[systemd-devel] Question for Private* options in systemd.exec

Lennart Poettering lennart at poettering.net
Tue Nov 24 05:06:25 PST 2015

On Tue, 24.11.15 09:13, Sungbae Yoo (sungbae.yoo at samsung.com) wrote:

> Hi,
> I want to use namespaces in systemd services,
> so I'm trying to use Private* (such as PrivateNetwork, PrivateTmp) options.
> But, I wonder that there are no PrivateIPC, PrivateUTS, and PrivateUser.
> How can the service has its own private ipc/uts/user namespace by
> just using systemd.exec options?

systemd servies ar enot supposed to be a container environment. Hence
they only expose namespacing options that slightly rearrange things,
take rights way and suchlike but do not make structural changes to the
whole system, they don't create a completely new virtualized machine
for the service. For that kind of stuff use systemd-nspawn.

> Is there any reason why PrivateIPC/UTS/User options don't exist?

Because these would be concepts for doing containers, and hence fit
more in the nspawn tool than in systemd itself.

> If there is no reason, Can I make some patches to add these options?

What precisely would the usecase be for that?


Lennart Poettering, Red Hat

More information about the systemd-devel mailing list