summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-06-01 17:44:37 -0400
committerJoey Hess2015-06-01 17:44:37 -0400
commitb4503a782bfafd5b08c51f00e4c90539cae34009 (patch)
tree73454662f22ecdd3795c8aaf5b6f06174ed44110
parent317e2ab6944c2a889f5ccb8f34c83b822c741d60 (diff)
explicitly speciy params for systemd-nspawn ExecStart
It was using whatever was in /lib/systemd/system/systemd-nspawn@.service, but systemd 220 added --network-veth to that, which can break existing setups. So don't do that.
-rw-r--r--src/Propellor/Property/Systemd.hs12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs
index ea8c994e..87290fc0 100644
--- a/src/Propellor/Property/Systemd.hs
+++ b/src/Propellor/Property/Systemd.hs
@@ -202,8 +202,14 @@ nspawnService (Container name _ _) cfg = setup <!> teardown
return $ unlines $
"# deployed by propellor" : map addparams ls
addparams l
- | "ExecStart=" `isPrefixOf` l =
- l ++ " " ++ unwords (nspawnServiceParams cfg)
+ | "ExecStart=" `isPrefixOf` l = unwords $
+ [ "ExecStart = /usr/bin/systemd-nspawn"
+ , "--quiet"
+ , "--keep-unit"
+ , "--boot"
+ , "--link-journal=try-guest"
+ , "--directory=/var/lib/container/%i"
+ ] ++ nspawnServiceParams cfg
| otherwise = l
goodservicefile = (==)
@@ -290,8 +296,6 @@ containerCfg p = RevertableProperty (mk True) (mk False)
('-':_) -> p
_ -> "--" ++ p
-
-
-- | Bind mounts </etc/resolv.conf> from the host into the container.
--
-- This property is enabled by default. Revert it to disable it.