summaryrefslogtreecommitdiff
path: root/src/shared/seccomp-util.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-07-21 18:53:40 +0200
committerLennart Poettering <lennart@poettering.net>2016-07-22 12:59:36 +0200
commit317feb4d9f84cf177aa71496b214bcbbf9682750 (patch)
tree40baa7349ee28eb8adf570cd82106d7447117c56 /src/shared/seccomp-util.c
parent2a6736ddd080674170e9b9fe225009a0476c68e1 (diff)
nspawn: rework /etc/machine-id handling
With this change we'll no longer write to /etc/machine-id from nspawn, as that breaks the --volatile= operation, as it ensures the image is never considered in "first boot", since that's bound to the pre-existance of /etc/machine-id. The new logic works like this: - If /etc/machine-id already exists in the container, it is read by nspawn and exposed in "machinectl status" and friends. - If the file doesn't exist yet, but --uuid= is passed on the nspawn cmdline, this UUID is passed in $container_uuid to PID 1, and PID 1 is then expected to persist this to /etc/machine-id for future boots (which systemd already does). - If the file doesn#t exist yet, and no --uuid= is passed a random UUID is generated and passed via $container_uuid. The result is that /etc/machine-id is never initialized by nspawn itself, thus unbreaking the volatile mode. However still the machine ID configured in the machine always matches nspawn's and thus machined's idea of it. Fixes: #3611
Diffstat (limited to 'src/shared/seccomp-util.c')
0 files changed, 0 insertions, 0 deletions