On 11/11/16 20:09, Lennart Poettering wrote:
> I have no idea what "slurm" is, but do note that the "devices" cgroup
> controller has no future, it is unlikely to ever become available in
> cgroupsv2.
This is unwelcome news, I think it is a simple and well contained MAC
that has been available in
On Mon, 07.11.16 16:15, Markus Koeberl (markus.koeb...@tugraz.at) wrote:
> hi!
>
> I am using slurm to manage GPU resources. On a host with several
> GPUs installed a user gets only access to the GPUs he asks slurm
> for. This is implemented by using the devices cgroup controller. For
> each job
On Sun, 06.11.16 11:41, Reindl Harald (h.rei...@thelounge.net) wrote:
> > You mix two different things.
> >
> > 1. The behavior that if filesystem from /etc/fstab fails to mount, boot
> > is stopped and administrator intervention is required existed long
> > before systemd.
> >
> > 2. Password i
well you can read user_namespaces(7), the beginning of it at least. it
probably says something about keyrings. so either this info is
incorrect, or I for example understand it wrongly, or whatever.
Also, you know, when you say that currently containers have holes and so
are still not really secure
Why do you turn off keyrings? at least manpages say that userns
virtualizes keyrings or something similar...
W dniu 11.11.2016 o 19:24, Lennart Poettering pisze:
> On Fri, 11.11.16 19:21, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
>
>> audit/autofs are not properly virtualized, I know. But
On Fri, 11.11.16 19:36, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
> Why do you turn off keyrings? at least manpages say that userns
> virtualizes keyrings or something similar...
That'd be a new feature then...
Lennart
--
Lennart Poettering, Red Hat
_
On Fri, Nov 11, 2016 at 4:13 PM, Michael Hirmke wrote:
>
> Does anyone know, what "+::" in /etc/passwd means?
Users in the nis (by default) or nisplus db will be valid on that
system if you have "compat" on the "passwd" line of
"/etc/nsswitch.conf".
___
On Fri, 11.11.16 19:21, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
> audit/autofs are not properly virtualized, I know. But I thought
> keyrings and cgroups are.
most container managers turn off keyrings entirely (as we do in nspawn
actually).
delegating controllers in cgroupsv1 is unsafe,
audit/autofs are not properly virtualized, I know. But I thought
keyrings and cgroups are.
W dniu 11.11.2016 o 18:28, Lennart Poettering pisze:
> On Fri, 11.11.16 16:41, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
>
>> Thank you for your answers!
>>
>> What I meant by secure containers is mo
On Mon, 07.11.16 09:17, Daniel P. Berrange (berra...@redhat.com) wrote:
> On Fri, Nov 04, 2016 at 08:47:34AM +0100, Michal Privoznik wrote:
> > Hey udev developers,
> >
> > I'm a libvirt developer and I've been facing an interesting issue
> > recently. Libvirt is a library for managing virtual ma
On Fri, 11.11.16 14:15, Michal Sekletar (msekl...@redhat.com) wrote:
> On Mon, Nov 7, 2016 at 1:20 PM, Daniel P. Berrange
> wrote:
>
> > So if libvirt creates a private mount namespace for each QEMU and mounts
> > a custom /dev there, this is invisible to udev, and thus udev won't/can't
> > mes
On Fri, 04.11.16 15:54, Bill Lipa (d...@masterleep.com) wrote:
> This might be due to trying to use systemd-nspawn -x with a raw image
> inside the btrfs /var/lib/machines volume. It doesn't work in the
> sense that the container isn't ephemeral, but there's no error message
> either, and this le
On Fri, 11.11.16 16:41, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
> Thank you for your answers!
>
> What I meant by secure containers is mostly, containers that are or will
> be secure enough to use them for things like virtual private server
> hosting. Is nspawn intended to be usable for
On Fri, Nov 11, 2016 at 05:01:40PM +0100, Michal Sekletar wrote:
> On Fri, Nov 11, 2016 at 2:20 PM, Daniel P. Berrange
> wrote:
>
> > What kind of issues ?
>
> General problem with manually created device nodes is that udev and
> systemd do not know about them. Device units do not exist for the
On Fri, Nov 11, 2016 at 2:20 PM, Daniel P. Berrange wrote:
> What kind of issues ?
General problem with manually created device nodes is that udev and
systemd do not know about them. Device units do not exist for these
device nodes. Hence these device units can not be a dependency of some
other
Thank you for your answers!
What I meant by secure containers is mostly, containers that are or will
be secure enough to use them for things like virtual private server
hosting. Is nspawn intended to be usable for such things in the future,
or maybe it already is, or whatever?
What kernel limitati
Heya!
For those hackers who need a financial incentive to hack on systemd:
somebody posted a 250 USD bounty for an RFE issue on github:
https://github.com/systemd/systemd/issues/3097
Lennart
___
systemd-devel mailing list
systemd-devel@lists.fr
Hi Markus,
>On Friday 11 November 2016 15:13:00 Michael Hirmke wrote:
>> Does anyone know, what "+::" in /etc/passwd means?
>This line is for the NIS client.
thx for the explanation.
>regards
>Markur Köberl
Bye.
Bye.
Michael.
--
Michael Hirmke
___
Hi Simon,
>On Fri, 11 Nov 2016 at 15:13:00 +0100, Michael Hirmke wrote:
>> Does anyone know, what "+::" in /etc/passwd means?
>It's to do with the NSS "compat" plugin, which glues together
>NIS and a traditional password file.
>Look for "Compatibility mode (compat)" in
>http://man7.org/linux/
On Fri, 11.11.16 22:31, zerons (sironhide0n...@gmail.com) wrote:
> >> Hi everyone.
> >>
> >> Everyday, I need to do something like `git pull` after system
> >> bootup and `git push` before shutdown. I am using Ubuntu 16.04.
> >> I have tried to put some script into /etc/rc0.d/, /etc/rc6.d/,
> >> e
On Friday 11 November 2016 15:13:00 Michael Hirmke wrote:
> Does anyone know, what "+::" in /etc/passwd means?
This line is for the NIS client.
regards
Markur Köberl
--
Markus Koeberl
Graz University of Technology
Signal Processing and Speech Communication Laboratory
E-mail: markus.koeb...
On Fri, 11 Nov 2016 at 15:13:00 +0100, Michael Hirmke wrote:
> Does anyone know, what "+::" in /etc/passwd means?
It's to do with the NSS "compat" plugin, which glues together
NIS and a traditional password file.
Look for "Compatibility mode (compat)" in
http://man7.org/linux/man-pages/man5/ns
On 11/11/2016 08:44 PM, Lennart Poettering wrote:
> On Wed, 09.11.16 21:11, zerons (sironhide0n...@gmail.com) wrote:
>
>> Hi everyone.
>>
>> Everyday, I need to do something like `git pull` after system
>> bootup and `git push` before shutdown. I am using Ubuntu 16.04.
>> I have tried to put som
Hi Lennart,
>On Fri, 11.11.16 14:41, Michael Hirmke (m...@mike.franken.de) wrote:
>> Hi *,
>>
>> can anyone help me with this error message:
>>
>> systemd-timesyncd[857]: Cannot resolve user name systemd-timesync: No
>> such process
>>
>> This happens with systemd-228-13.1.x86_64 on openSuSE Leap
On Sat, 05.11.16 21:06, Wilhelm Schuster (w...@wilhelm.re) wrote:
> Hi,
>
> I’m trying to run a command inside a container (spawned via
> nspawn). `machinectl shell` and `systemd-run` seem like two ways
> that accomplish that in systemd. Machinectl’s man page [0] states
> the following:
>
> Note
On Fri, 11.11.16 14:41, Michael Hirmke (m...@mike.franken.de) wrote:
> Hi *,
>
> can anyone help me with this error message:
>
> systemd-timesyncd[857]: Cannot resolve user name systemd-timesync: No
> such process
>
> This happens with systemd-228-13.1.x86_64 on openSuSE Leap 42.2 RC2.
>
> The
Hi *,
can anyone help me with this error message:
systemd-timesyncd[857]: Cannot resolve user name systemd-timesync: No
such process
This happens with systemd-228-13.1.x86_64 on openSuSE Leap 42.2 RC2.
The user account systemd-timesync exists in /etc/passwd.
timedatectl output:
Local ti
On Fri, Nov 11, 2016 at 02:15:38PM +0100, Michal Sekletar wrote:
> On Mon, Nov 7, 2016 at 1:20 PM, Daniel P. Berrange
> wrote:
>
> > So if libvirt creates a private mount namespace for each QEMU and mounts
> > a custom /dev there, this is invisible to udev, and thus udev won't/can't
> > mess wit
On Mon, Nov 7, 2016 at 1:20 PM, Daniel P. Berrange wrote:
> So if libvirt creates a private mount namespace for each QEMU and mounts
> a custom /dev there, this is invisible to udev, and thus udev won't/can't
> mess with permissions we set in our private /dev.
>
> For hotplug, the libvirt QEMU wo
On Wed, 09.11.16 18:24, Michał Zegan (webczat_...@poczta.onet.pl) wrote:
> Hello.
>
> Does systemd-nspawn intent to be a full secure container technology? or
> it maybe already is? what is missing?
I am not sure what "full secure container technology" realls is
supposed to mean.
nspawn right no
On Wed, 09.11.16 21:11, zerons (sironhide0n...@gmail.com) wrote:
> Hi everyone.
>
> Everyday, I need to do something like `git pull` after system
> bootup and `git push` before shutdown. I am using Ubuntu 16.04.
> I have tried to put some script into /etc/rc0.d/, /etc/rc6.d/,
> each time the scri
31 matches
Mail list logo
