>>> Branko schrieb am 29.09.2022 um 01:01 in Nachricht
<20220928230155.783c1a69@\040none\041brane_wrks>:
...
> It's hard to sift through all those piles of manpages without missing
> something.
I agree: It's all very complex.
On Wed, 28 Sep 2022 23:33:22 +0100
Luca Boccassi wrote:
>
> https://www.freedesktop.org/software/systemd/man/systemd.exec.html#BindPaths=
>
> "This option is particularly useful when RootDirectory=/RootImage= is
> used. In this case the source path refers to a path on the host file
> system, whi
On Wed, 2022-09-28 at 09:59 +, Branko wrote:
> On Wed, 28 Sep 2022 19:26:58 +1000 (AEST)
> Michael Chapman wrote:
>
> > On Wed, 28 Sep 2022, Branko wrote:
> > [...]
> >
> > No.
> >
> > I've given you a small, self-contained, working example.
> >
> > It's now your turn to give us a small
On Wed, 28 Sep 2022 19:26:58 +1000 (AEST)
Michael Chapman wrote:
> On Wed, 28 Sep 2022, Branko wrote:
> [...]
>
> No.
>
> I've given you a small, self-contained, working example.
>
> It's now your turn to give us a small, self-contained, non-working
> example, and to tell us what error mes
On Wed, 28 Sep 2022, Branko wrote:
> On Wed, 28 Sep 2022 19:07:14 +1000 (AEST)
> Michael Chapman wrote:
>
> 1. ExecSTart is relative to RootDirectory (at least for me).
>
> 2. I've just simpliefied my service file to equal yours - simle static
> executable in RootDirectory inside /tmp. It works.
On Wed, 28 Sep 2022 19:07:14 +1000 (AEST)
Michael Chapman wrote:
1. ExecSTart is relative to RootDirectory (at least for me).
2. I've just simpliefied my service file to equal yours - simle static
executable in RootDirectory inside /tmp. It works.
But I can't bind-mount nothing inside tmpfs, so
On Wed, 28 Sep 2022 19:07:14 +1000 (AEST)
Michael Chapman wrote:
ExecStart works relative to RootDirectory.
At least for me.
> On Wed, 28 Sep 2022, Branko wrote:
> > OK. You have bound one path. Is the executable within it or is it
> > irrelevant for the case ( and the executable is in /tmp) ?
On Wed, 28 Sep 2022, Branko wrote:
> OK. You have bound one path. Is the executable within it or is it
> irrelevant for the case ( and the executable is in /tmp) ?
No, the executable was in the chroot's root directory. That's why I
referred to it with:
ExecStart=/hello
You could put the ex
On Wed, 28 Sep 2022 18:51:01 +1000 (AEST)
Michael Chapman wrote:
> On Wed, 28 Sep 2022, Branko wrote:
> > On Wed, 28 Sep 2022 18:11:14 +1000 (AEST)
> > Michael Chapman wrote:
> >
> > Sure, but this example is kind of useless as it doesn't bind-mount
> > anything into chroot.
>
> Sure, but yo
On Wed, 28 Sep 2022, Branko wrote:
> On Wed, 28 Sep 2022 18:11:14 +1000 (AEST)
> Michael Chapman wrote:
>
> Sure, but this example is kind of useless as it doesn't bind-mount
> anything into chroot.
Sure, but you didn't mention anything about bind mounts.
I added:
BindReadOnlyPaths=/usr
a
On Wed, 28 Sep 2022 18:11:14 +1000 (AEST)
Michael Chapman wrote:
Sure, but this example is kind of useless as it doesn't bind-mount
anything into chroot.
We have already established (sorry, didn't post it to the whole list,
it seems):
1. After service fails to start, it doesn't properly unmount
> Is there a simple demo example that uses it that I could try ?
This worked for me:
$ cd /tmp/root
$ cat hello.c
#include
int main(void) {
puts("Hello, world!");
}
$ clang -static -o hello hello.c
$ cat /etc/systemd/system/hello.service
[Service]
Ty
And WHAT EXACTLY does not work?
>>> schrieb am 28.09.2022 um 05:35 in Nachricht
<20220928033517.3ffbcce4@\040none\041brane_wrks>:
> I'm trying to start services within controlled jailroot. So I tried
> using RootDirectory directive as described in systemd‑exec man page.
>
> It should be simple,
I'm trying to start services within controlled jailroot. So I tried
using RootDirectory directive as described in systemd-exec man page.
It should be simple, but I never managed to make it work.
I tried to
start simple minimalistic, statically compiled program that just prints
"Hello world". It h
14 matches
Mail list logo