On Mo, 02.07.18 17:25, Nikolaus Rath ([email protected]) wrote: > On Jul 02 2018, Lennart Poettering <[email protected]> wrote: > >> Still not quite working, now there seems to be a problem with > >> /proc/self/fd in the new shell: > >> > >> $ sudo systemd-nspawn -M $MACHINE \ > >> --private-users=1379532800:65536 --private-network \ > >> --as-pid2 > [...] > >> > >> What's happening here? > > > > the stdin/stdout/stderr fds of the nsenter process reference pipes > > that belong to the host side, and the kernel doesn't allow them to be > > reopened if user namespacing is used, for security reasons. > > > > "systemd-run -M $MACHINE -t /bin/sh" should generally be the better > > choice than "nsenter", > > Yeah, but: > > $ sudo systemd-run -M iofabric -t /bin/sh > [sudo] password for nikratio: > Failed to create bus connection: No such file or directory > > Does this maybe require a systemd instance running in the container?
Yes, "systemd-run" talks to a systemd instance to create a service on-the-fly. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
