On Mon, 20.10.14 19:16, Richard Weinberger (richard@xxxxxx) wrote: > > Have you read the link I posted? > > Sure, I've also been in the room in Düsseldorf while you've read it > in front of us. Not that I changed it since then... ;-) > > Yes, I test systemd inside containers. Daily. Actually it's my primary > > way of testing systemd, since it is extremely quick and allows me to > > attach from the host with debugging tools... > > > > As long as you follow the suggestions in the document I linked systemd > > will work without modifications in container managers. At least > > libvirt-lxc and nspawn follows these suggestions, not sure about the > > other container managers. > > If I read the source of nspwan correctly, it does not use user > namespaces. Ah, this is about user namespaces? No I have not played around with them so far. Sorry. > libvirt-lxc is currently not sure how to support systemd. So far it > bind mounts only the machine specific part of cgroups into the container. > Which is not really nice but better than exposing the whole hierarchy into > the container. It really should also bind mount the upper parts, but possibly mark them read-only (which nspawn currently doesn't do). Thanks, Lennart -- Lennart Poettering, Red Hat _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
