[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] systemd as pid 1 in an unprivileged container.

From: Daniel J Walsh <dwalsh redhat com>
To: Tobias Florek <atomic ibotty net>, atomic-devel projectatomic io, Lukas Nykryn <lnykryn redhat com>, Lennart Poettering <lennart poettering net>
Subject: Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
Date: Fri, 16 Sep 2016 06:23:34 -0400


On 09/15/2016 06:42 AM, Tobias Florek wrote:
> Thank you for you heroic effort to make docker containers a better
> citizen! It is very appreciated.
>
> Is there some work underway (or planned) to run systemd with non-zero
> pid? That is some additional isolation that would benefit e.g. Openshift
> tremendously.
>
> Cheers,
>  Tobias Florek
I think we need to discuss this with the systemd team.  We are currently
looking into running non privileged containers as a user launched
at boot time using systemd.

Lukas what is the chances of getting a systemd that would run as a non
root user as pid 1 inside of a container?  Could we execute systemd-user
to do something like that?

Follow-Ups:
- Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Lukáš Nykrýn

References:
- [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Daniel J Walsh
- Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Tobias Florek

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]