Your message dated Tue, 17 Apr 2018 02:53:57 +0000
with message-id <e1f8gkn-000dlu...@fasolo.debian.org>
and subject line Bug#890419: fixed in debootstrap 1.0.97
has caused the Debian Bug report #890419,
regarding [PATCH] Fix boostrapping libvirt LXC containers
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
890419: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890419
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: debootstrap
Severity: normal

Hi,

I'm attaching a patch set I'm using to bootstrap Debian in LXC
containers (managed by libvirtd).

Cheers,
Lubo
From 6b3b08f72331d533bfceb5e3cced6906027b665f Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkund...@v3.sk>
Date: Sat, 27 Jan 2018 13:21:06 +0100
Subject: [PATCH 3/3] Don't insist on preserving resolv.conf and hostname owner

If we're bootstrapping a Debian tree in a new user namespace, the files
from the host filesystem owned by users from outside our user mapping
range seem to be owned by 65534:65534.

We neither not want to create such files. Also, there doesn't seem to
much point in preserving the ownership information -- the alternative to
copying the files (just a couple of lines above) is just cat-ing files
and we're perfectly fine with that.
---
 functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/functions b/functions
index aea6ba9..5fb73de 100644
--- a/functions
+++ b/functions
@@ -1017,7 +1017,7 @@ conditional_cp () {
 		if [ -L "$1" ] && [ -e "$1" ]; then
 			cat "$1" >"$2/$1"
 		elif [ -e "$1" ]; then
-			cp -a "$1" "$2/$1"
+			cp "$1" "$2/$1"
 		fi
 	fi
 }
-- 
2.14.3

From 273978f25010b135a66e5c47f4a18e1a0f454caf Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkund...@v3.sk>
Date: Sat, 27 Jan 2018 11:36:46 +0100
Subject: [PATCH 2/3] Make devices setup work in lxc-libvirt containers

We're allowed to use some basic devices, but not to create new device
nodes. No problem, we can just bind the existing ones.

Another alternative would be to bind the whole host /dev. However,
binding just the devices we need ensures everything we need is there and
nothing more (to be consistent with other ways to set up the target
/dev).

The libvirt LXC containers are recognized by the container variable
in PID 1's environment, as defined in the "Container Interface"
specification.
---
 functions | 35 +++++++++++++++++++++++++++++++----
 1 file changed, 31 insertions(+), 4 deletions(-)

diff --git a/functions b/functions
index 27458a9..aea6ba9 100644
--- a/functions
+++ b/functions
@@ -1131,6 +1131,11 @@ setup_devices () {
 		return 0
 	fi
 
+	if grep -q container=lxc-libvirt /proc/1/environ; then
+		setup_devices_bind
+		return 0
+	fi
+
 	case "$HOST_OS" in
 	    kfreebsd*)
 		;;
@@ -1188,6 +1193,26 @@ setup_devices_fakechroot () {
 	ln -s /dev "$TARGET"
 }
 
+setup_devices_bind () {
+	mount -t tmpfs nodev $TARGET/dev
+	umount_on_exit /dev
+	for device in null zero full random urandom tty pts shm ptmx; do
+		if [ -d /dev/$device ]; then
+			mkdir $TARGET/dev/$device
+		elif [ -c /dev/$device ]; then
+			touch $TARGET/dev/$device
+		else
+			continue
+		fi
+		mount -o bind /dev/$device $TARGET/dev/$device
+		umount_on_exit /dev/$device
+	done
+	ln -s /proc/self/fd   $TARGET/dev/fd
+	ln -s /proc/self/fd/0 $TARGET/dev/stdin
+	ln -s /proc/self/fd/1 $TARGET/dev/stdout
+	ln -s /proc/self/fd/2 $TARGET/dev/stderr
+}
+
 setup_dselect_method () {
 	case "$1" in
 	    apt)
@@ -1450,12 +1475,14 @@ check_sane_mount () {
 	    *freebsd*|hurd*)
 		;;
 	    *)
-		mknod "$1/test-dev-null" c 1 3 || return 1
-		if ! echo test > "$1/test-dev-null"; then
+		if ! grep -q container=lxc-libvirt /proc/1/environ; then
+			mknod "$1/test-dev-null" c 1 3 || return 1
+			if ! echo test > "$1/test-dev-null"; then
+				rm -f "$1/test-dev-null"
+				return 1
+			fi
 			rm -f "$1/test-dev-null"
-			return 1
 		fi
-		rm -f "$1/test-dev-null"
 		;;
 	esac
 
-- 
2.14.3

From 1892105130c3302f1fe2eea271b57f257be3e16a Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkund...@v3.sk>
Date: Tue, 13 Feb 2018 15:22:50 +0100
Subject: [PATCH 1/3] Umount filesystems in reverse order than they were
 mounted in

This will allow us to clean up the nested mounts more easily.
---
 functions | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/functions b/functions
index e30687c..27458a9 100644
--- a/functions
+++ b/functions
@@ -1069,7 +1069,7 @@ umount_exit_function () {
 
 umount_on_exit () {
 	if [ "$UMOUNT_DIRS" ]; then
-		UMOUNT_DIRS="$UMOUNT_DIRS $1"
+		UMOUNT_DIRS="$1 $UMOUNT_DIRS"
 	else
 		UMOUNT_DIRS="$1"
 		on_exit umount_exit_function
@@ -1103,8 +1103,8 @@ setup_proc () {
 	    *)
 		umount_on_exit /dev/pts
 		umount_on_exit /dev/shm
-		umount_on_exit /proc/bus/usb
 		umount_on_exit /proc
+		umount_on_exit /proc/bus/usb
 		umount "$TARGET/proc" 2>/dev/null || true
 		in_target mount -t proc proc /proc
 		if [ -d "$TARGET/sys" ] && \
-- 
2.14.3


--- End Message ---
--- Begin Message ---
Source: debootstrap
Source-Version: 1.0.97

We believe that the bug you reported is fixed in the latest version of
debootstrap, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 890...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Hideki Yamane <henr...@debian.org> (supplier of updated debootstrap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 17 Apr 2018 11:06:32 +0900
Source: debootstrap
Binary: debootstrap debootstrap-udeb
Architecture: source all
Version: 1.0.97
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Hideki Yamane <henr...@debian.org>
Description:
 debootstrap - Bootstrap a basic Debian system
 debootstrap-udeb - Bootstrap the Debian system (udeb)
Closes: 698677 826709 844118 866401 872059 872577 872948 890419 893954 895466
Changes:
 debootstrap (1.0.97) unstable; urgency=medium
 .
   [ Dan Nicholson ]
   * Handle existing /dev (Closes: #872577)
 .
   [ Hideki Yamane ]
   * Create /dev/console as same as previous (Closes: #872059)
   * Do not ignore HTTPS mirror setting (Closes: #893954)
   * Improve manpage "what is calls a Debian base system" (Closes: #872948)
     Thanks to Emmanuel Kasper <m...@debian.org> for the patch
   * Improve error message when download fails (Closes: #866401)
     Thanks to Raphaël Hertzog <hert...@debian.org> for the patch
   * Use wget --non-verbose option instead of --quiet
   * Improve error message on Release signed by unknown key (Closes: #698677)
   * Add --cache-dir feature (Closes: #844118)
     It is enabled by default and use /var/cache/apt/archives as default value
 .
   [ Adam Borowski ]
   * Use arch-test if installed to check whether second stage is possible.
     (Closes: #826709)
 .
   [ Lubomir Rintel ]
   * Fix boostrapping libvirt LXC containers (Closes: #890419)
 .
   [ Raphaël Hertzog ]
   * Use "command -v apt-config" to check for apt-config's presence
     (Closes: #895466)
   * Drop default value for --cache-dir parameter
   * Forbid the usage of non-empty directories with --print-debs and
     --make-tarball
   * Do not use HTTPS for Kali bootstrap script
Checksums-Sha1:
 dec58e328c8ca5a62ed929cba1323a21d053c960 1991 debootstrap_1.0.97.dsc
 ff4d6b40efebbbf14c33445419e8e264cf4c04c8 71121 debootstrap_1.0.97.tar.gz
 c2d21436e905fc28eb141fd25542c1d1d748f003 20556 debootstrap-udeb_1.0.97_all.udeb
 5eba09250171942f0b7483759285c85c24e82e74 69060 debootstrap_1.0.97_all.deb
 5cf71f8a36c995632a5d7ae31320941c907b56fa 5766 
debootstrap_1.0.97_amd64.buildinfo
Checksums-Sha256:
 9b0dc362f97976833c1f148d00933c85a0095525885ad1a6845e81671d4aabdd 1991 
debootstrap_1.0.97.dsc
 d3e6bef403dbabade11d098214030d5063c6b238d3751b159f727af7556c5cf0 71121 
debootstrap_1.0.97.tar.gz
 b4f377d7e40b5128271dca859d924e79c36fc7d1c86408f91a474ad2c669f6e9 20556 
debootstrap-udeb_1.0.97_all.udeb
 0177ffecea5cc1a42084ae02a44d8e902a086577cefc00194b983fd7f3d802a7 69060 
debootstrap_1.0.97_all.deb
 c9d57dd2f298f41fd5d56badca0d88898b8797e7b5755db1b62e7b14cf99af02 5766 
debootstrap_1.0.97_amd64.buildinfo
Files:
 355d536a46a764b9f798e977ffdf0acf 1991 admin optional debootstrap_1.0.97.dsc
 856379c44f4cec4be4071a91e061aafd 71121 admin optional debootstrap_1.0.97.tar.gz
 11ae2cd66f0ec42d94edda0a876fcb5a 20556 debian-installer optional 
debootstrap-udeb_1.0.97_all.udeb
 e1844d1cfb966c00101048bb9285f002 69060 admin optional 
debootstrap_1.0.97_all.deb
 e1d959b6ca11fbca1d18a15bb9403248 5766 admin optional 
debootstrap_1.0.97_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEWOEiL5aWyIWjzRBMXTKNCCqqsUAFAlrVWFQTHGhlbnJpY2hA
ZGViaWFuLm9yZwAKCRBdMo0IKqqxQC1GD/9n8XmploJvPpi6CI0uFgBAwAHXOHZN
VRfdq/LmZBisF1Dw3cg1sPTy3JltrjCQjeVXOdPC5syz0ap5mJVKi6CdO8Yo+21+
dKqvb9WZOCJjQFVRoS7l/Vzto1wXwI80ylH5CNCNOmJnw7WLiKZZ8cKN+mh3CA4S
6iXZymu6Wz7BRaQa2LWVrpq/ygJpmqyt/tdzsFh5s621vEcsTUnxEokHoW9abzVF
FzWt9Dc8Ipn5iv+HeMdsQctwcWIbytfcchHLPlajeVP7alD7vFvQxan7jEFON4Tn
RRzkCfl7UKZHMHwrxYhchGYFg/c9qGM4sNu4wi6Aqo7KfogGhM/yXiSAcm4x6KZh
/nZ88IvuxRbqm7SfUOaw0eTby4d5L01PkMUopwFTLgg1YkaPe3eJhYnmzMHE1yEC
pIo0cwZHB64I5UwK4/1EtG4sy27M4dSVyuHXAMMUKv39AxUiZShAM6kttmGzoDUc
8opGN6Ip1RiX62SExZFEQQUMoA0ByR96U8vZUFAcwHEPyI+iW4nnFkNEhasWtDBY
u9EbhGNmVKUGbywoyuF//FYyrXPF2LuCNHIA/0zwhjd5U8Jytx+U+gfOa8DC6k5O
tpej8BjuI+Ob/8Kr0+dg6uJ0MnU/7gtHjJCMQ+GMwRr8mPT2tsa+rftTOVVShQym
czgQ2K/mIbhlFw==
=caYw
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to