[Lxc-users] [systemd-devel] Unable to run systemd in an LXC / cgroup container.

Michael H. Warfield mhw at WittsEnd.com
Wed Dec 5 17:38:57 UTC 2012


On Wed, 2012-12-05 at 11:09 -0600, Serge Hallyn wrote:
> Quoting Michael H. Warfield (mhw at WittsEnd.com):

> > You have to add an option to the config file for your systemd
> > containers.
> > 
> > lxc.autodev = 1

> Phrasing it this way makes me wonder, should lxc look for
> '$rootfs/dev/console' and automatically set lxc.autodev if
> that is not found?

I'm of two minds here (which, in my case, is a reduction in force and
those two minds are going "where did everybody go?").

That might be an idea for jogging the default.  If you don't have
'$rootfs/dev/console' then set it.  In that obvious case, you need it.
If you do have it, obey what's on the config file?

We have a bit of a chicken and egg situation.  It's not just auto
populating /dev but it's also mounting a ramfs partition on it.  I'm not
sure I'm comfortable with the level of random acts of terrorism that
systemd has proven to be capable of if someone accidentally leaves
a .../dev/console in their file system so we don't then mount ramfs on
dev and we don't then auto populate dev.

But...  The same situation exists if the user doesn't manually provide
the autodev option.  But...  I would not want us to switch based on the
existence of systemd either.

Maybe there is some other way we can autodetect this that doesn't depend
on those static devices?

Overall, I like that idea.  It helps idiot proof the configuration
better.

> (Right now if lxc.autodev is 1 then the tmpfs /dev is mounted
> before all the lxc.mount.entries and /var/lib/lxc/$c/fstab
> entries, but I can't right now think of a reason why it has
> to stay that way.  If we were to always set lxc.autodev if
> /dev is empty, we'd want to make sure any separate /dev has
> been mounted, of course.)

Concur.  I think this is a good idea, we just have to watch some of the
corner cases.  The one I fear the most is the one where someone (ME!)
does a yum upgrade of a container that then becomes systemd (F14 -> F15)
where it use to be Upstart with a static /dev populated.  Boom.  Flash
of light, mushroom cloud on the horizon.  But, again, if I don't fix the
bloody config, I'm screwed as well.  Self inflicted injury.  I see that.

I don't see a downside to adding it.  I'm just a little nudgey about
relying on it.  On the balance...  I'm in favor, yeah.

> -serge

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20121205/e299d792/attachment.pgp>


More information about the lxc-users mailing list