cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

explicitly speciy params for systemd-nspawn ExecStart 

It was using whatever was in /lib/systemd/system/systemd-nspawn@.service,
but systemd 220 added --network-veth to that, which can break existing
setups. So don't do that.
This commit is contained in:
Joey Hess 2015-06-01 17:44:37 -04:00
parent 317e2ab694
commit b4503a782b
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/Propellor/Property/Systemd.hs
View File

@ -202,8 +202,14 @@ nspawnService (Container name _ _) cfg = setup <!> teardown
return $ unlines $ return $ unlines $
"# deployed by propellor" : map addparams ls "# deployed by propellor" : map addparams ls
addparams l addparams l
| "ExecStart=" `isPrefixOf` l = | "ExecStart=" `isPrefixOf` l = unwords $
l ++ " " ++ unwords (nspawnServiceParams cfg) [ "ExecStart = /usr/bin/systemd-nspawn"
, "--quiet"
, "--keep-unit"
, "--boot"
, "--link-journal=try-guest"
, "--directory=/var/lib/container/%i"
] ++ nspawnServiceParams cfg
| otherwise = l | otherwise = l
goodservicefile = (==) goodservicefile = (==)
@ -290,8 +296,6 @@ containerCfg p = RevertableProperty (mk True) (mk False)
('-':_) -> p ('-':_) -> p
_ -> "--" ++ p _ -> "--" ++ p
-- | Bind mounts </etc/resolv.conf> from the host into the container. -- | Bind mounts </etc/resolv.conf> from the host into the container.
-- --
-- This property is enabled by default. Revert it to disable it. -- This property is enabled by default. Revert it to disable it.