[systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice

If I want to run a container as a service, it would be nice if it used the service cgroup configuration --- src/nspawn/nspawn.c | 17 + 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 1394ee6..9042412 100644 --- a/src/

[systemd-devel] [PATCH 1/1] Add SELinux support to systemd-nspawn

This patch adds to new options: -Z PROCESS_LABEL This specifies the process label to run on processes run within the container. -L FILE_LABEL The file label to assign to memory file systems created within the container. For example if you wanted to wrap an container with SELinux sandbox labels

[systemd-devel] Fix systemd-udev labeling of /var/run directory.

systemd-udev is currently incorrectly labeling /run/udev/* content because it is using selinux prefix labeling of /dev. This patch will allow systemd-udev to use prefix labeling of /dev and /run. >From 779a7148a40f56529821d37ac348abec3b565459 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: