From 5bb88e4a4bbd6eb6daf8f9cea62ec1d2edd2d605 Mon Sep 17 00:00:00 2001 From: Jeffrey Sica Date: Fri, 18 Aug 2023 04:53:08 -0500 Subject: [PATCH] fix: podmansh improvements (#424) Co-authored-by: Jorge O. Castro Co-authored-by: bobslept <38557801+bobslept@users.noreply.github.com> --- toolboxes/Containerfile.ubuntu | 2 ++ usr/share/ublue-os/just/custom.just | 2 +- usr/share/ublue-os/quadlets/podmansh.container | 10 ++++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/toolboxes/Containerfile.ubuntu b/toolboxes/Containerfile.ubuntu index bf7e56a6126..6631d454a4d 100644 --- a/toolboxes/Containerfile.ubuntu +++ b/toolboxes/Containerfile.ubuntu @@ -20,3 +20,5 @@ RUN ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/docker && \ ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/flatpak && \ ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/podman && \ ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/rpm-ostree + +RUN echo "ALL ALL = (ALL) NOPASSWD: ALL" >> /etc/sudoers \ No newline at end of file diff --git a/usr/share/ublue-os/just/custom.just b/usr/share/ublue-os/just/custom.just index 768ba36886d..2ca32c6a843 100644 --- a/usr/share/ublue-os/just/custom.just +++ b/usr/share/ublue-os/just/custom.just @@ -155,6 +155,7 @@ podmansh: podman pull ghcr.io/ublue-os/ubuntu-toolbox:latest systemctl --user daemon-reload + systemctl --user stop podmansh.service systemctl --user start podmansh.service echo "Shell now switched to podmansh. Spawn a new terminal to get going!" echo "By default, the shell will be Bash. To override it, create ~/.profile with your preferred shell" @@ -169,7 +170,6 @@ podmansh-switch IMAGE: systemctl --user start podmansh.service echo "Image now switched to {{IMAGE}}" -# Install better touch-friendly GNOME extensions touch: pip install --upgrade gnome-extensions-cli gext install improvedosk@nick-shmyrev.dev diff --git a/usr/share/ublue-os/quadlets/podmansh.container b/usr/share/ublue-os/quadlets/podmansh.container index 7dc97120aa0..70bb81152bc 100644 --- a/usr/share/ublue-os/quadlets/podmansh.container +++ b/usr/share/ublue-os/quadlets/podmansh.container @@ -18,9 +18,15 @@ Volume=/:/run/host:rslave Volume=/dev:/dev:rslave Volume=/sys:/sys:rslave Volume=/tmp:/tmp:rslave +Volume=/etc/passwd:/etc/passwd:rslave +Volume=/etc/passwd-:/etc/passwd-:rslave +Volume=/etc/group:/etc/group:rslave +Volume=/etc/group-:/etc/group-:rslave +Volume=/tmp:/tmp:rslave Volume=/sys/fs/selinux +Volume=/etc/selinux:/etc/selinux:rslave Volume=/var/log/journal -Volume=/run/user/1000:/run/user/1000:rslave +Volume=/run/user/%U:/run/user/%U:rslave Volume=/etc/hosts:/etc/hosts:ro Volume=/etc/resolv.conf:/etc/resolv.conf:ro @@ -29,7 +35,7 @@ Environment=ENV=%h/.profile PodmanArgs=--env-host PodmanArgs=--privileged PodmanArgs=--mount=type=devpts,destination=/dev/pts -PodmanArgs=--userns=keep-id +PodmanArgs=--userns=host PodmanArgs=--ulimit=host PodmanArgs=--security-opt=label=disable PodmanArgs=--cgroupns=private