From c9e314c7239fab9acd97096a2c35c5b2ff1b6f73 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.hipp@canonical.com>
Date: Tue, 1 Jun 2021 11:34:34 +0200
Subject: [PATCH] main: Refactor networkd/resolved fixes

Signed-off-by: Thomas Hipp <thomas.hipp@canonical.com>
---
 distrobuilder/main.go | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/distrobuilder/main.go b/distrobuilder/main.go
index 2365da99..7d1769c1 100644
--- a/distrobuilder/main.go
+++ b/distrobuilder/main.go
@@ -507,14 +507,12 @@ is_lxd_vm() {
 }
 
 ## Fix functions
-# fix_networkd avoids udevd issues with /sys being writable
-fix_networkd() {
-	[ "${ID}" = "altlinux" ] || return
-
-	mkdir -p /run/systemd/system/systemd-networkd.service.d
-	cat <<-EOF > /run/systemd/system/systemd-networkd.service.d/lxc-ropath.conf
+# fix_ro_paths avoids udevd issues with /sys and /proc being writable
+fix_ro_paths() {
+	mkdir -p /run/systemd/system/$1.d
+	cat <<-EOF > /run/systemd/system/$1.d/lxc-ropath.conf
 [Service]
-BindReadOnlyPaths=/sys
+BindReadOnlyPaths=/sys /proc
 EOF
 }
 
@@ -615,7 +613,10 @@ fi
 # Workarounds for all containers
 if is_lxc_container; then
 	fix_systemd_mask_audit
-	fix_networkd
+	if [ "${ID}" = "altlinux" ] || [ "${ID}" = "arch" ] || [ "${ID}" = "fedora" ]; then
+		fix_ro_paths systemd-networkd
+		fix_ro_paths systemd_resolved
+	fi
 fi
 
 # Workarounds for fedora/34/cloud containers