On 08/21/2018 02:05 AM, Ning Yao wrote: > Hi, all > > Anyone knows why we need to add "PrivateTmp=true" in > ceph-osd@xxxxxxxxxxx ? I find that , in the old version of > docker(1.13), we encounter the problem as described in > http://blog.oddbit.com/2015/01/18/docker-vs-privatetmp/ , and > therefore some containers run into DEAD state when we delete those > containers. > > So I would know whether "PrivateTmp=true" is really meaningful in > ceph-osd@.service? and is that possible to remove it ? > > Regards > Ning Yao > AFAIK "PrivateTmp" is never *necessary*, but it does provide a level of security isolation that apparently someone found desirable. Can you not use the solution published in that blog? -- Dan Mick Red Hat, Inc. Ceph docs: http://ceph.com/docs
