nspawn: when running in a service unit, use systemd for restarts

THis way we can remove cgroup priviliges after setup, but get them back for the next restart, as we need it.
2014-07-03 12:50:11 +02:00 · 2014-07-03 12:50:11 +02:00 · ce38dbc84b
parent 206e7a5f7b
commit ce38dbc84b
2 changed files with 17 additions and 0 deletions
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@ -3342,6 +3342,21 @@ int main(int argc, char *argv[]) {
                        break;

                /* CONTAINER_REBOOTED, loop again */
+
+                if (arg_keep_unit) {
+                        /* Special handling if we are running as a
+                         * service: instead of simply restarting the
+                         * machine we want to restart the entire
+                         * service, so let's inform systemd about this
+                         * with the special exit code 133. The service
+                         * file uses RestartForceExitStatus=133 so
+                         * that this results in a full nspawn
+                         * restart. This is necessary since we might
+                         * have cgroup parameters set we want to have
+                         * flushed out. */
+                        r = 133;
+                        break;
+                }
        }

 finish:
--- a/units/systemd-nspawn@.service.in
+++ b/units/systemd-nspawn@.service.in
@ -13,6 +13,8 @@ Documentation=man:systemd-nspawn(1)
 ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i
 KillMode=mixed
 Type=notify
+RestartForceExitStatus=133
+SuccessExitStatus=133

 [Install]
 WantedBy=multi-user.target