[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
- From: Daniel J Walsh <dwalsh redhat com>
- To: Lukáš Nykrýn <lnykryn redhat com>, Tobias Florek <atomic ibotty net>, atomic-devel projectatomic io, Lennart Poettering <lennart poettering net>, Giuseppe Scrivano <gscrivan redhat com>
- Subject: Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
- Date: Fri, 16 Sep 2016 07:07:57 -0400
On 09/16/2016 07:04 AM, Lukáš Nykrýn wrote:
> Daniel J Walsh píše v Pá 16. 09. 2016 v 06:23 -0400:
>> On 09/15/2016 06:42 AM, Tobias Florek wrote:
>>> Thank you for you heroic effort to make docker containers a better
>>> citizen! It is very appreciated.
>>>
>>> Is there some work underway (or planned) to run systemd with non-zero
>>> pid? That is some additional isolation that would benefit e.g. Openshift
>>> tremendously.
>>>
>>> Cheers,
>>> Tobias Florek
>> I think we need to discuss this with the systemd team. We are currently
>> looking into running non privileged containers as a user launched
>> at boot time using systemd.
>>
>> Lukas what is the chances of getting a systemd that would run as a non
>> root user as pid 1 inside of a container? Could we execute systemd-user
>> to do something like that?
> Currently this is not possible, but I think to making that work it
> would require just minor changes. Anyway I don't want to promise
> anything, so can we postpone this discussion to systemd conference?
>
> Lukas
Sure although I will not be there. ALthough I could dial in. I think
Giuseppe Scrivano <gscrivan redhat com>
will be there though.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]