[systemd-devel] systemd-nspawn trouble
Lennart Poettering
lennart at poettering.net
Wed Apr 22 05:14:30 PDT 2015
On Wed, 22.04.15 14:09, Michael Biebl (mbiebl at gmail.com) wrote:
> 2015-04-22 13:57 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
> >> Maybe we should simply list the iptables kernel modules in
> >> src/core/kmod-setup, and then tell people to blacklist them if they
> >> really don't want them.
> >
> > I have made such a change now:
> >
> > http://cgit.freedesktop.org/systemd/systemd/commit/?id=1d3087978a8ee23107cb64aa55ca97aefe9531e2
>
> Not everyone is using networkd or nspawn though, so loading this
> module for everyone is a bit excessive.
Well, then blacklist the module or don't build it at all.
> Why non let nspawn and networkd complain loudly if iptables support is missing?
> This would also be better in case you have a kernel compiled withouth
> iptables support.
For the same reason that iptables doesn't complain loudly but loads
it. To be user-friendly and just make things work?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list