diff --git a/debian/patches/pve/0010-conf-userns.conf-include-userns.conf.d.patch b/debian/patches/pve/0010-conf-userns.conf-include-userns.conf.d.patch new file mode 100644 index 0000000..f752140 --- /dev/null +++ b/debian/patches/pve/0010-conf-userns.conf-include-userns.conf.d.patch @@ -0,0 +1,21 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 5 Jul 2021 09:02:36 +0200 +Subject: [PATCH] conf: userns.conf: include userns.conf.d + +Signed-off-by: Wolfgang Bumiller +--- + config/templates/userns.conf.in | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/config/templates/userns.conf.in b/config/templates/userns.conf.in +index 69d992680..255dd01a3 100644 +--- a/config/templates/userns.conf.in ++++ b/config/templates/userns.conf.in +@@ -19,3 +19,6 @@ lxc.tty.dir = + + # Setup the default mounts + lxc.mount.auto = sys:rw ++ ++# Lastly, include all the configs from @LXCTEMPLATECONFIG@/userns.conf.d/ ++lxc.include = @LXCTEMPLATECONFIG@/userns.conf.d/ diff --git a/debian/patches/pve/0011-confile-allow-including-nonexisting-directories.patch b/debian/patches/pve/0011-confile-allow-including-nonexisting-directories.patch new file mode 100644 index 0000000..ecd3132 --- /dev/null +++ b/debian/patches/pve/0011-confile-allow-including-nonexisting-directories.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Mon, 5 Jul 2021 10:53:41 +0200 +Subject: [PATCH] confile: allow including nonexisting directories + +If an include directive ends with a trailing slash, we now +always assume it is a directory and do not treat the +non-existence as an error. + +Signed-off-by: Wolfgang Bumiller +--- + src/lxc/confile.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/lxc/confile.c b/src/lxc/confile.c +index 6e2b68b1c..7f4fb13fb 100644 +--- a/src/lxc/confile.c ++++ b/src/lxc/confile.c +@@ -2689,7 +2689,7 @@ static int do_includedir(const char *dirp, struct lxc_conf *lxc_conf) + + dir = opendir(dirp); + if (!dir) +- return -errno; ++ return errno == ENOENT ? 0 : -errno; + + while ((direntp = readdir(dir))) { + const char *fnam; +@@ -2726,7 +2726,7 @@ static int set_config_includefiles(const char *key, const char *value, + return 0; + } + +- if (is_dir(value)) ++ if (value[strlen(value)-1] == '/' || is_dir(value)) + return do_includedir(value, lxc_conf); + + return lxc_config_read(value, lxc_conf, true); diff --git a/debian/patches/series b/debian/patches/series index e1f9c16..cbc171b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -7,3 +7,5 @@ pve/0006-doc-Add-lxc.cgroup.dir.-monitor-container-container..patch pve/0007-PVE-Config-lxc.service-start-after-a-potential-syslo.patch pve/0008-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch pve/0009-PVE-Config-attach-always-use-getent.patch +pve/0010-conf-userns.conf-include-userns.conf.d.patch +pve/0011-confile-allow-including-nonexisting-directories.patch