On 12 October 2016 at 10:26, Christian Hofstaedtler <[email protected]> wrote: > Package: systemd > Version: 215-17+deb8u5 > Severity: normal > Tags: upstream > > Hi, > > systemd-sysctl.service does not start in LXC containters, as they > have /proc/sys R/O. *BUT* /proc/sys/net is R/W. > > It'd be useful if the net-specific settings would still be applied at > boot. > > Arch has "fixed" this in their lxc package by modifying > systemd-sysctl.service when creating a new container, but this can > not be the correct solution. > See > https://github.com/lxc/lxc/pull/683/commits/427d42930d99f93bf78c61ec9f555dd883c5039e
So the solutions AFAICS are: 1. Have systemd-sysctl lose the ConditionPathIsReadWrite, and systemd-sysctl itself should check which prefixes are writable. 2. Have lxc (or the template) ship a new systemd-sysctl-net.service, that includes the new ExecStart and an updated ConditionPathIsReadWrite Option 2 looks like something that has a chance of being fixed in jessie, although by the LXC folks. Option 1 may be addressed upstream, but I don't think this fits backporting material. -- Saludos, Felipe Sateler
