* Felipe Sateler <[email protected]> [161013 17:39]: > > systemd-sysctl.service does not start in LXC containters, as they > > have /proc/sys R/O. *BUT* /proc/sys/net is R/W.
> 1. Have systemd-sysctl lose the ConditionPathIsReadWrite, and > systemd-sysctl itself should check which prefixes are writable. Or, for now, it could just fail for sysctls that are not writable. Benefits: Similar to what the old sysctl tool would be doing. Also very clear failure mode for these. (Ignoring them would be silent failure...) > 2. Have lxc (or the template) ship a new systemd-sysctl-net.service, > that includes the new ExecStart and an updated > ConditionPathIsReadWrite > > Option 2 looks like something that has a chance of being fixed in > jessie, although by the LXC folks. Option 1 may be addressed upstream, > but I don't think this fits backporting material. I don't massively care about this in jessie; we already have a workaround for it. But it'd be nice to get this fixed for stretch. Having a fix in LXC sounds wrong to me - everything that depends on template creations scripts has a high chance of failing. (A ton of users do not run those creation scripts in the first place, but get their templates from elsewhere, sometimes plain debootstrap.) C. -- ,''`. Christian Hofstaedtler <[email protected]> : :' : Debian Developer `. `' 7D1A CFFA D9E0 806C 9C4C D392 5C13 D6DB 9305 2E03 `-
