On Wed, 22.04.15 16:31, Tobias Hunger (tobias.hun...@gmail.com) wrote: > On Wed, Apr 22, 2015 at 4:04 PM, Lennart Poettering > <lenn...@poettering.net> wrote: > > Well, if that's what it says, then yes. We can certainly add support > > for manipulating nft too, but so far the APIs fo that appeared much > > less convincing to me, and quite a bit more exotic. > > The user space tools for nft are much nicer than iptables, so I think > they do provide a significant benefit. I would appreciate not having > to go back to iptables:-) > > The exact command line I am running is this (straight out of systemctl > cat systemd-nspawn@vm.service, *THANKS* to whoever implemented that!): > > ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --ephemeral \ > --machine=vm \ > --network-veth \ > --bind=/mnt/raid0/data/ftp:/mnt/ftp > > /var/lib/machines is a normal read-write btrfs snapshot. vm is a > read-only snapshot. > > It starts fine when vm is read-write.
OK, I think I fixed this now, please check: http://cgit.freedesktop.org/systemd/systemd/commit/?id=aee327b8169670986f6a48acbd5ffe1355bfcf27 Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel