553f1b5ed0
lxc-template needlessly require root privileges in two places: 1. lock file location for `flock` 2. failing on `tar` failure during rootfs extraction For `flock`, it's not necessary that the lock file be in `/var/lock`, it can be anywhere. Why not put it in `LXC_PATH`? For the failing `tar` thing, that's because some device are created with `mknod` which unprivileged users can't do. These device, however, are not necessary for the container to run well. We can ignore `tar`'s error exit code. I replaced the exist code check by a check for the existence of `/bin/true` in rootfs. I think that it's a good indication of whether the rootfs was extracted. Why am I making this change? Because I'd like to add support for unprivileged containers in `vagrant-lxc` but it's kind of a big change to make at once, so I thought I'd go incrementally. |
||
---|---|---|
.. | ||
lxc-template | ||
pipework |