[systemd-devel] systemd-nspawn trouble
Michael Biebl
mbiebl at gmail.com
Wed Apr 22 05:22:08 PDT 2015
2015-04-22 14:14 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
> On Wed, 22.04.15 14:09, Michael Biebl (mbiebl at gmail.com) wrote:
>
>> 2015-04-22 13:57 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
>> >> Maybe we should simply list the iptables kernel modules in
>> >> src/core/kmod-setup, and then tell people to blacklist them if they
>> >> really don't want them.
>> >
>> > I have made such a change now:
>> >
>> > http://cgit.freedesktop.org/systemd/systemd/commit/?id=1d3087978a8ee23107cb64aa55ca97aefe9531e2
>>
>> Not everyone is using networkd or nspawn though, so loading this
>> module for everyone is a bit excessive.
>
> Well, then blacklist the module or don't build it at all.
That's the wrong way around.
>> Why non let nspawn and networkd complain loudly if iptables support is missing?
>> This would also be better in case you have a kernel compiled withouth
>> iptables support.
>
> For the same reason that iptables doesn't complain loudly but loads
> it. To be user-friendly and just make things work?
iptables loads it on-demand, If nspawn or networkd would load it
on-demand, I would have no problem with it.
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
More information about the systemd-devel
mailing list