preliminary unprivileged support

just added the more straight-forward things, albeit userid mappings
might mess with file owner in the tar assembled at the end?

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/PVE/DAB.pm b/PVE/DAB.pm
index 0ee95f31c2d0d72e49749d6eb273bd4b38724817..7baa2c483d502b486c49826ca4b634331de30463 100644 (file)
--- a/PVE/DAB.pm
+++ b/PVE/DAB.pm
@@ -311,14 +311,20 @@ sub __sample_config {
 
     if ($ostype =~ m/^de(bi|vu)an-/) {
        $data .= "lxc.include = /usr/share/lxc/config/debian.common.conf\n";
+       $data .= "lxc.include = /usr/share/lxc/config/debian.userns.conf\n" if $> != 0;
     } elsif ($ostype =~ m/^ubuntu-/) {
        $data .= "lxc.include = /usr/share/lxc/config/ubuntu.common.conf\n";
+       $data .= "lxc.include = /usr/share/lxc/config/ubuntu.userns.conf\n" if $> != 0;
     } else {
        die "unknown os type '$ostype'\n";
     }
+    if ($> != 0) {
+       $data .= "lxc.idmap = u 0 100000 65536\n";
+       $data .= "lxc.idmap = g 0 100000 65536\n";
+    }
     $data .= "lxc.uts.name = localhost\n";
     $data .= "lxc.rootfs.path = $self->{rootfs}\n";
-    
+
     return $data;
 }