Better SystemD fix for Arch Linux

Also fixes other services independent of networking.

3 files changed, 15 insertions, 1 deletions

diff --git a/archlinux.sh b/archlinux.sh
index 2a39155..4db1a8b 100755
--- a/archlinux.sh
+++ b/archlinux.sh
@@ -14,7 +14,7 @@ for f in ci.d/*; do source "$f"; done
 buildkite_stop $DIST
 lxc_destroy
 lxc_create $DIST $RELEASE $ARCH
-archlinux_fix_network
+#archlinux_fix_network
 lxc_wait_for_ip
 pacman_upgrade
 pacman_install $PACKAGES
diff --git a/ci.d/archlinux b/ci.d/archlinux
index 100bc60..c899c43 100644
--- a/ci.d/archlinux
+++ b/ci.d/archlinux
@@ -6,6 +6,13 @@ archlinux_enable_cron() {
 }
 
 # archlinux_fix_network
+#
+# Only necessary with default LXC. A better fix would be to
+# append the following lines to /usr/share/lxc/config/common.seccomp:
+#
+#   keyctl_chown errno 38
+#   keyctl errno 38
+#
 archlinux_fix_network() {
 	# We ForceConnect because the interface is up at container startup.
 	lxc_do bash -c \
diff --git a/fix-lxc.sh b/fix-lxc.sh
new file mode 100755
index 0000000..f040ece
--- /dev/null
+++ b/fix-lxc.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+
+set -e
+#set -x
+
+echo "keyctl_chown errno 38" >> /usr/share/lxc/config/common.seccomp
+echo "keyctl errno 38" >> /usr/share/lxc/config/common.seccomp