[systemd-devel] nspawn: devpts not mounted with PrivateUsers

Michael Biebl mbiebl at gmail.com
Thu Apr 20 11:09:41 UTC 2017


2017-04-20 12:32 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
> On Thu, 20.04.17 00:14, Olaf the Lost Viking (olaf.the.lost.viking at gmail.com) wrote:
>
>> > Don't do this. If you register the group like this, nspawn will
>> > normally abstain from using this group. Use "nss-mymachines" instead
>> > (consider lobbying your distro to turn it on automatically when
>> > nspawn/machined are installed) which will make all private UIDs used
>> > by nspawn (or any other machined registered containers) appear in the
>> > user database (as shown by getent passwd) without any modification of
>> > /etc/passwd or any other file therein.
>>
>> I'm glad that I don't have to do that! It was one of the experiments to get
>> things to to work. Letting systemd do that automatically is much, much better!
>>
>> The nss-mymachines/myhostname/resolve/systemd aren't installed in a Debian
>> minbase - you are right! I figured that out, too, and installed them manually.
>> But I guess this is fair as I explicitly asked for a _minimal_
>> installation.
>
> nss-mymachines really should be part of the same package as
> nspawn/machined, not the one of resolved. Please ask your distro to
> fix that...

nspawn/machined are in the systemd-container package in Debian, which
in turn recommends libnss-mymachines.
Recommends are installed by default, unless the user explicitly disables that.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?


More information about the systemd-devel mailing list