On Mo, 09.01.23 19:45, Lewis Gaul (lewis.g...@gmail.com) wrote:
> Hi all,
>
> I've come across an issue when restarting a systemd container, which I'm
> seeing on a CentOS 8.2 VM but not able to reproduce on an Ubuntu 20.04 VM
> (both cgroups v1).
selinux?
Lennart
--
Lennart Poettering, Berlin
Hello,
I have a question about service dependencies.
Assume there are two services
* test1
* test2
(for testing purpose only I am using user services)
The test2 service requires that test1 service is active.
The test2 service cannot work if test1 is not active, so it should ensure
* test1 is st
On Tue, Jan 10, 2023, at 06:47, Markus Rathgeb wrote:
>
> How can I declare test2 unit section to ensure it works as expected by me?
>
There are lots of StackOverflow posts about this... it's not as easy as it
seems, so don't feel concerned that your attempt did not work :-)
If you are using a
On Tue, Jan 10, 2023 at 2:48 PM Markus Rathgeb wrote:
>
> Hello,
>
> I have a question about service dependencies.
>
> Assume there are two services
> * test1
> * test2
>
> (for testing purpose only I am using user services)
>
> The test2 service requires that test1 service is active.
> The test2
Following 'setenforce 0' I still see the same issue (I was also suspecting
SELinux!).
A few additional data points:
- this was not seen when using systemd v230 inside the container
- this is also seen on CentOS 8.4
- this is seen under docker even if the container's cgroup driver is
changed from '
Thank you both for your replies and suggestions.
I assume this one is related: https://github.com/systemd/systemd/issues/1312
And yes, I found a lot of posts about this, but no real solution.
I will further read further details about 'Upholds' and 'PropagatesStopTo.
The real use case I need to so
On Di, 10.01.23 13:18, Lewis Gaul (lewis.g...@gmail.com) wrote:
> Following 'setenforce 0' I still see the same issue (I was also suspecting
> SELinux!).
>
> A few additional data points:
> - this was not seen when using systemd v230 inside the container
> - this is also seen on CentOS 8.4
> - thi
I'm aware of the higher level of collaboration between podman and systemd
compared to docker, hence primarily raising this issue from a podman angle.
In privileged mode all mounts are read-write, so yes the container has
write access to the cgroup filesystem. (Podman also ensures write access to
t
I omitted one piece of information about running with --cgroupns=private
thinking it was unrelated, but actually it appears maybe it is related (and
perhaps highlights a variant of the issue that is seen on first-boot, not
only on container restart). Again (and what makes me think it's related), I
Where is the systemd sessionid like `c508` being generated? If kernel
auditd is disabled, then it seems systemd `loginctl list-sessions`
command would list user session ids all with `c` character prefix
instead.
I could not find the source code where these session ids got
generated. Are these sess
The sessions listed in loginctl are created and their IDs assigned by
systemd-logind (when asked by pam_systemd).
If /proc/*/loginuid and /proc/*/sessionid are available (set up by
pam_loginuid), then logind directly takes the audit session ID as logind
session ID.
If those are not available (ker
Thank you Mantas!
On Tue, Jan 10, 2023 at 10:58 PM Mantas Mikulėnas wrote:
>
> The sessions listed in loginctl are created and their IDs assigned by
> systemd-logind (when asked by pam_systemd).
>
> If /proc/*/loginuid and /proc/*/sessionid are available (set up by
> pam_loginuid), then logind
12 matches
Mail list logo
