- nspawn: maybe add a way to drop additional caps, in addition to add additional caps
- nspawn: maybe explicitly reset loginuid?
- nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context
+ - refuses to boot containers without /etc/machine-id (OK?), and with empty /etc/machine-id (not OK).
* cryptsetup:
- cryptsetup-generator: allow specification of passwords in crypttab itself
boots an OS in a namespace container in it.</para>
</refsect1>
+ <refsect1>
+ <title>Example 4</title>
+
+ <programlisting># mv ~/arch-tree /var/lib/container/arch
+# systemctl enable systemd-nspawn@arch.service
+# systemctl start systemd-nspawn@arch.service</programlisting>
+
+ <para>This makes the Arch Linux container part of the
+ <filename>multi-user.target</filename> on the host.
+ </para>
+ </refsect1>
+
<refsect1>
<title>Exit status</title>