From: Stéphane Graber <stgraber@ubuntu.com>
Date: Wed, 12 Feb 2014 16:58:15 +0000 (-0500)
Subject: lxc-start-ephemeral: Allow unprivileged run
X-Git-Tag: lxc-1.0.0.rc1~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a974fa76e481a1a4b1383d2b329310908f20c0bd;p=thirdparty%2Flxc.git

lxc-start-ephemeral: Allow unprivileged run

This allows running lxc-start-ephemeral using overlayfs. aufs remains
blocked as it hasn't been looked at and patched to work in the kernel at
this point (not sure if it ever wil).

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
---

diff --git a/src/lxc/lxc-start-ephemeral.in b/src/lxc/lxc-start-ephemeral.in
index 62a6194e8..33c713ad6 100644
--- a/src/lxc/lxc-start-ephemeral.in
+++ b/src/lxc/lxc-start-ephemeral.in
@@ -105,8 +105,9 @@ args = parser.parse_args()
 
 # Basic requirements check
 ## We only support privileged containers for now
-if os.geteuid() != 0:
-    parser.error(_("Unprivileged containers aren't supported at this time."))
+if os.geteuid() != 0 and args.union_type != "overlayfs":
+    parser.error(_("Unprivileged containers may only use "
+                   "overlayfs at this time."))
 
 ## Check that -d and CMD aren't used at the same time
 if args.command and args.daemon: