On Mon, 20.10.14 19:16, Richard Weinberger (rich...@nod.at) wrote: > > Have you read the link I posted? > > Sure, I've also been in the room in Düsseldorf while you've read it > in front of us.
Not that I changed it since then... ;-) > > Yes, I test systemd inside containers. Daily. Actually it's my primary > > way of testing systemd, since it is extremely quick and allows me to > > attach from the host with debugging tools... > > > > As long as you follow the suggestions in the document I linked systemd > > will work without modifications in container managers. At least > > libvirt-lxc and nspawn follows these suggestions, not sure about the > > other container managers. > > If I read the source of nspwan correctly, it does not use user > namespaces. Ah, this is about user namespaces? No I have not played around with them so far. Sorry. > libvirt-lxc is currently not sure how to support systemd. So far it > bind mounts only the machine specific part of cgroups into the container. > Which is not really nice but better than exposing the whole hierarchy into > the container. It really should also bind mount the upper parts, but possibly mark them read-only (which nspawn currently doesn't do). Thanks, Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
