[systemd-devel] Not sure if I am doing something wrong or if this is a bug.

2012-07-30 Thread Daniel J Walsh 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In containers we are blocking systemd from creating containers.  If I try to
run httpd within a container it asks for PrivateTmp and SELinux stops systemd
from setting up the PrivateTmp.  In order to get around this, I decided to try
to create a unit file based off of the httpd unit file.

 cat /etc/systemd/system/sandbox.target.wants/httpd.service
.include /usr/lib/systemd/system/httpd.service
[Service]
PrivateTmp=false


But running this within a container still blows up

# systemctl start httpd.service
Job failed. See system journal and 'systemctl status' for details.
sh-4.2# systemctl status httpd.service
httpd.service - The Apache HTTP Server
  Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)
  Active: failed (Result: exit-code) since Mon, 30 Jul 2012 17:12:37 
-0400;
15s ago
 Process: 152 ExecStop=/usr/sbin/httpd $OPTIONS -k graceful-stop
(code=exited, status=226/NAMESPACE)
 Process: 153 ExecStart=/usr/sbin/httpd $OPTIONS (code=exited,
status=226/NAMESPACE)
Main PID: 131 (code=exited, status=0/SUCCESS)
  CGroup: name=systemd:/system/libvirtd.service/system/httpd.service

Jul 30 17:12:37 apache2 httpd[153]: Failed at step NAMESPACE spawning /usr/...ed
sh-4.2#


Is this failing to see the /etc/systemd/system/httpd.service file?  Or is the
include failing?

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAW+RQACgkQrlYvE4MpobNqHwCgkj7qJJFn6t1G2cDworfpfWjq
4REAoJZ6kZeqCTu2QBZ5nj2//oAVqqdI
=du44
-END PGP SIGNATURE-
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Not sure if I am doing something wrong or if this is a bug.

2012-07-30 Thread Jóhann B. Guðmundsson 

On 07/30/2012 09:13 PM, Daniel J Walsh wrote:

Is this failing to see the /etc/systemd/system/httpd.service file?  Or is the
include failing?


Include might failing since there is currently no way to replace 
existing entry with another one.


You can easily confirm or deny if that's the case by simply copy the 
existing unit and set PrivateTmp to false


JBG
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Not sure if I am doing something wrong or if this is a bug.

2012-07-30 Thread Mathieu Bridon 
On Mon, 2012-07-30 at 21:49 +, Jóhann B. Guðmundsson wrote:
 On 07/30/2012 09:13 PM, Daniel J Walsh wrote:
  Is this failing to see the /etc/systemd/system/httpd.service file?  Or is 
  the
  include failing?
 
 Include might failing since there is currently no way to replace 
 existing entry with another one.
 
 You can easily confirm or deny if that's the case by simply copy the 
 existing unit and set PrivateTmp to false

You can also run systemctl show httpd.service

It should show you both the full path to the unit file (so you can make
sure that the one in /etc is used) as well as the value of PrivateTmp.

I'm sure you did, but just to be extra cautious: did you daemon-reload
after adding the file in /etc?


-- 
Mathieu


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel