On Mon, 2018-03-26 at 15:35 +0100, Daniel P. Berrangé wrote:
> This command attempted to create sandboxed containers for running
> systemd services that exist on the host. This code has proved very
> fragile, however, since it needs heuristics to figure out which dirs
> need to be made private in
This command attempted to create sandboxed containers for running
systemd services that exist on the host. This code has proved very
fragile, however, since it needs heuristics to figure out which dirs
need to be made private in the container vs shared with the host. Even
a relatively simple