[systemd-devel] Secure Linux Containers. I have masked down the systemd starting most daemons within containers.

Daniel J Walsh dwalsh at redhat.com
Thu Feb 14 04:16:09 PST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Welcome to Fedora 19 (Rawhide)!

Set hostname to <lincoln3>.
  /dev/mapper/control: mknod failed: Operation not permitted
  Failure to communicate with kernel device-mapper driver.
  Check that device-mapper is available in the kernel.
[  OK  ] Listening on Delayed Shutdown Socket.
[  OK  ] Reached target Swap.
[  OK  ] Reached target Local File Systems.
[  OK  ] Listening on Journal Socket.
         Starting Recreate Volatile Files and Directories...
         Starting Journal Service...
[  OK  ] Started Journal Service.
[  OK  ] Started Recreate Volatile Files and Directories.
[  OK  ] Reached target System Initialization.
[  OK  ] Listening on D-Bus System Message Bus Socket.
[  OK  ] Reached target Sockets.
[  OK  ] Reached target Basic System.
         Starting The Apache HTTP Server...
[  OK  ] Started The Apache HTTP Server.
[  OK  ] Reached target Sandbox multi-user target.
Failed to issue method call: Unit chronyd.service is not loaded.


As you can see, it looks like systemd is attempting to start some lvm stuff
and crond.  Any ideas on where this stuff is being started?  I want neither to
run within the container.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlEc1YkACgkQrlYvE4MpobMGQwCfT/jvY0w4QzdNl/ppCwmCtIDk
HSAAoInIj7gwN88KJEEy1AHVOtaC7Qsg
=mtsv
-----END PGP SIGNATURE-----


More information about the systemd-devel mailing list