systemd: Backport nspawn: make sure host root can write to the uidmapped...
systemd: Backport nspawn: make sure host root can write to the uidmapped mounts we prepare for the container payload
Backport fix for systemd nspawn uidmap handling from systemd v253 .
Without this, attempt to start mkosi generated debian stable 12
container would ultimately fail (per "$ strace -ff") with:
"
symlinkat("usr/lib/aarch64-linux-gnu", 8, "lib64") = -1 EOVERFLOW (Value too large for defined data type)
"
Command to generate test container:
"
mkosi --distribution debian --release stable --architecture arm64 \
--cache-dir /home/oe/cache/ --format tar --compress-output xz \
--output-dir /home/oe/output/ --checksum 1 --root-password root \
--package systemd --package udev --package dbus
"
Command to import test container and start it, which triggers the failure:
"
$ machinectl pull-tar http://192.168.1.300/image.tar.xz default
$ machinectl read-only default false
$ rm -f /var/lib/machines/default/etc/machine-id
$ dbus-uuidgen --ensure=/var/lib/machines/default/etc/machine-id
$ machinectl start default
"
Minimal command to trigger the failure once container is imported:
"
$ strace -ff systemd-nspawn --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=default
"
Extracted from systemd MR:
https://github.com/systemd/systemd/pull/22774
Further explanation by Christian Brauner at second half of:
https://github.com/systemd/systemd/issues/20989
Signed-off-by: 
Marek Vasut <marex@denx.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Loading
Please register or sign in to comment