On Sat, 15.09.12 21:57, Pierre Schmitz ([email protected]) wrote: > Hi, > > systemd-nspawn does not create a tmpfs mount to /dev/shm. Is this an > oversight or intentional?
The original intention here was to mount only the stuff that is necessary to get a system booted up safely in place. i.e. we mount /dev because we populate it with the safe subset of device nodes. And we mount /proc, so that we can mount /proc/sys read-only into it. But for /dev/shm there was simply no real reason for, since the OS booted in it could just do that safely on its own. That said, I do actually agree it is useful to just pre-mount it these days, too, for three reasons: a) it's kinda surprising that we mount all the rest, just not this one, so let's just go for it; b) for people who just spawn a shell in it rather than a full OS it makes life simpler; c) it probably makes sense to do this to make boots without CAP_SYS_ADMIN possible. (right now we hard add CAP_SYS_ADMIN for nspawn containers, but we could actully make that optional, and should.) Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
