Difference between revisions of "Systemd-nspawn"

From ArchWiki
Jump to: navigation, search
(Need of audit=0 in the kernel parameters)
(7 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
[[Category:Security]]
 
Quick guide on how to create a lightweight systemd container for Arch Linux, using systemd-nspawn and pacstrap, in under 1 minute!
 
Quick guide on how to create a lightweight systemd container for Arch Linux, using systemd-nspawn and pacstrap, in under 1 minute!
  
<pre>
+
== Installation ==
pacman -S arch-install-scripts
+
 
mkdir /srv/subarch
+
pacman -S arch-install-scripts
time pacstrap -c -d /srv/subarch base
+
mkdir /srv/subarch
systemd-nspawn -bD /srv/subarch
+
pacstrap -c -d /srv/subarch base
</pre>
+
systemd-nspawn -bD /srv/subarch
 +
 
 +
You also need to add "audit=0" to the kernel parameters, as compatibility with the kernel auditing subsystem is currently broken. For more details, see the systemd-nspawn's man page.
  
 
And that's it! Log in as "root" with no password.
 
And that's it! Log in as "root" with no password.
Line 12: Line 15:
 
You can remove the kernel to save space within the container. DO NOT RUN THIS ON THE HOST!
 
You can remove the kernel to save space within the container. DO NOT RUN THIS ON THE HOST!
  
<pre>
+
pacman -Rsn linux
pacman -Rsn linux
+
 
</pre>
+
Once you're done with the container just shut it down with <code>systemctl stop machine-subarch.scope</code>. (replace "subarch" with the name of yout container)
 +
 
 +
{{Warning|"poweroff" within the container should also work, although it actually powers off the physical server.}}
  
Once you're done with the container just shut it down with <tt>poweroff</tt>
+
== See also ==
 +
* [[Linux Containers]]

Revision as of 12:35, 26 October 2013

Quick guide on how to create a lightweight systemd container for Arch Linux, using systemd-nspawn and pacstrap, in under 1 minute!

Installation

pacman -S arch-install-scripts
mkdir /srv/subarch
pacstrap -c -d /srv/subarch base
systemd-nspawn -bD /srv/subarch

You also need to add "audit=0" to the kernel parameters, as compatibility with the kernel auditing subsystem is currently broken. For more details, see the systemd-nspawn's man page.

And that's it! Log in as "root" with no password.

You can remove the kernel to save space within the container. DO NOT RUN THIS ON THE HOST!

pacman -Rsn linux

Once you're done with the container just shut it down with systemctl stop machine-subarch.scope. (replace "subarch" with the name of yout container)

Warning: "poweroff" within the container should also work, although it actually powers off the physical server.

See also