You are not logged in.
- Topics: Active | Unanswered
#1 2016-12-05 21:54:27
- olive
- Member
- From: Belgium
- Registered: 2008-06-22
- Posts: 1,490
What are the system call behind systemd-nspawn.
I have read about systemd-nspawn which is a "better" chroot. But I wonder what is/.are the system calls behind this. The chroot command is a simple wrapper around the glibc chroot call. What about systemd-nspawn, what this command do at the C level? Are there "new" system call it relies upon?
Offline
#2 2016-12-06 18:07:01
- mich41
- Member
- Registered: 2012-06-22
- Posts: 796
Re: What are the system call behind systemd-nspawn.
Since nobody seems to have a better answer I can say that it probably uses some combination of namespaces, cgroups and "container" features like that. I know little about this stuff but hopefully these keywords will be useful.
You can also try strace, but it may not be particularly enlightening if the tool mainly writes some magic commands to magic files in /sys.
Last edited by mich41 (2016-12-06 18:16:49)
Offline
#3 2016-12-06 18:39:13
- Head_on_a_Stick
- Member
- From: The Wirral
- Registered: 2014-02-20
- Posts: 9,003
- Website
Re: What are the system call behind systemd-nspawn.
what is/.are the system calls behind this
See namespaces(7), all the trendy new container systems use this kernel feature 
Jin, Jîyan, Azadî
Offline
#4 2016-12-06 22:01:18
- seth
- Member
- From: Won't reply 2 private help req
- Registered: 2012-09-03
- Posts: 76,393
Re: What are the system call behind systemd-nspawn.
Which is afaiu however disable in the arch kernels because og various security concerns
https://bugs.archlinux.org/task/36969
Offline
#5 2016-12-06 22:08:39
- Head_on_a_Stick
- Member
- From: The Wirral
- Registered: 2014-02-20
- Posts: 9,003
- Website
Re: What are the system call behind systemd-nspawn.
Which is afaiu however disable in the arch kernels
I think that refers to user namespaces.
empty@Arch ~ % zgrep NAMESPACE /proc/config.gz
CONFIG_NAMESPACES=yJin, Jîyan, Azadî
Offline