Workaround for containers that are not privileged to mount loop devices

Dockerfile

@@ -13,7 +13,6 @@ RUN apt-get update && apt-get -y upgrade && \
 	jq \
 	wget \
 	unzip \
-	parted \
 	procps \
 	python3 \
 	xz-utils \
@@ -23,26 +22,27 @@ RUN apt-get update && apt-get -y upgrade && \
 	udhcpd \
     && apt-get clean
 
-COPY generate-dhcpd-conf /run/
-COPY qemu-ifdown /run/
-COPY qemu-ifup /run/
 COPY run.sh /run/
 COPY serial.sh /run/
 COPY server.sh /run/
 COPY install.sh /run/
+COPY qemu-ifup /run/
+COPY qemu-ifdown /run/
+COPY generate-dhcpd-conf /run/
+
 COPY --from=builder /src/serial/main /run/serial.bin
 
-RUN ["chmod", "+x", "/run/generate-dhcpd-conf"]
-RUN ["chmod", "+x", "/run/qemu-ifdown"]
-RUN ["chmod", "+x", "/run/qemu-ifup"]
 RUN ["chmod", "+x", "/run/run.sh"]
 RUN ["chmod", "+x", "/run/serial.sh"]
 RUN ["chmod", "+x", "/run/server.sh"]
 RUN ["chmod", "+x", "/run/install.sh"]
+RUN ["chmod", "+x", "/run/qemu-ifup"]
+RUN ["chmod", "+x", "/run/qemu-ifdown"]
+RUN ["chmod", "+x", "/run/generate-dhcpd-conf"]
 
 COPY extractor/lib* /run/extract/
 COPY extractor/scemd /run/extract/syno_extract_system_patch
- 
+
 COPY disks/template.img.xz /data/
 
 VOLUME /storage
@@ -63,4 +63,3 @@ ENV URL https://global.synologydownload.com/download/DSM/beta/7.2/64216/DSM_Virt
 #ENV URL https://global.synologydownload.com/download/DSM/release/7.1.1/42962-1/DSM_VirtualDSM_42962.pat
 
 ENTRYPOINT ["/run/run.sh"]
-

install.sh

@@ -8,7 +8,7 @@ IMG="/storage"
 [ ! -f "$IMG/boot.img" ] && rm -f $IMG/system.img
 [ -f "$IMG/system.img" ] && exit 0
 
-echo "Downloading $URL..."
+echo "Install: Downloading $URL..."
 
 TMP="$IMG/tmp"
 FILE="$TMP/dsm.pat"
@@ -24,7 +24,7 @@ if ((SIZE<250000000)); then
   echo "Invalid PAT file: File is an update pack which contains no OS image." && exit 62
 fi
 
-echo "Extracting downloaded system image..."
+echo "Install: Extracting downloaded system image..."
 
 if { tar tf "$FILE"; } >/dev/null 2>&1; then
    tar xpf $FILE -C $TMP/.
@@ -44,8 +44,6 @@ HDP="$TMP/synohdpack_img"
 [ ! -f "$HDP.txz" ] && echo "Invalid PAT file: HD pack not found." && exit 65
 [ ! -f "$IDB.txz" ] && echo "Invalid PAT file: IndexDB file not found." && exit 66
 
-echo "Extracting downloaded boot image..."
-
 BOOT=$(find $TMP -name "*.bin.zip")
 
 [ ! -f "$BOOT" ] && echo "Invalid PAT file: boot file not found." && exit 67
@@ -53,7 +51,7 @@ BOOT=$(find $TMP -name "*.bin.zip")
 BOOT=$(echo $BOOT | head -c -5)
 unzip -q -o $BOOT.zip -d $TMP
 
-echo "Extracting prepared disk image..."
+echo "Install: Extracting prepared disk image..."
 
 SYSTEM="$TMP/temp.img"
 PLATE="/data/template.img"
@@ -62,30 +60,38 @@ rm -f $PLATE
 unxz $PLATE.xz
 mv -f $PLATE $SYSTEM
 
-echo "Installing system partition..."
+echo "Install: Extracting system partition..."
+
+PRIVILEGED=false
+LABEL="1.44.1-42218"
+OFFSET="1048576" # 2048 * 512
+NUMBLOCKS="622560" # 2550005760 / 4096
 
 MOUNT="/mnt/tmp"
 rm -rf $MOUNT && mkdir -p $MOUNT
 
-OFFSET=$(parted -s $SYSTEM unit B print | sed 's/^ //g' | grep "^1 " | tr -s ' ' | cut -d ' ' -f2 | sed 's/[^0-9]*//g')
-
-if [ "$OFFSET" != "1048576" ]; then
-  echo "Invalid disk image, wrong offset: $OFFSET" && exit 68
-fi
-
-if ! mount -t ext4 -o loop,offset=$OFFSET $SYSTEM $MOUNT ; then
-  echo "Failed to mount disk image. Docker container needs to be in privileged mode during installation." && exit 69
-fi
+[ mount -t ext4 -o loop,offset=$OFFSET $SYSTEM $MOUNT 2>/dev/null ] && PRIVILEGED=true
 
 rm -rf $MOUNT/{,.[!.],..?}*
 
-mv $HDA.tgz $HDA.txz
-
+mv -f $HDA.tgz $HDA.txz
 tar xpfJ $HDP.txz --absolute-names -C $MOUNT/
 tar xpfJ $HDA.txz --absolute-names -C $MOUNT/
 tar xpfJ $IDB.txz --absolute-names -C $MOUNT/usr/syno/synoman/indexdb/
 
-umount $MOUNT
+if [ "$PRIVILEGED" = false ]; then
+
+  echo "Install: Installing system partition..."
+
+  # Workaround for containers that are not privileged to mount loop devices
+  mke2fs -q -t ext4 -b 4096 -d $MOUNT/ -L $LABEL -E offset=$OFFSET $SYSTEM $NUMBLOCKS
+
+else
+
+ umount $MOUNT
+
+fi
+
 rm -rf $MOUNT
 
 mv -f $BOOT $IMG/boot.img