Package: docker.io
Version: 20.10.5+dfsg1-1+b5
Severity: important
Tags: patch upstream
Dear maintainers,
I found a little issue in the dockerd-rootless-setuptool.sh installation script.
The fix (or workaround) will be sent in this email.
AFAIK this script is based on the official docker script. But the original
script assumes
that the docker binary will be in the same folder as the dockerd-rootless.sh.
And this is not the case in the Debian package.
Here is my patch to solve this problem
--- /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20
10:08:53.200580743 -0300
+++ /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20
10:15:46.489616241 -0300
@@ -55,12 +55,13 @@
exit 1
fi
- # set BIN
- if ! BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> /dev/null)"; then
+ # set BIN and ROOTLESS_BIN
+ if ! ROOTLESS_BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> /dev/null)";
then
ERROR "$DOCKERD_ROOTLESS_SH needs to be present under \$PATH"
exit 1
fi
- BIN=$(dirname "$BIN")
+ ROOTLESS_BIN=$(dirname "$ROOTLESS_BIN")
+ BIN="/usr/bin/"
# set SYSTEMD
if systemctl --user show-environment > /dev/null 2>&1; then
@@ -294,7 +295,7 @@
[Service]
Environment=PATH=$BIN:/sbin:/usr/sbin:$PATH
- ExecStart=$BIN/dockerd-rootless.sh
$DOCKERD_ROOTLESS_SH_FLAGS
+ ExecStart=$ROOTLESS_BIN/dockerd-rootless.sh
$DOCKERD_ROOTLESS_SH_FLAGS
ExecReload=/bin/kill -s HUP \$MAINPID
TimeoutSec=0
RestartSec=2
I also had a problem with kernel modules, so I had to add them manually. I'm
not sure how useful
they would be in other types of installation, but Maybe worth add them to the
installation script.
--- /dev/null 2021-08-20 08:47:56.012087970 -0300
+++ /etc/modprobe.d/overlay.conf 2021-08-19 19:35:17.535171578 -0300
@@ -0,0 +1,2 @@
+# Debian-specific kernel patch, introduced in Debian 10 to the overlay2
storage driver
+options overlay permit_mounts_in_userns=1
--- /etc/modules-load.d/modules.con 2021-08-20 10:25:11.522661268 -0300
+++ /etc/modules-load.d/modules.conf 2021-08-19 19:41:25.866695920 -0300
@@ -2,3 +2,4 @@
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
+br_netfilter
Thanks for your attention,
Igor M. A. Torrente
-- System Information:
Debian Release: 11.0
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages docker.io depends on:
ii adduser 3.118
ii containerd 1.4.5~ds1-2
ii init-system-helpers 1.60
ii iptables 1.8.7-1
ii libc6 2.31-13
ii libdevmapper1.02.1 2:1.02.175-2.1
ii libsystemd0 247.3-6
ii lsb-base 11.1.0
ii runc 1.0.0~rc93+ds1-5+b2
ii tini 0.19.0-1
Versions of packages docker.io recommends:
ii apparmor 2.13.6-10
ii ca-certificates 20210119
ii cgroupfs-mount 1.4
ii git 1:2.30.2-1
ii needrestart 3.5-4
ii xz-utils 5.2.5-2
Versions of packages docker.io suggests:
pn aufs-tools <none>
pn btrfs-progs <none>
pn debootstrap <none>
pn docker-doc <none>
ii e2fsprogs 1.46.2-2
pn rinse <none>
ii rootlesskit 0.14.2-1+b3
ii xfsprogs 5.10.0-4
pn zfs-fuse | zfsutils-linux <none>
-- no debconf information
-- debsums errors found:
debsums: changed file
/usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh (from docker.io
package)
