diff --git a/Makefile b/Makefile
index 3fb25d1a00f88b845341c5ddaac195edb0723db3..53cf445d248a88f632c728e9954184030c3aebf4 100644
--- a/Makefile
+++ b/Makefile
@@ -32,13 +32,15 @@ ROOTFS=$(WORKSPACE)/$(ARCH)/rootfs
 INITRD=$(WORKSPACE)/$(ARCH)/initrd
 INITRD_TARGET=$(WORKSPACE)/$(ARCH)/initrd.lz
 STATE_DIR=$(WORKSPACE)/$(ARCH)/state
+LXC_DIR=$(WORKSPACE)/$(ARCH)/lxc_container
+APT_CACHE_DIR=$(WORKSPACE)/apt_cache
 
 $(info Architecture: $(ARCH) ($(ALTARCH)))
 $(info Workspace: $(WORKSPACE))
 
 workspace : $(WORKSPACE)
 
-$(WORKSPACE) :
+$(WORKSPACE) $(STATE_DIR) :
 	mkdir -p "$(WORKSPACE)"
 	mkdir -p "$(STATE_DIR)"
 
@@ -51,31 +53,56 @@ iso_download $(ISO_IMAGE) : | $(WORKSPACE)
 	cd "$(ISO_IMAGE_DEST)" && sha256sum -c SHA256SUMS
 	mv "$(ISO_IMAGE_DEST)/$(ISO_NAME)" "$(ISO_IMAGE)"
 
-iso_content $(STATE_DIR)/iso_exctracted : $(ISO_IMAGE)
+iso_content $(STATE_DIR)/iso_extracted : $(ISO_IMAGE) $(STATE_DIR)
 	mkdir -p "$(ISO_CONTENT)"
 	7z x -o"$(ISO_CONTENT)" -aos "$(ISO_IMAGE)"
-	touch "$(STATE_DIR)/iso_exctracted"
+	touch "$(STATE_DIR)/iso_extracted"
 
 iso_clean :
 	$(RM) "$(ISO_IMAGE)"
 	$(RM) -r "$(ISO_IMAGE_DEST)"
-	$(RM) "$(STATE_DIR)/iso_exctracted"
+	$(RM) "$(STATE_DIR)/iso_extracted"
+
+apt_cache $(APT_CACHE_DIR) : |$(WORKSPACE)
+	mkdir -p "$(APT_CACHE_DIR)"
 
 #TODO: generic unsquash/squash with magic make variables ($@ etc.)
-rootfs_unsquash $(ROOTFS) : $(STATE_DIR)/iso_exctracted
+rootfs_unsquash $(STATE_DIR)/rootfs_extracted : $(STATE_DIR) $(STATE_DIR)/iso_extracted
 	$(RM) -r "$(ROOTFS)"
 	unsquashfs -f -d "$(ROOTFS)" "$(SQUASHFS_SOURCE)"
 	touch "$(STATE_DIR)/rootfs_extracted"
 
-rootfs_prepare : $(ROOTFS) : $(STATE_DIR)/rootfs_extracted
+rootfs_prepare $(ROOTFS)/remaster : $(STATE_DIR)/rootfs_extracted $(STATE_DIR) /etc/resolv.conf
+	if [ -e "$(ROOTFS)/etc/resolv.conf" ]; then cp "$(ROOTFS)/etc/resolv.conf" "$(ROOTFS)/etc/resolv.conf.bak"; fi
+	test ! -e "$(ROOTFS)/usr/sbin/init.lxc"
+	echo "#!/bin/bash" > "$(ROOTFS)/usr/sbin/init.lxc"
+	echo "shift; export PATH; export TERM=$(TERM); export LIPCK_HAS_APT_CACHE=1; exec \$$@" >> "$(ROOTFS)/usr/sbin/init.lxc"
+	chmod +x "$(ROOTFS)/usr/sbin/init.lxc"
+	cp /etc/resolv.conf "$(ROOTFS)/etc/resolv.conf"
 	mkdir -p "$(ROOTFS)/remaster"
 	cp -Lr "$(CURDIR)"/config/copy_to_rootfs_remaster_dir/* "$(ROOTFS)/remaster"
 
+rootfs_remaster $(STATE_DIR)/rootfs_remastered : |$(ROOTFS)/remaster $(STATE_DIR) $(APT_CACHE_DIR)
+	mkdir -p "$(LXC_DIR)"
+	lxc-execute --name "lipck_remaster_$(ARCH)" -P "$(LXC_DIR)" -f "$(CURDIR)/config/lxc_common.conf" \
+	-s lxc.arch="$(ARCH)" -s lxc.rootfs="$(ROOTFS)" \
+	-s lxc.mount.entry="$(APT_CACHE_DIR) $(ROOTFS)/var/cache/apt/ none defaults,bind 0 0" \
+	-- /bin/bash -l /remaster/scripts/remaster_rootfs.sh
+	touch "$(STATE_DIR)/rootfs_remastered"
+
+rootfs_finalize: $(STATE_DIR)/rootfs_remastered
+	$(RM) "$(ROOTFS)/usr/sbin/init.lxc"
+	$(RM) "$(ROOTFS)/etc/resolv.conf"
+	if [ -e "$(ROOTFS)/etc/resolv.conf.bak" ]; then mv "$(ROOTFS)/etc/resolv.conf.bak" "$(ROOTFS)/etc/resolv.conf"; fi
+	$(RM) -r "$(ROOTFS)/remaster"
+
 rootfs_clean :
 	$(RM) -r "$(ROOTFS)"
 	$(RM) "$(STATE_DIR)/rootfs_extracted"
+	$(RM) "$(STATE_DIR)/rootfs_remastered"
+	$(RM) -rf $(LXC_DIR)
 
-initrd_unpack $(STATE_DIR)/initrd_extracted : $(STATE_DIR)/iso_exctracted
+initrd_unpack $(STATE_DIR)/initrd_extracted : $(STATE_DIR)/iso_extracted $(STATE_DIR)
 	mkdir -p "$(INITRD)"
 	cd "$(INITRD)" && lzma -d < "$(INITRD_SOURCE)" | cpio -i
 	touch "$(STATE_DIR)/initrd_extracted"
@@ -86,7 +113,7 @@ initrd_clean :
 	$(RM) "$(STATE_DIR)/initrd_extracted"
 	$(RM) "$(STATE_DIR)/initrd_remastered"
 
-initrd_remaster $(STATE_DIR)/initrd_remastered : $(STATE_DIR)/initrd_extracted
+initrd_remaster $(STATE_DIR)/initrd_remastered : $(STATE_DIR)/initrd_extracted $(STATE_DIR)
 	$(CURDIR)/scripts/remaster_initrd.sh "$(CURDIR)" "$(INITRD)"
 	touch "$(STATE_DIR)/initrd_remastered"
 
diff --git a/config/lxc_common.conf b/config/lxc_common.conf
new file mode 100644
index 0000000000000000000000000000000000000000..563cd270cfcaded22476ae319d635c8e881e5518
--- /dev/null
+++ b/config/lxc_common.conf
@@ -0,0 +1,5 @@
+lxc.utsname = lipck-remaster
+lxc.network.type = none
+lxc.pts = 128
+lxc.autodev = 1
+lxc.mount.auto = proc:mixed sys:rw
diff --git a/contrib/rootfs/lip_sources.list b/contrib/rootfs/lip_sources.list
index c85e9921570ef850653b34e3cf04377287998940..f0192bd7f9e29eb51e773bbed700bb880153bd82 100644
--- a/contrib/rootfs/lip_sources.list
+++ b/contrib/rootfs/lip_sources.list
@@ -1,54 +1,3 @@
-# deb cdrom:[Ubuntu 12.04 LTS _Precise Pangolin_ - Release i386 (20120423)]/ precise main restricted
-
-# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
-# newer versions of the distribution.
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise main restricted
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise main restricted
-
-## Major bug fix updates produced after the final release of the
-## distribution.
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates main restricted
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates main restricted
-
-## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
-## team. Also, please note that software in universe WILL NOT receive any
-## review or updates from the Ubuntu security team.
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise universe
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise universe
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates universe
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates universe
-
-## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
-## team, and may not be under a free licence. Please satisfy yourself as to 
-## your rights to use the software. Also, please note that software in 
-## multiverse WILL NOT receive any review or updates from the Ubuntu
-## security team.
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise multiverse
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise multiverse
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates multiverse
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-updates multiverse
-
-## N.B. software from this repository may not have been tested as
-## extensively as that contained in the main release, although it includes
-## newer versions of some applications which may provide useful features.
-## Also, please note that software in backports WILL NOT receive any review
-## or updates from the Ubuntu security team.
-
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security main restricted
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security main restricted
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security universe
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security universe
-deb http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security multiverse
-deb-src http://ftp.halifax.rwth-aachen.de/ubuntu/ precise-security multiverse
-
-## Uncomment the following two lines to add software from Canonical's
-## 'partner' repository.
-## This software is not part of Ubuntu, but is offered by Canonical and the
-## respective vendors as a service to Ubuntu users.
-# deb http://archive.canonical.com/ubuntu precise partner
-# deb-src http://archive.canonical.com/ubuntu precise partner
-
-## This software is not part of Ubuntu, but is offered by third-party
-## developers who want to ship their latest software.
-deb http://extras.ubuntu.com/ubuntu precise main
-deb-src http://extras.ubuntu.com/ubuntu precise main
+deb http://ftp.halifax.rwth-aachen.de/ubuntu/ trusty main restricted universe
+deb http://security.ubuntu.com/ubuntu/ trusty-security main restricted universe
+deb http://ftp.halifax.rwth-aachen.de/ubuntu/ trusty-updates main restricted universe
diff --git a/scripts/remaster_rootfs.sh b/scripts/remaster_rootfs.sh
index eb57aaf5d71d811556645055c6722f38854e4358..e30cebf55dc523a8c7f5c90f79c08275ecbdb3b7 100755
--- a/scripts/remaster_rootfs.sh
+++ b/scripts/remaster_rootfs.sh
@@ -17,12 +17,18 @@ function divert_initctl()
 {
 	dpkg-divert --local --rename --add /sbin/initctl
 	ln -s /bin/true /sbin/initctl
+	# Fix sysvinit legacy invoke-rc.d issue with nonexisting scripts
+	dpkg-divert --local --rename --add /usr/sbin/invoke-rc.d
+	ln -s /bin/true /usr/sbin/invoke-rc.d
 }
 
 function revert_initctl()
 {
 	rm /sbin/initctl
 	dpkg-divert --local --rename --remove /sbin/initctl
+	# Fix sysvinit legacy invoke-rc.d issue with nonexisting scripts
+	rm /usr/sbin/invoke-rc.d
+	dpkg-divert --local --rename --remove /usr/sbin/invoke-rc.d
 }
 
 function prepare_install()
@@ -89,7 +95,10 @@ function finalize()
 	
 	rm -rf /var/crash/*
 	#TODO: verify
-	rm -rf /var/cache/apt/*
+	if [ -z "$LIPCK_HAS_APT_CACHE" ]
+	then
+	  rm -rf /var/cache/apt/*
+	fi
 }
 
 function install_kde_defaults()