Converted/updated all containers to unprivileged.

diff --git a/sources/dhcp.in/config b/sources/dhcp.in/config
index eac04da7ecab9ead874f919daba4c6087c4767f2..a4c0c54598f789b40c513fe6df862d889d1a60eb 100644 (file)
--- a/sources/dhcp.in/config
+++ b/sources/dhcp.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = dhcp.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/efg.pm/config b/sources/efg.pm/config
index f425db1e0b84c9f279dcfc5bcb3e3d99cac74124..efbc6a5db42ac3933815225beea0bc6602733d04 100644 (file)
--- a/sources/efg.pm/config
+++ b/sources/efg.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = efg.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -27,6 +28,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ens.pm/config b/sources/ens.pm/config
index fc70dc887fe2b3127948a47594d8295909f9fb68..4df958fad3317ef9ffeb1b920e4f848e000d71a5 100644 (file)
--- a/sources/ens.pm/config
+++ b/sources/ens.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ens.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/fdc.in/config b/sources/fdc.in/config
index db15590dfb02be573dc3bfc042d48f97ee57a0de..50626545138fba1771013f3a9977b9fc8b7a3882 100644 (file)
--- a/sources/fdc.in/config
+++ b/sources/fdc.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = fdc.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/fds.in/config b/sources/fds.in/config
index 7c5b7177099f275bc44bc426e046ccd64f845a09..5868a4bd098c424217d438539029cd0747b9b852 100644 (file)
--- a/sources/fds.in/config
+++ b/sources/fds.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = fds.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/git.pm/config b/sources/git.pm/config
index aad5606410fed7f3f9a5e1c25141cd29c5042b14..2c03ed1e5c3b4a1b751f87ff5795c068db3ffae0 100644 (file)
--- a/sources/git.pm/config
+++ b/sources/git.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = git.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ git none bind,create=dir 0 0
 
@@ -15,6 +16,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ifg.in/config b/sources/ifg.in/config
index 5bb6770cfdab7e5c601beda9907f07cbb7491e7f..472ca10fd19f2c3a26204d28a562eacdb3b4808c 100644 (file)
--- a/sources/ifg.in/config
+++ b/sources/ifg.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ifg.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -21,6 +22,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ls.in/config b/sources/ls.in/config
index e067cc05cf2d3e20c665823d528c6e617ee5b293..4d1aa5a303bb6bf3eaffd7c1d46ebe5d4ca9ccd5 100644 (file)
--- a/sources/ls.in/config
+++ b/sources/ls.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ls.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ var/log/remote none bind,create=dir 0 0
 
@@ -15,6 +16,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/mx.in/config b/sources/mx.in/config
index d296f8bf8b57e87861bd8ae1fd893e027fed0df6..5466fa7fc83408286e99d4ac038894a24d98a7e5 100644 (file)
--- a/sources/mx.in/config
+++ b/sources/mx.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = mx.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ns1.in/config b/sources/ns1.in/config
index 592c423dd3e86ca8b9bb952539002fda16fbf020..0dca839b6a9f0d4361ac823a94b08f60a43823d8 100644 (file)
--- a/sources/ns1.in/config
+++ b/sources/ns1.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ns1.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ns2.in/config b/sources/ns2.in/config
index 03d3968d287ca98837e4e1544cabf9637a8f0e7c..e7ea8747b844ce66bf53479446f0653f02ecdfaf 100644 (file)
--- a/sources/ns2.in/config
+++ b/sources/ns2.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ns2.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/pki.in/config b/sources/pki.in/config
index 89545dcfd676bad53aa97cd7b9c2eb2f41e2e9e0..3a342844bd39226ed556ecd0fb7d749f00cfc39d 100644 (file)
--- a/sources/pki.in/config
+++ b/sources/pki.in/config
@@ -3,17 +3,21 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = pki.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
 lxc.net.0.flags = up
 lxc.net.0.link = brci-dev
-lxc.net.0.hwaddr = 02:0c:18:03:6d:ab
+lxc.net.0.hwaddr = 02:0c:18:03:6d:b7
 
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/pns.pm/config b/sources/pns.pm/config
index 221a97cb851baa57f2f17db0b41fc38bf076df20..e4b621489094081e8631e4494a408926e4592a25 100644 (file)
--- a/sources/pns.pm/config
+++ b/sources/pns.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = pns.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/vpn.in/config b/sources/vpn.in/config
index f647c819667f7fc920da484f18163f6a25f31adb..1fd72850898a12f1228221a9bad56633b89e9650 100644 (file)
--- a/sources/vpn.in/config
+++ b/sources/vpn.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = vpn.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +15,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/wiki.in/config b/sources/wiki.in/config
index 727449d7a2fd49380a726efca6e397eee58d203f..6dcbb60625f1900f63a0c6e5e4b418644789c0e7 100644 (file)
--- a/sources/wiki.in/config
+++ b/sources/wiki.in/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = wiki.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ data none bind,create=dir 0 0
 
@@ -15,6 +16,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/ws.pm/config b/sources/ws.pm/config
index a61e6ca2427db8c6340fa20684517b9675c8be39..4b5cc5151bf6b70a68b1a251260cafda296619b2 100644 (file)
--- a/sources/ws.pm/config
+++ b/sources/ws.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ws.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.443 var/www/htdocs.useribm.hu.443 none bind,create=dir 0 0
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.80 var/www/htdocs.useribm.hu.80 none bind,create=dir 0 0
@@ -18,6 +19,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1

diff --git a/sources/xfr.pm/config b/sources/xfr.pm/config
index 463193e398ffc556129476f9a10d29e618154e3f..3d107dfa062cbf3923f7ce820d4566b1fb97cf92 100644 (file)
--- a/sources/xfr.pm/config
+++ b/sources/xfr.pm/config
@@ -3,6 +3,7 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = xfr.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/www.xfr var/www.xfr none bind,create=dir 0 0
 
@@ -15,6 +16,9 @@ lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
 
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
 lxc.signal.halt = SIGRTMIN+4
 
 lxc.start.auto = 1