[systemd-devel] machinectl create container via dbus

[Lennart Poettering]

On Wed, 25.02.15 02:22, Vasiliy Tolstov (v.tolstov at selfip.ru) wrote:

Heya,

> Hello =). I'm try to think about creating containers with
> systemd-nspawn and machinectl from dbus. Does it possibe?

We provide a small daemon "systemd-importd" that can import tar, raw
or dkr containers and place them in /var/lib/machines, doing gpg
verification, decompression, sparse file restoration and so
on. machinectl's "pull-tar", "pull-raw" and "pull-dkr" commands are
simply frontends for what systemd-importd provides.

You can also access importd from your own programs, this is supposed
to be a public API. However, there's currently no documentation for the
bus API, as this is a really recent addition (219), hence check
machinectl's sources for details, as well as "busctl introspect" and
"gdbus introspect.

> I need dbus because i have unprivileged app, that needs to create
> container and run it. I'm try libvirt, but it does not have ability to
> download image (only possible to use already prepared directory or
> downloaded image)

importd's APIs are opened up via policykit, hence when you rpovide the
right permission sets you can open this up to unprivileged users.

Lennart

-- 
Lennart Poettering, Red Hat