Since systemd 256~rc3-3, /tmp is regularly cleaned up, removing files
older than 10 days. Since a rootfs contains files with timestamps
potentially much older than that, we exclude our temporary directory by
adding an exclusive lock on it which will stop systemd-tmpfiles from
cleaning up anything in it.
Thanks: Peter Pentchev <roam@ringlet.net>
This emulates what unshare(1) does by default or by passing
--propagation=private explicitly. Mounting and unmounting filesystems
will affect mounts outside the namespace which are marked as shared (see
last column of `findmnt -o+PROPAGATION`). Since mmdebstrap's goal is to
isolate the mounts in the new namespace, we perform the equivalent of
mount(NULL, "/", MS_REC | MS_PRIVATE, NULL);
from util-linux/sys-utils/unshare.c:set_propagation() which is in shell:
mount --make-rprivate /
See mount_namespaces(7) for details. Without setting this, unmounting
/sys (and its sub-mounts) in unshare mode as root user will also unmount
the sub-mounts of /sys on the outside of the namespace. This breaks
tests/unshare-as-root-user which will fail to shut down with the following
errors in the log:
[FAILED] Failed unmounting mnt.mount - /mnt.
[FAILED] Failed unmounting run-lock.mount - Legacy Locks Directory /run/lock.
[...]
[ OK ] Reached target poweroff.target - System Power Off.
Afterwards it will stall indefinitely. Stopping mmdebstrap from messing
with the /sys mounts on the outside stops this behaviour and allows to
cleanly shut down the virtual machine.
Thanks: Helmut Grohne
This is so that users calling apt-get install from a hook only need to
have APT_CONFIG=$MMDEBSTRAP_APT_CONFIG set and do not also have to pass
-oDPkg::Chroot-Directory="$1".
This breaks users running apt-get with
DPkg::Options::=--force-script-chrootless or with Dpkg::Pre-Install-Pkgs
from within a hook with APT_CONFIG=$MMDEBSTRAP_APT_CONFIG.
In those situations, DPkg::Chroot-Directory has to be set to the empty
string explicitly with -o to overwrite the APT_CONFIG setting.
Thanks: Helmut Grohne
Jochen Sprickerhof
Max-Julian Pogner