Bug#840529: systemd-sysctl.service does not run in LXC containers
Felipe Sateler
fsateler at debian.org
Thu Oct 13 16:38:31 BST 2016
On 12 October 2016 at 10:26, Christian Hofstaedtler <zeha at debian.org> wrote:
> Package: systemd
> Version: 215-17+deb8u5
> Severity: normal
> Tags: upstream
>
> Hi,
>
> systemd-sysctl.service does not start in LXC containters, as they
> have /proc/sys R/O. *BUT* /proc/sys/net is R/W.
>
> It'd be useful if the net-specific settings would still be applied at
> boot.
>
> Arch has "fixed" this in their lxc package by modifying
> systemd-sysctl.service when creating a new container, but this can
> not be the correct solution.
> See https://github.com/lxc/lxc/pull/683/commits/427d42930d99f93bf78c61ec9f555dd883c5039e
So the solutions AFAICS are:
1. Have systemd-sysctl lose the ConditionPathIsReadWrite, and
systemd-sysctl itself should check which prefixes are writable.
2. Have lxc (or the template) ship a new systemd-sysctl-net.service,
that includes the new ExecStart and an updated
ConditionPathIsReadWrite
Option 2 looks like something that has a chance of being fixed in
jessie, although by the LXC folks. Option 1 may be addressed upstream,
but I don't think this fits backporting material.
--
Saludos,
Felipe Sateler
More information about the Pkg-systemd-maintainers
mailing list