On Tue, Jun 28, 2016 at 12:16:21PM +0200, Julien Cristau wrote: > Control: tag -1 confirmed > > On Mon, Jun 20, 2016 at 17:26:33 -0300, Antonio Terceiro wrote: > > > Package: release.debian.org > > Severity: normal > > Tags: jessie > > User: release.debian.org@packages.debian.org > > Usertags: pu > > > > After init 1.34 dropped the `Essential: yes` bit, debootstrap will > > produce systems that by default do not have /sbin/init (as intended). > > This makes, however, lxc from jessie not able to produce a working > > stretch/sid container. > > > > This has been fixed in 1:2.0.1-2 on unstable. > > > > Patch attached. > > > Ack. Please go ahead. Hi, actually I was just made aware of a regression: including `init` in the package list breaks the creation of wheezy containers because `init` did not exist then. The regression was fixed in 1:2.0.1-3 just uploaded to unstable. The updated diff is attached. the included patch is the same as the current version in unstable, only adding `squeeze` to the special cases since the lxc version in jessie still supports creating squeeze containers, while the one in unstable has dropped support for squeeze a while ago.
diff --git a/debian/changelog b/debian/changelog
index e7a2e1f..3902cc0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+lxc (1:1.0.6-6+deb8u3) jessie; urgency=medium
+
+ * 0023-lxc-debian-make-sure-init-is-installed.patch: make sure stretch/sid
+ containers have an init system, after init 1.34 dropped the `Essential:
+ yes` header.
+
+ -- Antonio Terceiro <terceiro@debian.org> Mon, 20 Jun 2016 16:58:05 -0300
+
lxc (1:1.0.6-6+deb8u2) jessie-security; urgency=high
* CVE-2015-1335: prevent local container administrator from escaping
diff --git a/debian/patches/0023-lxc-debian-make-sure-init-is-installed.patch b/debian/patches/0023-lxc-debian-make-sure-init-is-installed.patch
new file mode 100644
index 0000000..35480bf
--- /dev/null
+++ b/debian/patches/0023-lxc-debian-make-sure-init-is-installed.patch
@@ -0,0 +1,31 @@
+From 55bd6688ec22f55f895cde1dfd060132b7e12b28 Mon Sep 17 00:00:00 2001
+From: Antonio Terceiro <terceiro@softwarelivre.org>
+Date: Fri, 17 Jun 2016 19:00:56 -0300
+Subject: [PATCH] lxc-debian: make sure init is installed
+
+init 1.34 is not "Essential" anymore, in order to make it not required
+on minimal chroots, docker containers, etc. Because of that we know need
+to manually include it on systems that are expected to boot.
+---
+ templates/lxc-debian.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/templates/lxc-debian.in
++++ b/templates/lxc-debian.in
+@@ -206,7 +206,16 @@ cleanup()
+
+ download_debian()
+ {
++ case "$release" in
++ squeeze|wheezy)
++ init=sysvinit
++ ;;
++ *)
++ init=init
++ ;;
++ esac
+ packages=\
++$init,\
+ ifupdown,\
+ locales,\
+ libui-dialog-perl,\
diff --git a/debian/patches/series b/debian/patches/series
index 0f054c0..11f5062 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -20,3 +20,4 @@
0020-CVE-2015-1335.patch
0021-CVE-2015-1335-2.patch
0022-CVE-2015-1335-3.patch
+0023-lxc-debian-make-sure-init-is-installed.patch
Attachment:
signature.asc
Description: PGP signature