Debian has been half-marked as a supported host in is_supported_distro since 698afc4, but support was not fully plumbed. This PR adds proper support for Debian in the other distro check for copying artifacts.
Coupled with #115, this allows Sysbox to be installed on DigitalOcean's managed Kubernetes, which use Debian 12 nodes on kernel 6.1.
This also includes a fix for reading the subid defaults from /etc/login.defs, where the grep output was always discarded, causing the userns mapping range to start at 0, which in turn caused fun errors such as:
error in container spec: invalid user/group ID config: detected user-ns uid mapping to host ID 0
({0 0 65536}); this breaks container isolation
This mapping error seems to have only affected systems where /etc/sub*id are created fresh (e.g. DO's nodes), and not if there were preexisting entries for other users where finding a valid hole to fit new mappings re-set the bad start value.
Debian has been half-marked as a supported host in
is_supported_distro
since 698afc4, but support was not fully plumbed. This PR adds proper support for Debian in the other distro check for copying artifacts.Coupled with #115, this allows Sysbox to be installed on DigitalOcean's managed Kubernetes, which use Debian 12 nodes on kernel 6.1.
This also includes a fix for reading the subid defaults from
/etc/login.defs
, where the grep output was always discarded, causing the userns mapping range to start at 0, which in turn caused fun errors such as:This mapping error seems to have only affected systems where
/etc/sub*id
are created fresh (e.g. DO's nodes), and not if there were preexisting entries for other users where finding a valid hole to fit new mappings re-set the bad start value.