Hi, Am 12.12.2014 um 07:26 schrieb Cameron Norman: > On Sun, 09 Nov 2014 16:22:36 +0100 Michael Biebl <bi...@debian.org> wrote: >> not not systemd. That said, if there is something we can do in the >> systemd package, to make it work (better) in lxc, please let us know. > > There are a few things. Linking sigpwr.target to halt.target would make > lxc-stop work *cleanly* OOTB.
Why is that necessary to stop lxc containers cleanly? That sounds odd. Also the patch to getty@.service shown > here would help: > https://wiki.archlinux.org/index.php/Linux_Containers#lxc-console_does_not_provide_a_login_prompt > > > The big one would be to pop up a prompt on first install of systemd-sysv > while in an lxc container (similar to the /etc/inittab checking and > associated message that is planned I think) telling the user that the > host's version of LXC must be 0.8 or greater (available in > squeeze-backports and wheezy), and the configuration for the container > (a file on the host) needs to contain the lines `lxc.kmsg = 0` and > `lxc.autodev = 1`. If lxc in wheezy is recent enough, tbh I wouldn't worry too much about squeeze users running jessie containers. I think documenting that fact is sufficient. > That last one is difficult because the host may not support those > options (older than 0.8 LXC version), we can not adjust them ourselves > from inside the container, and the container becomes unbootable if they > are not set correctly (I think journald uses 100% CPU if lxc.kmsg is 1 > instead of 0). > Also apparently udev should not run in containers. Do you think we > should have something with ConditionVirtualization!=container or > whatever in the udev service file? The systemd-udevd service already has ConditionPathIsReadWrite=/sys which I thought was there to make sure udevd is not started in a container. Does lxc (bind)-mount /sys writable into the containers? If so, maybe it should change that. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
