[systemd-devel] Question for Private* options in systemd.exec
lennart at poettering.net
Tue Nov 24 05:06:25 PST 2015
On Tue, 24.11.15 09:13, Sungbae Yoo (sungbae.yoo at samsung.com) wrote:
> I want to use namespaces in systemd services,
> so I'm trying to use Private* (such as PrivateNetwork, PrivateTmp) options.
> But, I wonder that there are no PrivateIPC, PrivateUTS, and PrivateUser.
> How can the service has its own private ipc/uts/user namespace by
> just using systemd.exec options?
systemd servies ar enot supposed to be a container environment. Hence
they only expose namespacing options that slightly rearrange things,
take rights way and suchlike but do not make structural changes to the
whole system, they don't create a completely new virtualized machine
for the service. For that kind of stuff use systemd-nspawn.
> Is there any reason why PrivateIPC/UTS/User options don't exist?
Because these would be concepts for doing containers, and hence fit
more in the nspawn tool than in systemd itself.
> If there is no reason, Can I make some patches to add these options?
What precisely would the usecase be for that?
Lennart Poettering, Red Hat
More information about the systemd-devel