On Sun, Feb 16, 2014 at 12:03:21AM +0100, Djalal Harouni wrote: > Currently systemd-nspawn will call reset_audit_loginuid() and check > if audit is enabled in the kernel even if it was invoked without the > --boot argument. This makes systemd-nspawn print the audit error message > and sleep(5) on every execution. > > This was introduced by commit db999e0f923ca6. Fix it by checking if > arg_boot is set before before calling reset_audit_loginuid(). I'd argue that reset_audit_loginuid() should be called always, and the loginuid reset if possible. One might execute the real init later anyway.
But later after db999e0f923ca6 Lennart added the seccomp wrapper, when it turned out that resetting the audit loginuid is not enough. So maybe with that additional change audit doesn't break containers even with older kernels and the message and the delay could be done away with altogether? Zbyszek _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
