place). Note that 2.88dsf-13.6 was the last version not using ischroot, so I would suggest trying out the postinst logic from that version. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
signature.asc
Description: Digital signature