[systemd-devel] I have switched libvirt-sandbox containers to use multi-user.target
Lennart Poettering
lennart at poettering.net
Fri Nov 16 11:56:49 PST 2012
On Fri, 16.11.12 09:23, Daniel J Walsh (dwalsh at redhat.com) wrote:
> The only problem I see is that now sysV init scripts are firing off within the
> container. (iSCSI daemon). What can I do to stop this within the container?
Services such as the iscsi daemon which one can sort in the "driver"
category should never run in containers I believe. To automaticalky execution
of these services in containers you can use ConditionVirtualization (as
Colin already suggested). ConditionVirtualization=!container should do
the job. (See systemd.unit(5) for details).
That said, iscsid on Fedora currently is still a sysv script, which is a
bit disappointing, and there's hence no place to add
ConditionVirtualization=. My recommendation would be to get the iscsi
folks to convert it into a systemd unit file, they should do that anyway
soon. But as a temporary work-around you could just "mask" the unit in
your container. Just add a symlink to /dev/null for
/etc/systemd/system/iscsi.service and it will mask the sysv service and
make it entirely unavailable. See this for details:
http://0pointer.de/blog/projects/three-levels-of-off.html
That said, manually masking things in the container in your script
really is hacky, and I am pretty sure the better way is to get iscsid
fixed to become a native systemd unit file that usese
ConditionVirtualization to disable itself in a container.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list