[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [atomic-devel] Systemd, containers, and pid=host
- From: Daniel J Walsh <dwalsh redhat com>
- To: Lars Kellogg-Stedman <lars redhat com>
- Cc: "atomic-devel projectatomic io" <atomic-devel projectatomic io>
- Subject: Re: [atomic-devel] Systemd, containers, and pid=host
- Date: Thu, 12 Mar 2015 16:28:45 -0400
On 03/12/2015 03:35 PM, Lars Kellogg-Stedman wrote:
> On Thu, Mar 12, 2015 at 01:21:01PM -0400, Daniel J Walsh wrote:
>> docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup -n MYUNIT MYUNIT
>>
>> With docker-1.5.0 in rhel this should run systemd within a container
> Have we done something to remove the requirement for --privileged when
> using systemd in a container? With vanilla docker, units making use
> of, e.g., PrivateTmp=true will fail without CAP_SYS_ADMIN.
>
We have containers in RHEL and Centos which do not have this requirement.
We are moving the patches into Fedora/Rawhide now. There are two
patches that have
not been accepted upstream yet, which have kept us from doing this til now.
I think systemd will be the best option for this. Perhaps we could
cause the /sys/fs/cgroup to
be mounted with a command, to keep systemd happy.
- References:
- [atomic-devel] Systemd, containers, and pid=host
- From: Lars Kellogg-Stedman
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- Re: [atomic-devel] Systemd, containers, and pid=host
- From: Lars Kellogg-Stedman
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]