[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] systemd as pid 1 in an unprivileged container.

From: Lukáš Nykrýn <lnykryn redhat com>
To: Daniel J Walsh <dwalsh redhat com>, Tobias Florek <atomic ibotty net>, atomic-devel projectatomic io, Lennart Poettering <lennart poettering net>
Subject: Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
Date: Fri, 16 Sep 2016 13:04:51 +0200

Daniel J Walsh píše v Pá 16. 09. 2016 v 06:23 -0400:
> 
> On 09/15/2016 06:42 AM, Tobias Florek wrote:
> > 
> > Thank you for you heroic effort to make docker containers a better
> > citizen! It is very appreciated.
> > 
> > Is there some work underway (or planned) to run systemd with non-zero
> > pid? That is some additional isolation that would benefit e.g. Openshift
> > tremendously.
> > 
> > Cheers,
> >  Tobias Florek
> I think we need to discuss this with the systemd team.  We are currently
> looking into running non privileged containers as a user launched
> at boot time using systemd.
> 
> Lukas what is the chances of getting a systemd that would run as a non
> root user as pid 1 inside of a container?  Could we execute systemd-user
> to do something like that?

Currently this is not possible, but I think to making that work it
would require just minor changes. Anyway I don't want to promise
anything, so can we postpone this discussion to systemd conference?

Lukas

Follow-Ups:
- Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Daniel J Walsh

References:
- [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Daniel J Walsh
- Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Tobias Florek
- Re: [atomic-devel] systemd as pid 1 in an unprivileged container.
  - From: Daniel J Walsh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]