[systemd-devel] nspawn: devpts not mounted with PrivateUsers

Lennart Poettering lennart at poettering.net
Thu Apr 20 10:32:20 UTC 2017


On Thu, 20.04.17 00:14, Olaf the Lost Viking (olaf.the.lost.viking at gmail.com) wrote:

> > Don't do this. If you register the group like this, nspawn will
> > normally abstain from using this group. Use "nss-mymachines" instead
> > (consider lobbying your distro to turn it on automatically when
> > nspawn/machined are installed) which will make all private UIDs used
> > by nspawn (or any other machined registered containers) appear in the
> > user database (as shown by getent passwd) without any modification of
> > /etc/passwd or any other file therein.
> 
> I'm glad that I don't have to do that! It was one of the experiments to get 
> things to to work. Letting systemd do that automatically is much, much better!
> 
> The nss-mymachines/myhostname/resolve/systemd aren't installed in a Debian 
> minbase - you are right! I figured that out, too, and installed them manually. 
> But I guess this is fair as I explicitly asked for a _minimal_
> installation.

nss-mymachines really should be part of the same package as
nspawn/machined, not the one of resolved. Please ask your distro to
fix that...

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list