It is still possible to create containers for jessie and stretch, although you
need to manually specify the archive mirror and keyring:
lxc-create -t debian -n stretch -- -r stretch \
--mirror=http://archive.debian.org/debian \
--keyring=/usr/share/keyrings/debian-archive-removed-keys.gpg
While the jessie container starts up, it doesn't automatically get an IP -- I
didn't perform any further investigation. stretch works just fine.
Debian releases wheezy and earlier fail to create the container in various ways.
This commit just changes the presented list of releases; there is some existing
logic for handling archived releases, but I didn't want to risk breaking things
by tinkering with the existing code.
Signed-off-by: Mathias Gibbens <gibmat@debian.org>
An official architecture is not always available in testing. New
architectures get added to unstable first, and only some time after that
they *may* get added to testing as well. This is just now happening with
riscv64, and checking whether it's available in testing will *not* give
the correct answer for the question "is this an official Debian
architecture?".
Also, since debian-ports only contain unstable, just refuse to use
debian-ports if not creating an unstable/sid container.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
When the --keyring option was added, the `,` between `mirror:` and
`keyring:` was omitted in the long option string passed to `getopt`.
This causes `--mirror` to be parsed as `--mirror:keyring`, matching
`*) break ;;` and prematurely terminating option parsing. To avoid
this, add the missing `,`. Also order `keyring:` before `mirror:` to
preserve lexical ordering of long options.
Fixes: eebcd76feb ("lxc-debian: allow using a custom keyring")
Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
--force-yes is deprecated, and is a shortcut for
--allow-unauthenticated, --allow-downgrades, --allow-remove-essential,
--allow-change-held-packages. --allow-unauthenticated is the only
likely to be needed here, so instead of allowing unauthenticated
packages, copy any custom keyring used inside the rootfs so any packages
we need to install are properly authenticated. The common case is
debian-ports-archive-keyring.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
When trying to create containers for unnoficial Debian architectures,
use different defaults for mirror and keyring, install
debian-ports-archive-keyring, and default release to unstable. This way
one can create containers for unnoficial architectures without having to
pass several extra parameters.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
This makes it possible to create containers for unofficial
architectures such as the ones on ports.debian.org, by specifying a
custom mirror and its associated keyring.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
