[systemd-devel] systemd-nspawn: starting multiple shells
Nikolaus Rath
Nikolaus at rath.org
Mon Jul 2 16:25:03 UTC 2018
On Jul 02 2018, Lennart Poettering <lennart at poettering.net> wrote:
>> Still not quite working, now there seems to be a problem with
>> /proc/self/fd in the new shell:
>>
>> $ sudo systemd-nspawn -M $MACHINE \
>> --private-users=1379532800:65536 --private-network \
>> --as-pid2
[...]
>>
>> What's happening here?
>
> the stdin/stdout/stderr fds of the nsenter process reference pipes
> that belong to the host side, and the kernel doesn't allow them to be
> reopened if user namespacing is used, for security reasons.
>
> "systemd-run -M $MACHINE -t /bin/sh" should generally be the better
> choice than "nsenter",
Yeah, but:
$ sudo systemd-run -M iofabric -t /bin/sh
[sudo] password for nikratio:
Failed to create bus connection: No such file or directory
Does this maybe require a systemd instance running in the container? My
problem was that I can't run "machinectl shell" because the systemd
version in the container is too old..
Best,
-Nikolaus
--
GPG Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«
More information about the systemd-devel
mailing list