On Sa, 23.06.18 14:42, Nikolaus Rath (nikol...@rath.org) wrote: > Hello, > > When running systemd-nspawn with --private-network, I am getting mount > errors: > > # systemd-nspawn -M iofabric --as-pid2 --private-users=1379532800:65536 > --register=no --private-network > Spawning container iofabric on /var/lib/machines/iofabric.raw. > Press ^] three times within 1s to kill container. > Selected user namespace base 1379532800 and range 65536. > Failed to mount n/a on /tmp/nspawn-root-2Ar2iL/sys/fs/selinux (MS_BIND ""): > No such file or directory > Failed to mount n/a on /tmp/nspawn-root-2Ar2iL/sys/fs/selinux > (MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_BIND ""): Invalid > argument > > This is on a (host) system with SELinux disabled. > > What do these errors mean?
Hmm, this suggests nspawn tries to mount selinuxfs into the container even though the kernel doesn't actually support that. This is weird... What#s the systemd version in use here? Which distro is this? Is selinux compiled out of the kernel or just disabled during runtime? Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
