On 8/20/21 12:01 PM, Shengjing Zhu wrote:
On Fri, Aug 20, 2021 at 9:39 PM Igor Torrente <igormtorre...@gmail.com> wrote:
Package: docker.io
Version: 20.10.5+dfsg1-1+b5
Severity: important
Tags: patch upstream
Dear maintainers,
I found a little issue in the dockerd-rootless-setuptool.sh installation script.
The fix (or workaround) will be sent in this email.
AFAIK this script is based on the official docker script. But the original
script assumes
that the docker binary will be in the same folder as the dockerd-rootless.sh.
And this is not the case in the Debian package.
Here is my patch to solve this problem
--- /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20
10:08:53.200580743 -0300
+++ /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20
10:15:46.489616241 -0300
@@ -55,12 +55,13 @@
exit 1
fi
- # set BIN
- if ! BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> /dev/null)"; then
+ # set BIN and ROOTLESS_BIN
+ if ! ROOTLESS_BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> /dev/null)";
then
ERROR "$DOCKERD_ROOTLESS_SH needs to be present under \$PATH"
exit 1
fi
- BIN=$(dirname "$BIN")
+ ROOTLESS_BIN=$(dirname "$ROOTLESS_BIN")
+ BIN="/usr/bin/"
# set SYSTEMD
if systemctl --user show-environment > /dev/null 2>&1; then
@@ -294,7 +295,7 @@
[Service]
Environment=PATH=$BIN:/sbin:/usr/sbin:$PATH
- ExecStart=$BIN/dockerd-rootless.sh
$DOCKERD_ROOTLESS_SH_FLAGS
+ ExecStart=$ROOTLESS_BIN/dockerd-rootless.sh
$DOCKERD_ROOTLESS_SH_FLAGS
ExecReload=/bin/kill -s HUP \$MAINPID
TimeoutSec=0
RestartSec=2
I also had a problem with kernel modules, so I had to add them manually. I'm
not sure how useful
they would be in other types of installation, but Maybe worth add them to the
installation script.
I know by default dockerd-rootless-setuptool.sh refuses to run and
wants the user to add /usr/share/docker.io/contrib/ to PATH.
However this script is just copied from upstream without change.
I'm not sure we shall patch it. But a simple workaround is run it like:
PATH=/usr/share/docker.io/contrib/:$PATH dockerd-rootless-setuptool.sh
I know that we should always avoid an out-of-three/downstream patch. But
for me, at least, I had to apply the change and the PATH workaround.
Because of this line(~336):
DOCKER_HOST="unix://$XDG_RUNTIME_DIR/docker.sock" $BIN/docker version
And now I noticed that this patch above could be simplified...
--- /dev/null 2021-08-20 08:47:56.012087970 -0300
+++ /etc/modprobe.d/overlay.conf 2021-08-19 19:35:17.535171578 -0300
@@ -0,0 +1,2 @@
+# Debian-specific kernel patch, introduced in Debian 10 to the overlay2
storage driver
+options overlay permit_mounts_in_userns=1
This is actually broken, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969223
You'd better to install fuse-overlayfs and use that.
As I far as I understood, this shouldnt be a problem in the way that I
use docker. But thanks for the tip.
--- /etc/modules-load.d/modules.con 2021-08-20 10:25:11.522661268 -0300
+++ /etc/modules-load.d/modules.conf 2021-08-19 19:41:25.866695920 -0300
@@ -2,3 +2,4 @@
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
+br_netfilter
