[systemd-devel] I have switched libvirt-sandbox containers to use multi-user.target
Daniel J Walsh
dwalsh at redhat.com
Fri Nov 16 12:06:49 PST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/16/2012 02:56 PM, Lennart Poettering wrote:
> On Fri, 16.11.12 09:23, Daniel J Walsh (dwalsh at redhat.com) wrote:
>
>> The only problem I see is that now sysV init scripts are firing off
>> within the container. (iSCSI daemon). What can I do to stop this within
>> the container?
>
> Services such as the iscsi daemon which one can sort in the "driver"
> category should never run in containers I believe. To automaticalky
> execution of these services in containers you can use
> ConditionVirtualization (as Colin already suggested).
> ConditionVirtualization=!container should do the job. (See systemd.unit(5)
> for details).
>
> That said, iscsid on Fedora currently is still a sysv script, which is a
> bit disappointing, and there's hence no place to add
> ConditionVirtualization=. My recommendation would be to get the iscsi folks
> to convert it into a systemd unit file, they should do that anyway soon.
> But as a temporary work-around you could just "mask" the unit in your
> container. Just add a symlink to /dev/null for
> /etc/systemd/system/iscsi.service and it will mask the sysv service and
> make it entirely unavailable. See this for details:
>
> http://0pointer.de/blog/projects/three-levels-of-off.html
>
> That said, manually masking things in the container in your script really
> is hacky, and I am pretty sure the better way is to get iscsid fixed to
> become a native systemd unit file that usese ConditionVirtualization to
> disable itself in a container.
>
> Lennart
>
Isn't there a way to shut off systemV init scripts altogether, it just so
happens that we hit one on my machine. But in the field a customer could have
an init script and then setup containers and systemd will attempt to start it.
I want a way to say don't run SysV Init scripts altogether.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlCmnNgACgkQrlYvE4MpobNKyQCcCIVQS/FuvOg3wWYi6AvgFMAw
mI4AnA14UHY47GUd1uQROjDXmlv1TmDT
=Ew3x
-----END PGP SIGNATURE-----
More information about the systemd-devel
mailing list