From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Thu, 8 Jun 2023 08:58:18 +0000 (+0200)
Subject: preliminary unprivileged support
X-Git-Url: https://git.proxmox.com/?p=dab.git;a=commitdiff_plain;h=3f9c3b5025e5c33c23736d364f39eb55cccf397b

preliminary unprivileged support

just added the more straight-forward things, albeit userid mappings
might mess with file owner in the tar assembled at the end?

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---

diff --git a/PVE/DAB.pm b/PVE/DAB.pm
index 0ee95f3..7baa2c4 100644
--- a/PVE/DAB.pm
+++ b/PVE/DAB.pm
@@ -311,14 +311,20 @@ sub __sample_config {
 
     if ($ostype =~ m/^de(bi|vu)an-/) {
 	$data .= "lxc.include = /usr/share/lxc/config/debian.common.conf\n";
+	$data .= "lxc.include = /usr/share/lxc/config/debian.userns.conf\n" if $> != 0;
     } elsif ($ostype =~ m/^ubuntu-/) {
 	$data .= "lxc.include = /usr/share/lxc/config/ubuntu.common.conf\n";
+	$data .= "lxc.include = /usr/share/lxc/config/ubuntu.userns.conf\n" if $> != 0;
     } else {
 	die "unknown os type '$ostype'\n";
     }
+    if ($> != 0) {
+	$data .= "lxc.idmap = u 0 100000 65536\n";
+	$data .= "lxc.idmap = g 0 100000 65536\n";
+    }
     $data .= "lxc.uts.name = localhost\n";
     $data .= "lxc.rootfs.path = $self->{rootfs}\n";
-    
+
     return $data;
 }