Bug#768827: systemd: issues with systemd in a lxc container

Michael Biebl biebl at debian.org
Fri Dec 12 08:25:46 GMT 2014 

Hi,

Am 12.12.2014 um 07:26 schrieb Cameron Norman:
> On Sun, 09 Nov 2014 16:22:36 +0100 Michael Biebl <biebl at debian.org> wrote:
>> not not systemd. That said, if there is something we can do in the
>> systemd package, to make it work (better) in lxc, please let us know.
> 
> There are a few things. Linking sigpwr.target to halt.target would make
> lxc-stop work *cleanly* OOTB. 

Why is that necessary to stop lxc containers cleanly? That sounds odd.

Also the patch to getty at .service shown
> here would help:
> https://wiki.archlinux.org/index.php/Linux_Containers#lxc-console_does_not_provide_a_login_prompt
> 
> 
> The big one would be to pop up a prompt on first install of systemd-sysv
> while in an lxc container (similar to the /etc/inittab checking and
> associated message that is planned I think) telling the user that the
> host's version of LXC must be 0.8 or greater (available in
> squeeze-backports and wheezy), and the configuration for the container
> (a file on the host) needs to contain the lines `lxc.kmsg = 0` and
> `lxc.autodev = 1`.

If lxc in wheezy is recent enough, tbh I wouldn't worry too much about
squeeze users running jessie containers. I think documenting that fact
is sufficient.

> That last one is difficult because the host may not support those
> options (older than 0.8 LXC version), we can not adjust them ourselves
> from inside the container, and the container becomes unbootable if they
> are not set correctly (I think journald uses 100% CPU if lxc.kmsg is 1
> instead of 0).



> Also apparently udev should not run in containers. Do you think we
> should have something with ConditionVirtualization!=container or
> whatever in the udev service file?

The systemd-udevd service already has ConditionPathIsReadWrite=/sys
which I thought was there to make sure udevd is not started in a
container. Does lxc (bind)-mount /sys writable into the containers?
If so, maybe it should change that.


Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20141212/51805b45/attachment-0002.sig>

More information about the Pkg-systemd-maintainers mailing list