Re: Running actual systemd-based distribution image in systemd-nspawn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sa, 18.06.22 07:45, Andrei Borzenkov (arvidjaar@xxxxxxxxx) wrote:

> On 16.06.2022 11:27, Colin Guthrie wrote:
> > Andrei Borzenkov wrote on 15/06/2022 16:56:
> >> I tried it (loop mounting qemu image):
> >>
> >> systemd-nspawn -D ./hd0 -b
> >>
> >> and it failed miserably with "Timeout waiting for device
> >> dev-disk-by...". Which is not surprising as there are no device units
> >> inside of container (it stops in single user allowing me to use sysctl
> >> -t device).
> >>
> >> Is it supposed to work at all? Even if I bind mount /dev/disk it does
> >> not help as systemd does not care whether device is actually present or not.
> >
> > I've not tried "booting" a real install inside nspawn before (just
> > images installed by mkosi mostly), but could this just be a by-product
> > of it trying to do what /etc/fstab (or other mount units) say to do?
> >
> > Can you try something like:
> >
> > touch blank
> > systemd-nspawn --bind-ro=./blank:/etc/fstab -D ./hd0 -b
> >
>
> Yes, --bind=/dev/null:/etc/fstab
>
> allows boot to complete. Of course next it refuses root login because
> pts/0 is not secure :)

pam_securetty is archaic cruft, and a broken idea. Please work with
your distribution to remove it. It might have made some vague sense on
1980's fixed line terminal environments, but is security theatre and a
nothing more than a nuisance in today's world.

Modern distributions do not enable it anymore.

Lennart

--
Lennart Poettering, Berlin
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux