Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [systemd-nspawn]

For questions pertaining to systemd-nspawn, a utility to spawn a command or OS in a light-weight container. Use this tag for questions about systemd-nspawn itself, using systemd-nspawn, or questions about issues arising inside a container spawned by systemd-nspawn where that is significant.

systemd-nspawn is an implementation of a light-weight utility for quickly getting namespaced containers up and running, which unlike a chroot can boot a full Linux operating system. By default, it sets up new IPC, mount, PID, and UTS namespaces for the container.

systemd-nspawn implements the Container Interface specification.

It should not be relied on for security as that is not one of its goals.

60 questions
13
votes
1 answer

How can I make a device available inside a systemd-nspawn container with user namespacing?

I would like to mount an encrypted image file using cryptsetup inside a systemd-nspawn container. However, I get this error message: [root@container ~]# echo $key | cryptsetup -d - open luks.img luks Cannot initialize device-mapper. Is dm_mod kernel…
sjy
  • 826
  • 8
  • 22
8
votes
0 answers

systemd-nspawn: how to allow access to all devices?

I'm trying to create a rough equivalent of Docker's --privileged in a systemd container, but I've got no idea how to allow the container to access all of the devices available on the host (without manually enumerating them). I came across Access usb…
goyozi
  • 151
  • 1
  • 8
8
votes
2 answers

How do I background a systemd-nspawn container?

I use systemd-nspawn to run a few containers. I can have them started in the background using systemctl start systemd-nspawn@foo. On occasion, however, I start with systemd-nspawn -bD foo. I couldn't find any way to send it to the background.…
muru
  • 69,900
  • 13
  • 192
  • 292
6
votes
1 answer

Why does `systemd-nspawn -n` network namespace not show in `ip netns list`?

tl;dr Linux has namespaces, in particular, network namespaces. It seems the namespace supposedly created via the -n flag when running systemd-nspwawn does not show up when employing ip netns list (neither in the host nor in the supposedly created…
humanityANDpeace
  • 13,722
  • 13
  • 61
  • 107
6
votes
2 answers

systemd-nspawn OS container is unusable because I can't set the root password

I combined the detailed instructions from the original blog post, and the more up to date instructions from the man page (using dnf instead of yum). # sudo dnf -y --releasever=24 --installroot=$HOME/fedora-24 --disablerepo='*' --enablerepo=fedora…
sourcejedi
  • 48,311
  • 17
  • 143
  • 296
5
votes
1 answer

Access usb device from systemd-nspawn container

I want to access special USB device (not a simple flash drive) from inside container. I bind /dev/bus/usb inside container, lsusb lists USBs effortlessly: $ lsusb ... Bus 002 Device 002: ID 0a89:0009 ... but my program can't interact with this…
MadRunner
  • 501
  • 4
  • 12
4
votes
1 answer

Why systemd-nspawn is slower than docker,podman and qemu?! how to Improve nspawn performance?

Why nspawn is slow compared to docker podman and even qemu?! CPU tasks take twice of the time it takes in docker, podman or qemu Here is a benchmark test I did: First I disabled all the spectre/meltdown mitigations in the host kernel (and the qemu…
Badr Elmers
  • 432
  • 6
  • 13
4
votes
2 answers

How to debootstrap Centos?

Is there a way to create a Centos system inside a chroot using something similar to debootstrap for Debian/Ubuntu? I’d need it for a container project where Docker is NOT a solution(I’d use systemd containers). Unfortunately, I’m unable to find…
icebit
  • 205
  • 2
  • 8
4
votes
1 answer

systemd-nspawn container with separate IP address (network namespace) not working

Looking at the documentation for systemd-nspawn, it must have been intended to have a very user-friendly way to launch containers in a different network namespace. You use the -n option, and simply enable systemd-networkd.service on both ends. The…
sourcejedi
  • 48,311
  • 17
  • 143
  • 296
4
votes
1 answer

How to start a program in a container as a service using systemd-nspawn, systemd-run?

How do I run a listening program (specifically unoconv as a listener) inside a container using systemd-nspawn, so that it can run in the background (without a console) and be reached by other processes? For example in a perfect world it would be as…
Drgabble
  • 91
  • 5
4
votes
1 answer

How can I detect if a system is running inside a systemd-nspawn container?

Quite recently I started using systemd-nspawn to set up other OS instances on my Arch box. One thing I'd like to do is detect if I'm inside a container, and if so, add the distro name (from lsb_release) to the terminal title. On Debian-based…
muru
  • 69,900
  • 13
  • 192
  • 292
3
votes
1 answer

How do I wait for a systemd-nspawn container to boot?

I have a script that contains the following: sudo machinectl start "$machinename" sudo systemd-run -PM root@"$machinename" "$command" Failed to connect to bus: No such file or directory Failed to start transient service unit: Transport endpoint is…
25pwn
  • 33
  • 3
3
votes
1 answer

Start Desktop Environment From Chroot

Is it possible to start a desktop environment entirely in systemd-nspawn or chroot? I want to be able to boot to a console, then optionally enter a chroot and launch Gnome or another desktop environment.
grandinero
  • 131
  • 4
3
votes
0 answers

hostnamectl fails with “Connection timed out” when running inside a systemd-nspawn container

I’m using systemd-nspawn and qemu-arm-static to boot into a Raspberry Pi OS image to apply customizations to the stock image before flashing it onto an SD card. The host machine is Ubuntu 20.10 (systemd version: 246.6-1ubuntu1) The guest OS is…
aaronk6
  • 141
  • 1
  • 7
3
votes
1 answer

PLATFORM variable for qemu / system-nspawn

I'm customizing a Raspbian installation using qemu, i.e.: systemd-nspawn -q --bind /usr/bin/qemu-arm-static -D $MOUNTPATH /bin/bash << EOF DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND apt-get install -y samba EOF My host machine runs…
Mark
  • 677
  • 1
  • 10
  • 24
1
2 3 4