From c255837bb972d9e4c6d9a33cdfff8f0bf32f79fc Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Fri, 2 Dec 2022 19:11:55 +1100 Subject: [PATCH 01/16] add script for bind mounting into overlay --- overlay-share | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100755 overlay-share diff --git a/overlay-share b/overlay-share new file mode 100755 index 0000000..1ed74fc --- /dev/null +++ b/overlay-share @@ -0,0 +1,39 @@ +#!/bin/bash +# +# Share a directory tree with an overlay-boot subhost +# +# $1 = directory $2 = subhost + +set -e + +. $(dirname $(realpath $0))/functions + +if [ ! -d "$1" ] ; then + echo "** Not a directory: $1" >&2 + exit 1 +fi + +SHARE="$1" +NAME="$2" + +[ -z "$NAME" ] && echo "Select subhost: $(list_running)" && exit 0 + +read USPID RSPID <&2 && exit 1 +if [ -z "$RSPID" ] ; then + cat <&2 +*** $NAME is started (pid $USPID) but doesn't seem to be running +*** /.reaper and might need manual fixing. +EOF + exit 1 +fi + +sudo nsenter -t "$RSPID" -n -m -p /bin/bash < Date: Fri, 2 Dec 2022 19:24:08 +1100 Subject: [PATCH 02/16] added overlay-share to the package --- Makefile | 2 ++ debian/changelog | 6 ++++++ debian/overlay-boot.links | 1 + overlay-share.8.adoc | 44 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 53 insertions(+) create mode 100644 overlay-share.8.adoc diff --git a/Makefile b/Makefile index c099771..bc4f1cc 100644 --- a/Makefile +++ b/Makefile @@ -5,9 +5,11 @@ SBINDIR = $(DESTDIR)/usr/sbin VARLIBDIR = $(DESTDIR)/var/lib/overlay-boot MAN8FILES = overlay-boot.8 overlay-go.8 overlay-stop.8 overlay-diskfile.8 +MAN8FILES += overlay-share.8 VARLIBFILES = overlay-boot overlay-go overlay-stop functions reaper VARLIBFILES += overlay-init overlay-postmount overlay-premount VARLIBFILES += overlay-diskfile +VARLIBFILES += overlay-share INITFILES = subhosts ETCFILES = subhosts.conf diff --git a/debian/changelog b/debian/changelog index 60cac80..6d2ac44 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +overlay-boot (0.1.10) experimental; urgency=medium + + * include the overlay-share utility + + -- Ralph Ronnquist Fri, 02 Dec 2022 19:21:58 +1100 + overlay-boot (0.1.9) experimental; urgency=medium * discard most mounts before unshare diff --git a/debian/overlay-boot.links b/debian/overlay-boot.links index c1d7c8d..71565ab 100644 --- a/debian/overlay-boot.links +++ b/debian/overlay-boot.links @@ -2,3 +2,4 @@ /var/lib/overlay-boot/overlay-stop /usr/sbin/overlay-stop /var/lib/overlay-boot/overlay-go /usr/sbin/overlay-go /var/lib/overlay-boot/overlay-diskfile /usr/sbin/overlay-diskfile +/var/lib/overlay-boot/overlay-shar /usr/sbin/overlay-share diff --git a/overlay-share.8.adoc b/overlay-share.8.adoc new file mode 100644 index 0000000..16909bb --- /dev/null +++ b/overlay-share.8.adoc @@ -0,0 +1,44 @@ +overlay-share(8) +================ +:doctype: manpage +:revdate: {sys:date "+%Y-%m-%d %H:%M:%S"} +:COLON: : +:EQUALS: = +:BANG: ! + +NAME +---- +overlay-share - Utility to bind mount directory into subhost. + +SYNOPSIS +-------- +*overlay-share* _path_ _subhostname_ + +DESCRIPTION +----------- + +*overlay-share* is a utility command script for bind-mounting a + directory into a subhost under the same pathname. + +OPTIONS +------- + +no options. + +EXAMPLES +-------- + +==== +---- +# overlay-share /home/guest example +---- +==== + +The above bind-mounts the main host's directory tree +/home/guest+ +into the subhost +example+ and thereby making that directory subtree +shared between the subhost and the main host. + +SEE ALSO +-------- + +*overlay-boot*, *overlay-stop* -- 2.39.2 From 207b672e863b408cff5a56ddb2a9ff08f4523791 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Mon, 5 Dec 2022 14:12:49 +1100 Subject: [PATCH 03/16] SHARE to mount host dir onto LIVE --- functions | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/functions b/functions index e9111fe..2fa68cc 100644 --- a/functions +++ b/functions @@ -156,12 +156,12 @@ setup_overlay() { grep ^SHARE= "$CONFIG" | while read A ; do B="$(echo ${A#SHARE=})" - D="$(realpath "$LOWER$B")" + D="$(realpath "$B")" [ "$D" = "$LOWER" ] && continue if [ -d "$D" ] ; then - echo bind mount $D onto $LIVE$D + echo bind mount $D onto $LIVE$B mkdir -p $LIVE$D - mount --bind $D $LIVE$D + mount --bind $D $LIVE$B fi done -- 2.39.2 From ab7139047b337f3e893e55707764b59c6f97a78f Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Tue, 6 Dec 2022 09:21:33 +1100 Subject: [PATCH 04/16] editorial improvements --- overlay-boot.8.adoc | 81 ++++++++++++++++++++++++++------------------- 1 file changed, 47 insertions(+), 34 deletions(-) diff --git a/overlay-boot.8.adoc b/overlay-boot.8.adoc index 974759e..c7c3508 100644 --- a/overlay-boot.8.adoc +++ b/overlay-boot.8.adoc @@ -17,24 +17,23 @@ DESCRIPTION ----------- *overlay-boot* is the main script in a small collection of administration scripts for containerizing services with minimal ado. -It starts a "subhost" with a dedicated network namespace, and the -mount and pid namespaces separated from the main host by means of -_unshare_, and the subhost root file system may be set up as an -overlay of the main host filesystem, for keeping the subhost services -distinctly separate from the main host. - -A subhost is started by nominating its _configuration file_ on the -command line for *overlay-boot*. This is a plain text file with a -small collection of "variables" that tell how the subhost is set up. -*overlay-boot* spawns a subprocess that invokes a command shell within -an chroot into "unshared" subhost root filesystem, all similar to the -bootup of any odd computer, and therafter the subhost "runs" in the -way of a virtual machine or container environment. +The script starts a "subhost" whose root filesystem is an overlay on +the main host filesystem, and with separate mount, network and pid +namespaces. In effect an administrative sandboxing that is +prepopulated with a copy of the overlaid filesystem. + +The subhost is defined by means of a configuration file, __conf__, +that is a simple text file with small collection of "variables" +telling how the subhost is set up. *overlay-boot* spawns a subprocess +that performs the boot-up of the "subhost" as an init script that ends +with a pid 1 +reaper+ that simply "reaps" any terminated child +processes. The administrator may "enter" the subhost execution environment to perform adminstrative tasks by means of *overlay-go*, which starts an -interactive shell within the subhost namespaces. The subhost may also -be set up with users and an _sshd_ service as needed. +interactive shell within the subhost namespaces. Usually this is only +used initially for configuring the subhost's network and set up an +_sshd_ service for subsequent access. Subhost execution is stopped with *overlay-stop*. @@ -200,24 +199,22 @@ possibly a different one upon each start. EXAMPLES -------- -=== /opt/subhost/mta/mta.conf -**** +=== Smallest possible ---- +# mkdir -p /opt/subhost/copy/{root,work,live} +# cat << EOF > /opt/subhost/copy/copy.conf BASE=. -CABLES= = -START= rsyslog networking ssh saslauthd postfix dovecot +EOF ---- -**** -The above example assumes a directory +/opt/subhost/mta+ that contains -the configuration file +mta.conf+ and directories +root+, +work+ and -+live+. *overlay-boot* will set up an overlay mount on +live+ with -+root+ as UPPER, +work+ as WORK and +/+ as LOWER, i.e. an overlay of -the main host filesystem. Further, the running subhost will feature a -virtual cable to the main host, where the subhost end is named +eth0+ -and the main host end is named +mta0+, and upon start, an +ifup mta0+ -is attempted at the host end while the subhost end is handled via its -neworking service. + +This setup has a minimal configuration for a subhost that overlays the +root filesystem but is without networking. The subhost must be entered +with *overlay-go*, although the default start might have started sshd +listening on a loopback interface in the subhost's network namespaces. + +Note that *overlay-go* runs a shell within the namespaces, but not as +a child of the "subhost init" (aka +.reaper+). === /opt/subhost/tiny/tiny.conf **** @@ -225,19 +222,35 @@ neworking service. BASE=. CABLES= = START= none -LOWER= !mkdir -p base work root live ; echo base -WORK= work -UPPER= root -LIVE= live +LOWER= base ---- **** The +tiny+ subhost would be for overlaying a separate +debootstrap+ -root filesystem, without any services (since +START+ is empty). This +root filesystem, without any services (since +START+ is "none"). This gets started with a +dummy_service+ to hold the overlay for access via +overlay-go+. The +dummy_service+ sets up and listens on a pipe at +/run/dummy_service+, and exits when anything is written to that. +=== /opt/subhost/mta/mta.conf +**** +---- +BASE=. +CABLES= = +START= rsyslog networking ssh saslauthd postfix dovecot +---- +**** + +The above example assumes a directory +/opt/subhost/mta+ that contains +the configuration file +mta.conf+ and directories +root+, +work+ and ++live+. *overlay-boot* will set up an overlay mount on +live+ with ++root+ as UPPER, +work+ as WORK and +/+ as LOWER, i.e. an overlay of +the main host filesystem. Further, the running subhost will feature a +virtual cable to the main host, where the subhost end is named +eth0+ +and the main host end is named +mta0+, and upon start, an +ifup mta0+ +is attempted at the host end while the subhost end is handled via its +neworking service. + SEE ALSO -------- -- 2.39.2 From 3e2ed38e99cc3a02220bf734b70e74e57dbe6e26 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sun, 30 Apr 2023 23:47:20 +1000 Subject: [PATCH 05/16] add author and revdate --- README.adoc | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/README.adoc b/README.adoc index 07b0812..99805d5 100644 --- a/README.adoc +++ b/README.adoc @@ -1,5 +1,6 @@ -The overlay-boot Project -======================== += The overlay-boot Project +:author: Ralph Ronnquist +:revdate: Sun, 30 Apr 2023 23:46:31 +1000 The *overlay-boot* project implements a "minimalist approach" for dividing a single host into "subhosts" for administratively separated @@ -30,8 +31,7 @@ framework. including the trivial case of "no services" (as is necessary for installing and configuring the service or services of a subhost). -A usage example (minimal) -------------------------- +== A usage example (minimal) A subhost is techincally defined as a directory that contains three mount points "work", "root" and "live", and a configuration file with @@ -72,8 +72,7 @@ The subhost environment may be "entered" with ---- ==== -Another usage example (MTA) ---------------------------- +== Another usage example (MTA) This is an example setup at +/opt/mta+ of a larger overlay subhost for an MTA as primary service and with some additional useful -- 2.39.2 From 7bf7a4a1f847eed595b09c7e17743b93cec26f36 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 27 May 2023 17:26:37 +1000 Subject: [PATCH 06/16] Added vlan setup support --- functions | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/functions b/functions index 2fa68cc..8d2d5f3 100644 --- a/functions +++ b/functions @@ -92,6 +92,9 @@ EOF # Setup the network namespace for the given $CABLES # $1=netns ( $2="br=mac" .. ) +# br is optional, mac is optional. +# If mac is .N then it's taken as vlan tag on prior outer interface +# (with ifup configuration) and the inner interface is left alone. setup_veth_cables() { local NETNS BR IF MAC C i ADD NETNS="$1" @@ -100,12 +103,21 @@ setup_veth_cables() { for C in "$@" ; do IF=$NETNS$i MAC="${C#*=}" - [ -z "$MAC" ] || MAC="address $MAC" - ip link add $IF type veth peer name eth$i $MAC netns $NETNS + if [ -z "$MAC" ] ; then + # set up veth with "random" mac address + ip link add $IF type veth peer name eth$i netns $NETNS + elif [ -z "${MAC%%.*}" ] ; then + # set up a host vlan with specified tag on previous eth + i=$((i-1)) + IF=$NETNS$i$MAC + ifup $IF + else + # set up veth with specified mac address + ip link add $IF type veth peer name eth$i address $MAC netns $NETNS + fi ip link set $IF up BR="${C%=*}" if [ -z "$BR" ] ; then - ip link set $IF ifup $IF else brctl addif $BR $IF -- 2.39.2 From d3ab4e79f8da4aa179c301e984e80097bdaba7d5 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 27 May 2023 17:28:29 +1000 Subject: [PATCH 07/16] version increment --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 6d2ac44..1a9db8c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +overlay-boot (0.1.11) experimental; urgency=medium + + * added vlan setup support + + -- Ralph Ronnquist Sat, 27 May 2023 17:27:46 +1000 + overlay-boot (0.1.10) experimental; urgency=medium * include the overlay-share utility -- 2.39.2 From 149999f53b48159be4e3f5efb19e33fe4d96ed51 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 27 May 2023 17:33:16 +1000 Subject: [PATCH 08/16] readded missing cleanup setp --- debian/rules | 1 + 1 file changed, 1 insertion(+) diff --git a/debian/rules b/debian/rules index 173b37e..583057e 100755 --- a/debian/rules +++ b/debian/rules @@ -4,4 +4,5 @@ dh $@ override_dh_clean: + dh_clean $@ dh_prep -Xtrial -- 2.39.2 From 817c920272ad2aa4b56940120e329b9cf1582779 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sun, 28 May 2023 08:58:12 +1000 Subject: [PATCH 09/16] Documentation update to use asciidoctor for manpage generation. Also added detail about VLAN networking setup. --- Makefile | 2 +- debian/control | 2 +- overlay-boot.8.adoc | 40 ++++++++++++++++++++++++++++------------ 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/Makefile b/Makefile index bc4f1cc..022b9ff 100644 --- a/Makefile +++ b/Makefile @@ -39,7 +39,7 @@ $(ETCDIR)/subhosts.conf: subhosts.conf | $(ETCDIR)/ # Generic rule: a local .8 file depends on the same .8.adoc file, if any $(MAN8FILES): %: %.adoc - a2x -d manpage -f manpage $^ + asciidoctor -b manpage $^ # Generic rule: an installed MAN8FILE file depends on a local the # same, and that the installation directory exists diff --git a/debian/control b/debian/control index 98f5ba8..dbbb374 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: misc Priority: optional Maintainer: Ralph Ronnquist Build-Depends: debhelper-compat (= 13), - asciidoc, docbook-xml, libxslt1-dev, xsltproc, docbook-xsl, + asciidoctor, docbook-xml, libxslt1-dev, xsltproc, docbook-xsl, musl-tools Standards-Version: 4.6.0 Homepage: https://borta.rrq.id.au/git?p=ralph/overlay-boot.git diff --git a/overlay-boot.8.adoc b/overlay-boot.8.adoc index c7c3508..dee7b10 100644 --- a/overlay-boot.8.adoc +++ b/overlay-boot.8.adoc @@ -19,21 +19,24 @@ DESCRIPTION administration scripts for containerizing services with minimal ado. The script starts a "subhost" whose root filesystem is an overlay on the main host filesystem, and with separate mount, network and pid -namespaces. In effect an administrative sandboxing that is -prepopulated with a copy of the overlaid filesystem. +namespaces. In effect the default use case is merely an administrative +sandboxing that is pre-populated with a copy of the overlaid +filesystem. -The subhost is defined by means of a configuration file, __conf__, +Each subhost is defined by means of a configuration file, __conf__, that is a simple text file with small collection of "variables" telling how the subhost is set up. *overlay-boot* spawns a subprocess that performs the boot-up of the "subhost" as an init script that ends with a pid 1 +reaper+ that simply "reaps" any terminated child processes. -The administrator may "enter" the subhost execution environment to -perform adminstrative tasks by means of *overlay-go*, which starts an -interactive shell within the subhost namespaces. Usually this is only -used initially for configuring the subhost's network and set up an -_sshd_ service for subsequent access. +An administrator may "enter" the subhost execution environment to +perform adminstrative tasks by means of *overlay-go*, which uses ++chroot+ to start an interactive shell within the subhost namespaces. +Such a shell however is not a child of the subhost +pid 1+ and it +would normally only be used initially for configuring the subhost's +network, and set up network based services, such as _sshd_, for +subsequent access. Subhost execution is stopped with *overlay-stop*. @@ -71,8 +74,8 @@ contains the configuration file and the three mount points "root", This variable declares the subhost networking in terms of its virtual cables. The value is a space separated list of "virtual cable specifiers", each consisting of an equal sign optionally with a bridge -name to the left and optionally a MAC address to the right. See the -section on Networking below for more details. +name to the left and optionally a MAC address or VLAN tag to the +right. See the section on Networking below for more details. INIT:: @@ -184,8 +187,8 @@ by the same number. As mentioned above, +CABLES+ is a space separated list of cable specifiers, each consisting of an optional bridge interface name, an -optional MAC adddress and with a required equal sign ("=") between -them. +optional MAC adddress or VLAN tag and with a required equal sign ("=") +between them. The bridge interface name, when given, will be given control of the host end cable interface. When the bridge interface name is omitted @@ -196,6 +199,19 @@ The MAC address, if given, is used for the subhost end cable interface, which otherise gets its MAC address from the kernel, possibly a different one upon each start. +A VLAN tag has the format ".N" where N is a number between 1 and 4095. +This modifies the cable function to set up a VLAN host interface on +the prior host interface, and skip subhost side setup. E.g. if the +prior host interface is +example1+ and the tag is +.302+ then the VLAN +interface would be +example1.302+. The host side setup uses _ifup $IF_ +and thus, the host needs to have a supporting configuration entry in ++/etc/network/interfaces+ for the VLAN interface. + +Note that it may be a good practice to keep a local +interfaces+ file +as sibling to the subhost configuration file on the host and use a +_source_ statement to include this into the system networking +configuration. + EXAMPLES -------- -- 2.39.2 From ff8135b68ccd6997ac03b6ac3dc83fb9128dcb07 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Mon, 26 Jun 2023 21:10:52 +1000 Subject: [PATCH 10/16] Added "Origin: devuan" --- debian/control | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/debian/control b/debian/control index dbbb374..f9bdade 100644 --- a/debian/control +++ b/debian/control @@ -1,7 +1,8 @@ Source: overlay-boot Section: misc Priority: optional -Maintainer: Ralph Ronnquist +Origin: devuan +Maintainer: Ralph Ronnquist Build-Depends: debhelper-compat (= 13), asciidoctor, docbook-xml, libxslt1-dev, xsltproc, docbook-xsl, musl-tools @@ -14,6 +15,7 @@ Architecture: any Depends: coreutils (>= 8.32-4+b1), util-linux (>= 2.36.1-8+devuan2), mount, iproute2, ifupdown, dash, procps Description: Admin scripts for running overlay subhosts - Overlay subhosting uses unshare and chroot for running services within - independent overlay filesystems, with a common kernel but independent - namespaces. Aka "containerization without the bells and whistles". + Overlay subhosting uses unshare and chroot for running services + within independent overlay filesystems, with a common kernel but + independent namespaces. Aka "containerization with a modicum of bells + and whistles". -- 2.39.2 From ab4d0aff64a3cbbcc21034efaed70172ddf0aa1d Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Mon, 26 Jun 2023 21:16:01 +1000 Subject: [PATCH 11/16] Corrected title markup --- overlay-stop.8.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/overlay-stop.8.adoc b/overlay-stop.8.adoc index 3cd774f..e0e7b63 100644 --- a/overlay-stop.8.adoc +++ b/overlay-stop.8.adoc @@ -1,5 +1,5 @@ overlay-stop(8) -============= +=============== :doctype: manpage :revdate: {sys:date "+%Y-%m-%d %H:%M:%S"} :COLON: : -- 2.39.2 From ca6b13b4f4d3b28a769cbfae9590db3bfeab4e1f Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Mon, 26 Jun 2023 21:25:00 +1000 Subject: [PATCH 12/16] Change of email and signing key. --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 1a9db8c..2bef471 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +overlay-boot (0.1.12) experimental; urgency=medium + + * Change of email and signing key + + -- Ralph Ronnquist Mon, 26 Jun 2023 21:24:41 +1000 + overlay-boot (0.1.11) experimental; urgency=medium * added vlan setup support -- 2.39.2 From 6f4946607ac728f473033dcbabffaaa8b5f3a275 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Fri, 25 Aug 2023 23:32:34 +1000 Subject: [PATCH 13/16] Revised network startup to handle the ifup case better. --- functions | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/functions b/functions index 8d2d5f3..959d762 100644 --- a/functions +++ b/functions @@ -115,11 +115,11 @@ setup_veth_cables() { # set up veth with specified mac address ip link add $IF type veth peer name eth$i address $MAC netns $NETNS fi - ip link set $IF up BR="${C%=*}" if [ -z "$BR" ] ; then - ifup $IF + ifup $IF || ip link set $IF up else + ip link set $IF up brctl addif $BR $IF fi i=$((i+1)) -- 2.39.2 From 6a9450df1427e9a9fb5e4810ceab4ceeef93b6f9 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 26 Aug 2023 00:36:38 +1000 Subject: [PATCH 14/16] corrected Origin --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index f9bdade..f38bc08 100644 --- a/debian/control +++ b/debian/control @@ -1,7 +1,7 @@ Source: overlay-boot Section: misc Priority: optional -Origin: devuan +Origin: Devuan Maintainer: Ralph Ronnquist Build-Depends: debhelper-compat (= 13), asciidoctor, docbook-xml, libxslt1-dev, xsltproc, docbook-xsl, -- 2.39.2 From dd1a93f6b234ec080ea0f0bcd6bd4e9b5a432e65 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Sat, 26 Aug 2023 00:49:08 +1000 Subject: [PATCH 15/16] version update --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 2bef471..712a5ae 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +overlay-boot (0.1.13) experimental; urgency=medium + + * Revise network startup to handle the ifup case better. + + -- Ralph Ronnquist Fri, 25 Aug 2023 23:34:49 +1000 + overlay-boot (0.1.12) experimental; urgency=medium * Change of email and signing key -- 2.39.2 From f8cfc3c838e3fb738af6f53303a3486f1d08ab54 Mon Sep 17 00:00:00 2001 From: Ralph Ronnquist Date: Mon, 4 Sep 2023 12:14:38 +1000 Subject: [PATCH 16/16] Avoid unmounting points below $LIVE using full pathname. --- overlay-boot | 1 + 1 file changed, 1 insertion(+) diff --git a/overlay-boot b/overlay-boot index 6577cad..899d53b 100755 --- a/overlay-boot +++ b/overlay-boot @@ -37,6 +37,7 @@ trap "exithandler" 0 # including "/" as well) and "/proc". sort -rk2,2 < /proc/mounts | while read D P A2 ; do beginswith "$P" "$LIVE" && continue + beginswith "$P" "$(realpath $LIVE)" && continue beginswith "/run/netns/$NAME" "$P" && continue [ "$P" = /proc ] && continue umount "$P" -- 2.39.2