[Bug 1770481] Re: core: fall back to bind-mounts for PrivateDevices= execution environments
Christian Brauner
christian.brauner at canonical.com
Fri May 11 11:14:05 UTC 2018
We just had a short discussion on systemd and for systemd 229 on 16.04
we also need:
9e5f825280192be429cc79153235d12778427fae :
https://github.com/systemd/systemd/commit/9e5f825280192be429cc79153235d12778427fae
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1770481
Title:
core: fall back to bind-mounts for PrivateDevices= execution
environments
Status in systemd package in Ubuntu:
New
Bug description:
Hey,
Currently any service that has PrivateDevices=true set will fail to
start in unprivileged containers since mknod is not possible and in
privileged containers that drop CAP_MKNOD. I pushed a patch to systemd
upstream that solves this problem and makes PrivateDevices useable in
both scenarios. It would be great if this could be backported to
Ubuntu 16.04 and 18.04. We already have a lot of users that would like
this feature enabled/don't want to edit each service file:
16498617443da94533ef9ae28be0ffaace40c526 :
https://github.com/systemd/systemd/commit/af984e137e7f53ca3e2fd885b03a25e17fdd0fad
af984e137e7f53ca3e2fd885b03a25e17fdd0fad :
https://github.com/systemd/systemd/commit/16498617443da94533ef9ae28be0ffaace40c526
Thanks!
Christian
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1770481/+subscriptions
More information about the foundations-bugs
mailing list