From ce38dbc84b40148026801dd29fd0ad1f1b25d3fb Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 3 Jul 2014 12:50:11 +0200 Subject: [PATCH] nspawn: when running in a service unit, use systemd for restarts THis way we can remove cgroup priviliges after setup, but get them back for the next restart, as we need it. --- src/nspawn/nspawn.c | 15 +++++++++++++++ units/systemd-nspawn@.service.in | 2 ++ 2 files changed, 17 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 656c1bf9f5..0d538c2543 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -3342,6 +3342,21 @@ int main(int argc, char *argv[]) { break; /* CONTAINER_REBOOTED, loop again */ + + if (arg_keep_unit) { + /* Special handling if we are running as a + * service: instead of simply restarting the + * machine we want to restart the entire + * service, so let's inform systemd about this + * with the special exit code 133. The service + * file uses RestartForceExitStatus=133 so + * that this results in a full nspawn + * restart. This is necessary since we might + * have cgroup parameters set we want to have + * flushed out. */ + r = 133; + break; + } } finish: diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in index e37362847a..574d0deafa 100644 --- a/units/systemd-nspawn@.service.in +++ b/units/systemd-nspawn@.service.in @@ -13,6 +13,8 @@ Documentation=man:systemd-nspawn(1) ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i KillMode=mixed Type=notify +RestartForceExitStatus=133 +SuccessExitStatus=133 [Install] WantedBy=multi-user.target