[systemd-devel] Run fuse in nspawn container?

I’m running with systemd-nspawn —capability=all but now I also need /dev/fuse and I’m not permitted to create it. man systemd-nspawn says that "Device nodes may not be created.” which sounds like game over and no Fuse in the container. Is it? Thanks, Johannes. _

[systemd-devel] Apparmor in containers

Hi there, we use apparmor on our production systems and want to test the setup in our test environment based on systemd-nspawn. Therefore, I installed apparmor on the host (debian stretch) and updated  GRUB_CMDLINE_LINUX in /etc/default/grub to enable apparmor. I can use apparmor on the host sys

Re: [systemd-devel] nspawn: how to rename network interfaces?

Apr 5, 2018, 1:14 PM by [email protected]: > How can I define ipvlan interface names for the container? E.g. I need > multiple ipvlan interfaces on the host that are mapped to the interface name > "dmz" in multiple containers. > Attaching and naming macvlan/ipvlan interfaces to a container is

[systemd-devel] How to get rid of audit logs only from the systemd journal?

I'm using AppArmor and it sometimes returns many audit logs. By default there was something like this in the journal: ... audit[1397]: AVC apparmor= ... ... kernel: audit: type=1400 audit(1523275695.613:76): apparmor= ... So there are two entries and they carry the same message. So the message is