On Fri, Aug 20, 2021 at 9:39 PM Igor Torrente <igormtorre...@gmail.com> wrote: > > Package: docker.io > Version: 20.10.5+dfsg1-1+b5 > Severity: important > Tags: patch upstream > > Dear maintainers, > > I found a little issue in the dockerd-rootless-setuptool.sh installation > script. > The fix (or workaround) will be sent in this email. > > AFAIK this script is based on the official docker script. But the original > script assumes > that the docker binary will be in the same folder as the dockerd-rootless.sh. > And this is not the case in the Debian package. > > Here is my patch to solve this problem > > --- /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20 > 10:08:53.200580743 -0300 > +++ /usr/share/docker.io/contrib/dockerd-rootless-setuptool.sh 2021-08-20 > 10:15:46.489616241 -0300 > @@ -55,12 +55,13 @@ > exit 1 > fi > > - # set BIN > - if ! BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> /dev/null)"; then > + # set BIN and ROOTLESS_BIN > + if ! ROOTLESS_BIN="$(command -v "$DOCKERD_ROOTLESS_SH" 2> > /dev/null)"; then > ERROR "$DOCKERD_ROOTLESS_SH needs to be present under \$PATH" > exit 1 > fi > - BIN=$(dirname "$BIN") > + ROOTLESS_BIN=$(dirname "$ROOTLESS_BIN") > + BIN="/usr/bin/" > > # set SYSTEMD > if systemctl --user show-environment > /dev/null 2>&1; then > @@ -294,7 +295,7 @@ > > [Service] > Environment=PATH=$BIN:/sbin:/usr/sbin:$PATH > - ExecStart=$BIN/dockerd-rootless.sh > $DOCKERD_ROOTLESS_SH_FLAGS > + ExecStart=$ROOTLESS_BIN/dockerd-rootless.sh > $DOCKERD_ROOTLESS_SH_FLAGS > ExecReload=/bin/kill -s HUP \$MAINPID > TimeoutSec=0 > RestartSec=2 > > I also had a problem with kernel modules, so I had to add them manually. I'm > not sure how useful > they would be in other types of installation, but Maybe worth add them to the > installation script. >
I know by default dockerd-rootless-setuptool.sh refuses to run and wants the user to add /usr/share/docker.io/contrib/ to PATH. However this script is just copied from upstream without change. I'm not sure we shall patch it. But a simple workaround is run it like: PATH=/usr/share/docker.io/contrib/:$PATH dockerd-rootless-setuptool.sh > --- /dev/null 2021-08-20 08:47:56.012087970 -0300 > +++ /etc/modprobe.d/overlay.conf 2021-08-19 19:35:17.535171578 -0300 > @@ -0,0 +1,2 @@ > +# Debian-specific kernel patch, introduced in Debian 10 to the overlay2 > storage driver > +options overlay permit_mounts_in_userns=1 > This is actually broken, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969223 You'd better to install fuse-overlayfs and use that. > --- /etc/modules-load.d/modules.con 2021-08-20 10:25:11.522661268 -0300 > +++ /etc/modules-load.d/modules.conf 2021-08-19 19:41:25.866695920 -0300 > @@ -2,3 +2,4 @@ > # > # This file contains the names of kernel modules that should be loaded > # at boot time, one per line. Lines beginning with "#" are ignored. > +br_netfilter > -- Shengjing Zhu
