From b1048ce39f9d360ab687bd078d5d9cca23890d87 Mon Sep 17 00:00:00 2001 From: mhoellein Date: Wed, 4 Jul 2018 10:39:30 +0200 Subject: [PATCH] committing changes in /etc after apt run Package changes: +debootstrap 1.0.67+deb8u1 +libapparmor1 2.9.0-3 +libseccomp2 2.1.1-1 +lxc 1:1.0.6-6+deb8u6 --- .etckeeper | 13 ++ apparmor.d/abstractions/lxc/container-base | 129 +++++++++++++++++ apparmor.d/abstractions/lxc/start-container | 41 ++++++ apparmor.d/lxc-containers | 7 + apparmor.d/lxc/lxc-default | 11 ++ apparmor.d/lxc/lxc-default-with-mounting | 14 ++ apparmor.d/lxc/lxc-default-with-nesting | 14 ++ apparmor.d/usr.bin.lxc-start | 5 + bash_completion.d/lxc | 103 +++++++++++++ init.d/lxc | 135 ++++++++++++++++++ lxc/default.conf | 1 + rc0.d/K01lxc | 1 + rc1.d/K01lxc | 1 + rc2.d/S02lxc | 1 + rc3.d/S02lxc | 1 + rc4.d/S02lxc | 1 + rc5.d/S02lxc | 1 + rc6.d/K01lxc | 1 + .../multi-user.target.wants/lxc.service | 1 + 19 files changed, 481 insertions(+) create mode 100644 apparmor.d/abstractions/lxc/container-base create mode 100644 apparmor.d/abstractions/lxc/start-container create mode 100644 apparmor.d/lxc-containers create mode 100644 apparmor.d/lxc/lxc-default create mode 100644 apparmor.d/lxc/lxc-default-with-mounting create mode 100644 apparmor.d/lxc/lxc-default-with-nesting create mode 100644 apparmor.d/usr.bin.lxc-start create mode 100644 bash_completion.d/lxc create mode 100755 init.d/lxc create mode 100644 lxc/default.conf create mode 120000 rc0.d/K01lxc create mode 120000 rc1.d/K01lxc create mode 120000 rc2.d/S02lxc create mode 120000 rc3.d/S02lxc create mode 120000 rc4.d/S02lxc create mode 120000 rc5.d/S02lxc create mode 120000 rc6.d/K01lxc create mode 120000 systemd/system/multi-user.target.wants/lxc.service diff --git a/.etckeeper b/.etckeeper index dafc2b0..af3989e 100755 --- a/.etckeeper +++ b/.etckeeper @@ -118,9 +118,18 @@ maybe chmod 0755 'apparmor.d' maybe chmod 0755 'apparmor.d/abstractions' maybe chmod 0644 'apparmor.d/abstractions/lightdm' maybe chmod 0644 'apparmor.d/abstractions/lightdm_chromium-browser' +maybe chmod 0755 'apparmor.d/abstractions/lxc' +maybe chmod 0644 'apparmor.d/abstractions/lxc/container-base' +maybe chmod 0644 'apparmor.d/abstractions/lxc/start-container' maybe chmod 0755 'apparmor.d/local' maybe chmod 0644 'apparmor.d/local/usr.sbin.cups-browsed' maybe chmod 0644 'apparmor.d/local/usr.sbin.cupsd' +maybe chmod 0755 'apparmor.d/lxc' +maybe chmod 0644 'apparmor.d/lxc-containers' +maybe chmod 0644 'apparmor.d/lxc/lxc-default' +maybe chmod 0644 'apparmor.d/lxc/lxc-default-with-mounting' +maybe chmod 0644 'apparmor.d/lxc/lxc-default-with-nesting' +maybe chmod 0644 'apparmor.d/usr.bin.lxc-start' maybe chmod 0644 'apparmor.d/usr.sbin.cups-browsed' maybe chmod 0644 'apparmor.d/usr.sbin.cupsd' maybe chmod 0755 'apt' @@ -157,6 +166,7 @@ maybe chmod 0644 'bash_completion.d/initramfs-tools' maybe chmod 0644 'bash_completion.d/insserv' maybe chmod 0644 'bash_completion.d/jackd' maybe chmod 0644 'bash_completion.d/libreoffice.sh' +maybe chmod 0644 'bash_completion.d/lxc' maybe chmod 0644 'bash_completion.d/pulseaudio-bash-completion.sh' maybe chmod 0644 'bash_completion.d/whiptail' maybe chmod 0644 'bindresvport.blacklist' @@ -561,6 +571,7 @@ maybe chmod 0755 'init.d/keyboard-setup' maybe chmod 0755 'init.d/killprocs' maybe chmod 0755 'init.d/kmod' maybe chmod 0755 'init.d/lightdm' +maybe chmod 0755 'init.d/lxc' maybe chmod 0755 'init.d/motd' maybe chmod 0755 'init.d/mountall-bootclean.sh' maybe chmod 0755 'init.d/mountall.sh' @@ -720,6 +731,8 @@ maybe chmod 0644 'logrotate.d/aptitude' maybe chmod 0644 'logrotate.d/cups-daemon' maybe chmod 0644 'logrotate.d/dpkg' maybe chmod 0644 'logrotate.d/rsyslog' +maybe chmod 0755 'lxc' +maybe chmod 0644 'lxc/default.conf' maybe chmod 0444 'machine-id' maybe chmod 0644 'magic' maybe chmod 0644 'magic.mime' diff --git a/apparmor.d/abstractions/lxc/container-base b/apparmor.d/abstractions/lxc/container-base new file mode 100644 index 0000000..b1f475d --- /dev/null +++ b/apparmor.d/abstractions/lxc/container-base @@ -0,0 +1,129 @@ + network, + capability, + file, + umount, + + # The following 3 entries are only supported by recent apparmor versions. + # Comment them if the apparmor parser doesn't recognize them. + #dbus, + #signal, + #ptrace, + + # ignore DENIED message on / remount + deny mount options=(ro, remount) -> /, + + # allow tmpfs mounts everywhere + mount fstype=tmpfs, + + # allow hugetlbfs mounts everywhere + mount fstype=hugetlbfs, + + # allow mqueue mounts everywhere + mount fstype=mqueue, + + # allow fuse mounts everywhere + mount fstype=fuse.*, + + # allow bind mount of /lib/init/fstab for lxcguest + mount options=(rw, bind) /lib/init/fstab.lxc/ -> /lib/init/fstab/, + + # deny writes in /proc/sys/fs but allow binfmt_misc to be mounted + mount fstype=binfmt_misc -> /proc/sys/fs/binfmt_misc/, + deny @{PROC}/sys/fs/** wklx, + + # allow efivars to be mounted, writing to it will be blocked though + mount fstype=efivarfs -> /sys/firmware/efi/efivars/, + + # block some other dangerous paths + deny @{PROC}/sysrq-trigger rwklx, + deny @{PROC}/mem rwklx, + deny @{PROC}/kmem rwklx, + + # deny writes in /sys except for /sys/fs/cgroup, also allow + # fusectl, securityfs and debugfs to be mounted there (read-only) + mount fstype=fusectl -> /sys/fs/fuse/connections/, + mount fstype=securityfs -> /sys/kernel/security/, + mount fstype=debugfs -> /sys/kernel/debug/, + deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/, + mount fstype=proc -> /proc/, + mount fstype=sysfs -> /sys/, + deny /sys/firmware/efi/efivars/** rwklx, + deny /sys/kernel/security/** rwklx, + mount options=(move) /sys/fs/cgroup/cgmanager/ -> /sys/fs/cgroup/cgmanager.lower/, + + # generated by: lxc-generate-aa-rules.py container-rules.base + deny /proc/sys/[^kn]*{,/**} wklx, + deny /proc/sys/k[^e]*{,/**} wklx, + deny /proc/sys/ke[^r]*{,/**} wklx, + deny /proc/sys/ker[^n]*{,/**} wklx, + deny /proc/sys/kern[^e]*{,/**} wklx, + deny /proc/sys/kerne[^l]*{,/**} wklx, + deny /proc/sys/kernel/[^smhd]*{,/**} wklx, + deny /proc/sys/kernel/d[^o]*{,/**} wklx, + deny /proc/sys/kernel/do[^m]*{,/**} wklx, + deny /proc/sys/kernel/dom[^a]*{,/**} wklx, + deny /proc/sys/kernel/doma[^i]*{,/**} wklx, + deny /proc/sys/kernel/domai[^n]*{,/**} wklx, + deny /proc/sys/kernel/domain[^n]*{,/**} wklx, + deny /proc/sys/kernel/domainn[^a]*{,/**} wklx, + deny /proc/sys/kernel/domainna[^m]*{,/**} wklx, + deny /proc/sys/kernel/domainnam[^e]*{,/**} wklx, + deny /proc/sys/kernel/domainname?*{,/**} wklx, + deny /proc/sys/kernel/h[^o]*{,/**} wklx, + deny /proc/sys/kernel/ho[^s]*{,/**} wklx, + deny /proc/sys/kernel/hos[^t]*{,/**} wklx, + deny /proc/sys/kernel/host[^n]*{,/**} wklx, + deny /proc/sys/kernel/hostn[^a]*{,/**} wklx, + deny /proc/sys/kernel/hostna[^m]*{,/**} wklx, + deny /proc/sys/kernel/hostnam[^e]*{,/**} wklx, + deny /proc/sys/kernel/hostname?*{,/**} wklx, + deny /proc/sys/kernel/m[^s]*{,/**} wklx, + deny /proc/sys/kernel/ms[^g]*{,/**} wklx, + deny /proc/sys/kernel/msg*/** wklx, + deny /proc/sys/kernel/s[^he]*{,/**} wklx, + deny /proc/sys/kernel/se[^m]*{,/**} wklx, + deny /proc/sys/kernel/sem*/** wklx, + deny /proc/sys/kernel/sh[^m]*{,/**} wklx, + deny /proc/sys/kernel/shm*/** wklx, + deny /proc/sys/kernel?*{,/**} wklx, + deny /proc/sys/n[^e]*{,/**} wklx, + deny /proc/sys/ne[^t]*{,/**} wklx, + deny /proc/sys/net?*{,/**} wklx, + deny /sys/[^fdc]*{,/**} wklx, + deny /sys/c[^l]*{,/**} wklx, + deny /sys/cl[^a]*{,/**} wklx, + deny /sys/cla[^s]*{,/**} wklx, + deny /sys/clas[^s]*{,/**} wklx, + deny /sys/class/[^n]*{,/**} wklx, + deny /sys/class/n[^e]*{,/**} wklx, + deny /sys/class/ne[^t]*{,/**} wklx, + deny /sys/class/net?*{,/**} wklx, + deny /sys/class?*{,/**} wklx, + deny /sys/d[^e]*{,/**} wklx, + deny /sys/de[^v]*{,/**} wklx, + deny /sys/dev[^i]*{,/**} wklx, + deny /sys/devi[^c]*{,/**} wklx, + deny /sys/devic[^e]*{,/**} wklx, + deny /sys/device[^s]*{,/**} wklx, + deny /sys/devices/[^v]*{,/**} wklx, + deny /sys/devices/v[^i]*{,/**} wklx, + deny /sys/devices/vi[^r]*{,/**} wklx, + deny /sys/devices/vir[^t]*{,/**} wklx, + deny /sys/devices/virt[^u]*{,/**} wklx, + deny /sys/devices/virtu[^a]*{,/**} wklx, + deny /sys/devices/virtua[^l]*{,/**} wklx, + deny /sys/devices/virtual/[^n]*{,/**} wklx, + deny /sys/devices/virtual/n[^e]*{,/**} wklx, + deny /sys/devices/virtual/ne[^t]*{,/**} wklx, + deny /sys/devices/virtual/net?*{,/**} wklx, + deny /sys/devices/virtual?*{,/**} wklx, + deny /sys/devices?*{,/**} wklx, + deny /sys/f[^s]*{,/**} wklx, + deny /sys/fs/[^c]*{,/**} wklx, + deny /sys/fs/c[^g]*{,/**} wklx, + deny /sys/fs/cg[^r]*{,/**} wklx, + deny /sys/fs/cgr[^o]*{,/**} wklx, + deny /sys/fs/cgro[^u]*{,/**} wklx, + deny /sys/fs/cgrou[^p]*{,/**} wklx, + deny /sys/fs/cgroup?*{,/**} wklx, + deny /sys/fs?*{,/**} wklx, diff --git a/apparmor.d/abstractions/lxc/start-container b/apparmor.d/abstractions/lxc/start-container new file mode 100644 index 0000000..49a038c --- /dev/null +++ b/apparmor.d/abstractions/lxc/start-container @@ -0,0 +1,41 @@ + network, + capability, + file, + + # The following 3 entries are only supported by recent apparmor versions. + # Comment them if the apparmor parser doesn't recognize them. + #dbus, + #signal, + #ptrace, + + # currently blocked by apparmor bug + mount -> /usr/lib/*/lxc/{**,}, + mount -> /usr/lib/lxc/{**,}, + mount fstype=devpts -> /dev/pts/, + mount options=bind /dev/pts/ptmx/ -> /dev/ptmx/, + mount options=(rw, slave) -> /, + mount fstype=debugfs, + # allow pre-mount hooks to stage mounts under /var/lib/lxc// + mount -> /var/lib/lxc/{**,}, + + # required for some pre-mount hooks (like the new lxc-start-ephemeral) + mount fstype=overlayfs, + mount fstype=aufs, + mount fstype=ecryptfs, + + # all umounts are under the original root's /mnt, but right now we + # can't allow those umounts after pivot_root. So allow all umounts + # right now. They'll be restricted for the container at least. + umount, + #umount /mnt/{**,}, + + # This may look a bit redundant, however it appears we need all of + # them if we want things to work properly on all combinations of kernel + # and userspace parser... + pivot_root /usr/lib/lxc/, + pivot_root /usr/lib/*/lxc/, + pivot_root /usr/lib/lxc/**, + pivot_root /usr/lib/*/lxc/**, + + change_profile -> lxc-*, + change_profile -> unconfined, diff --git a/apparmor.d/lxc-containers b/apparmor.d/lxc-containers new file mode 100644 index 0000000..0644cf2 --- /dev/null +++ b/apparmor.d/lxc-containers @@ -0,0 +1,7 @@ +# This file exists only to ensure that all per-container policies +# listed under /etc/apparmor.d/lxc get loaded at boot. Please do +# not edit this file. + +#include + +#include diff --git a/apparmor.d/lxc/lxc-default b/apparmor.d/lxc/lxc-default new file mode 100644 index 0000000..9a96a2e --- /dev/null +++ b/apparmor.d/lxc/lxc-default @@ -0,0 +1,11 @@ +# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which +# will source all profiles under /etc/apparmor.d/lxc + +profile lxc-container-default flags=(attach_disconnected,mediate_deleted) { + #include + + # the container may never be allowed to mount devpts. If it does, it + # will remount the host's devpts. We could allow it to do it with + # the newinstance option (but, right now, we don't). + deny mount fstype=devpts, +} diff --git a/apparmor.d/lxc/lxc-default-with-mounting b/apparmor.d/lxc/lxc-default-with-mounting new file mode 100644 index 0000000..8a9a6b7 --- /dev/null +++ b/apparmor.d/lxc/lxc-default-with-mounting @@ -0,0 +1,14 @@ +# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which +# will source all profiles under /etc/apparmor.d/lxc + +profile lxc-container-default-with-mounting flags=(attach_disconnected,mediate_deleted) { + #include + +# allow standard blockdevtypes. +# The concern here is in-kernel superblock parsers bringing down the +# host with bad data. However, we continue to disallow proc, sys, securityfs, +# etc to nonstandard locations. + mount fstype=ext*, + mount fstype=xfs, + mount fstype=btrfs, +} diff --git a/apparmor.d/lxc/lxc-default-with-nesting b/apparmor.d/lxc/lxc-default-with-nesting new file mode 100644 index 0000000..03325aa --- /dev/null +++ b/apparmor.d/lxc/lxc-default-with-nesting @@ -0,0 +1,14 @@ +# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which +# will source all profiles under /etc/apparmor.d/lxc + +profile lxc-container-default-with-nesting flags=(attach_disconnected,mediate_deleted) { + #include + #include + +# Uncomment the line below if you are not using cgmanager +# mount fstype=cgroup -> /sys/fs/cgroup/**, + + mount fstype=proc -> /var/cache/lxc/**, + mount fstype=sysfs -> /var/cache/lxc/**, + mount options=(rw,bind) /var/cache/lxc/**/dev/shm/ -> /var/cache/lxc/**/run/shm/, +} diff --git a/apparmor.d/usr.bin.lxc-start b/apparmor.d/usr.bin.lxc-start new file mode 100644 index 0000000..2f87cdd --- /dev/null +++ b/apparmor.d/usr.bin.lxc-start @@ -0,0 +1,5 @@ +#include + +/usr/bin/lxc-start flags=(attach_disconnected) { + #include +} diff --git a/bash_completion.d/lxc b/bash_completion.d/lxc new file mode 100644 index 0000000..323dec5 --- /dev/null +++ b/bash_completion.d/lxc @@ -0,0 +1,103 @@ +have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } + + _lxc_states() { + COMPREPLY=( $( compgen -W "STOPPED STARTING RUNNING STOPPING ABORTING FREEZING FROZEN THAWED" "$cur" ) ) + } + + _lxc_templates() { + COMPREPLY=( $( compgen -W "$(ls /usr/share/lxc/templates/ | sed -e 's|^lxc-||' )" "$cur" ) ) + } + + _lxc-generic-n() { + local cur prev + + COMPREPLY=() + _get_comp_words_by_ref cur prev + + case $prev in + -n) + _lxc_names "$cur" + return 0 + ;; + esac + + return 1 + } + + _lxc-generic-ns() { + local cur prev + + COMPREPLY=() + _get_comp_words_by_ref cur prev + + case $prev in + -n) + _lxc_names "$cur" + return 0 + ;; + + -s) + _lxc_states "$cur" + return 0 + ;; + esac + + return 1 + } + + _lxc-generic-t() { + local cur prev + + COMPREPLY=() + _get_comp_words_by_ref cur prev + + case $prev in + -t) + _lxc_templates "$cur" + return 0 + ;; + esac + + return 1 + } + + _lxc-generic-o() { + local cur prev + + COMPREPLY=() + _get_comp_words_by_ref cur prev + + case $prev in + -o) + _lxc_names "$cur" + return 0 + ;; + esac + + return 1 + } + + complete -o default -F _lxc-generic-n lxc-attach + complete -o default -F _lxc-generic-n lxc-cgroup + complete -o default -F _lxc-generic-n lxc-console + complete -o default -F _lxc-generic-n lxc-destroy + complete -o default -F _lxc-generic-n lxc-device + complete -o default -F _lxc-generic-n lxc-execute + complete -o default -F _lxc-generic-n lxc-freeze + complete -o default -F _lxc-generic-n lxc-info + complete -o default -F _lxc-generic-n lxc-monitor + complete -o default -F _lxc-generic-n lxc-snapshot + complete -o default -F _lxc-generic-n lxc-start + complete -o default -F _lxc-generic-n lxc-stop + complete -o default -F _lxc-generic-n lxc-unfreeze + + complete -o default -F _lxc-generic-ns lxc-wait + + complete -o default -F _lxc-generic-t lxc-create + + complete -o default -F _lxc-generic-o lxc-clone + complete -o default -F _lxc-generic-o lxc-start-ephemeral +} diff --git a/init.d/lxc b/init.d/lxc new file mode 100755 index 0000000..54e5dc2 --- /dev/null +++ b/init.d/lxc @@ -0,0 +1,135 @@ +#!/bin/sh +# +# lxc Start/Stop LXC autoboot containers +# +# chkconfig: 345 99 01 +# description: Starts/Stops all LXC containers configured for autostart. +# +### BEGIN INIT INFO +# Provides: lxc +# Required-Start: $syslog $remote_fs +# Required-Stop: $syslog $remote_fs +# Should-Start: +# Should-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Bring up/down LXC autostart containers +# Description: Bring up/down LXC autostart containers +# X-Start-Before: +# X-Stop-After: +# X-Interactive: +### END INIT INFO + +sysconfdir="/etc" +bindir="/usr/bin" +localstatedir="/var" + +# These can be overridden in /etc/sysconfig/lxc + +# BOOTGROUPS - What groups should start on bootup? +# Comma separated list of groups. +# Leading comma, trailing comma or embedded double +# comma indicates when the NULL group should be run. +# Example (default): boot the onboot group first then the NULL group +BOOTGROUPS="onboot," + +# SHUTDOWNDELAY - Wait time for a container to shut down. +# ner shutdown can result in lengthy system +# shutdown times. Even 5 seconds per container can be +# too long. +SHUTDOWNDELAY=5 + +# OPTIONS can be used for anything else. +# If you want to boot everything then +# options can be "-a" or "-a -A". +OPTIONS= + +# STOPOPTS are stop options. The can be used for anything else to stop. +# If you want to kill containers fast, use -k +STOPOPTS="-a -s" + +# Source function library. +test ! -r /lib/lsb/init-functions || + . /lib/lsb/init-functions + +# Source any configurable options +test ! -r "$sysconfdir"/sysconfig/lxc || + . "$sysconfdir"/sysconfig/lxc + +# Check for needed utility program +[ -x "$bindir"/lxc-autostart ] || exit 1 + +# If libvirtd is providing the bridge, it might not be +# immediately available, so wait a bit for it before starting +# up the containers or else any that use the bridge will fail +# to start +wait_for_bridge() +{ + [ -f "$sysconfdir"/lxc/default.conf ] || { return 0; } + + which ifconfig >/dev/null 2>&1 + if [ $? = 0 ]; then + cmd="ifconfig -a" + else + which ip >/dev/null 2>&1 + if [ $? = 0 ]; then + cmd="ip link list" + fi + fi + [ -n cmd ] || { return 0; } + + BRNAME=`grep '^[ ]*lxc.network.link' "$sysconfdir"/lxc/default.conf | sed 's/^.*=[ ]*//'` + if [ -z "$BRNAME" ]; then + return 0 + fi + + for try in `seq 1 30`; do + eval $cmd |grep "^$BRNAME" >/dev/null 2>&1 + if [ $? = 0 ]; then + return + fi + sleep 1 + done +} + +mkdir -p /var/lock/subsys + +# See how we were called. +case "$1" in + start) + [ ! -f "$localstatedir"/lock/subsys/lxc ] || { exit 0; } + + if [ -n "$BOOTGROUPS" ] + then + BOOTGROUPS="-g $BOOTGROUPS" + fi + + # Start containers + wait_for_bridge + # Start autoboot containers first then the NULL group "onboot,". + log_daemon_msg "Starting LXC autoboot containers: " + "$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS + touch "$localstatedir"/lock/subsys/lxc + ;; + stop) + if [ -n "$SHUTDOWNDELAY" ] + then + SHUTDOWNDELAY="-t $SHUTDOWNDELAY" + fi + + # The stop is serialized and can take excessive time. We need to avoid + # delaying the system shutdown / reboot as much as we can since it's not + # parallelized... Even 5 second timout may be too long. + log_daemon_msg "Stopping LXC containers: " + "$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY + rm -f "$localstatedir"/lock/subsys/lxc + ;; + restart|reload|force-reload) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|force-reload}" + exit 2 +esac +exit $? diff --git a/lxc/default.conf b/lxc/default.conf new file mode 100644 index 0000000..6c88010 --- /dev/null +++ b/lxc/default.conf @@ -0,0 +1 @@ +lxc.network.type = empty diff --git a/rc0.d/K01lxc b/rc0.d/K01lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc0.d/K01lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc1.d/K01lxc b/rc1.d/K01lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc1.d/K01lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc2.d/S02lxc b/rc2.d/S02lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc2.d/S02lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc3.d/S02lxc b/rc3.d/S02lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc3.d/S02lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc4.d/S02lxc b/rc4.d/S02lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc4.d/S02lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc5.d/S02lxc b/rc5.d/S02lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc5.d/S02lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/rc6.d/K01lxc b/rc6.d/K01lxc new file mode 120000 index 0000000..0bf2f44 --- /dev/null +++ b/rc6.d/K01lxc @@ -0,0 +1 @@ +../init.d/lxc \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/lxc.service b/systemd/system/multi-user.target.wants/lxc.service new file mode 120000 index 0000000..5649223 --- /dev/null +++ b/systemd/system/multi-user.target.wants/lxc.service @@ -0,0 +1 @@ +/lib/systemd/system/lxc.service \ No newline at end of file -- 2.43.0