units: turn on user namespace by default in systemd-nspawn@.service

Now that user namespacing is supported in a pretty automatic way, actually turn
it on by default if the systemd-nspawn@.service template is used.

diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in
index 1927c4d485318a580bc191d44d5596c5cd8338ae..ea28941507d77ecfe163de00ef142c3505bd3ced 100644 (file)
--- a/units/systemd-nspawn@.service.in
+++ b/units/systemd-nspawn@.service.in
@@ -13,7 +13,7 @@ Before=machines.target
 After=network.target
 
 [Service]
-ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth --settings=override --machine=%i
+ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i
 KillMode=mixed
 Type=notify
 RestartForceExitStatus=133