API tools faq
paste
Guest User

Untitled

a guest
Dec 1st, 2020
11
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.08 KB | None | 0 0
raw download clone embed print report
  1. # This file is part of systemd.
  2. #
  3. # systemd is free software; you can redistribute it and/or modify it
  4. # under the terms of the GNU Lesser General Public License as published by
  5. # the Free Software Foundation; either version 2.1 of the License, or
  6. # (at your option) any later version.
  7.  
  8. #################################################
  9. # $SDKPath - path to vtss-sdk on the host #
  10. # $ECOSPath - path to inzer-ecos on the host #
  11. # $CONTAINER - path to container on the host #
  12. # $USER_HOST - host user name #
  13. #################################################
  14.  
  15. [Unit]
  16. Description=Container %I
  17. Documentation=man:systemd-nspawn(1)
  18. PartOf=machines.target
  19. Before=machines.target
  20. After=network.target
  21.  
  22. [Service]
  23. ExecStart=/usr/bin/systemd-nspawn \
  24. --quiet \
  25. --keep-unit \
  26. --boot \
  27. --link-journal=try-guest \
  28. --settings=override \
  29. --directory=$CONTAINER/ \
  30. --bind=$SDKPath:/home/kisa/Code/inzer-build/vtss-sdk/ \
  31. --bind-ro=/home/$USER_HOST/.ssh:/home/kisa/.ssh \
  32. --bind-ro=/home/$USER_HOST/.vimrc:/home/kisa/.vimrc \
  33. --bind-ro=$ECOSPath/ecos/:/home/kisa/Code/inzer-build/inzer-ecos/ecos \
  34. --bind-ro=$ECOSPath/gnutools/:/home/kisa/Code/inzer-build/inzer-ecos/gnutools
  35. KillMode=mixed
  36. Type=notify
  37. RestartForceExitStatus=133
  38. SuccessExitStatus=133
  39. Slice=machine.slice
  40. Delegate=yes
  41.  
  42. # Enforce a strict device policy, similar to the one nspawn configures
  43. # when it allocates its own scope unit. Make sure to keep these
  44. # policies in sync if you change them!
  45. DevicePolicy=strict
  46. DeviceAllow=/dev/null rwm
  47. DeviceAllow=/dev/zero rwm
  48. DeviceAllow=/dev/full rwm
  49. DeviceAllow=/dev/random rwm
  50. DeviceAllow=/dev/urandom rwm
  51. DeviceAllow=/dev/tty rwm
  52. DeviceAllow=/dev/net/tun rwm
  53. DeviceAllow=/dev/pts/ptmx rw
  54. DeviceAllow=char-pts rw
  55.  
  56. # nspawn itself needs access to /dev/loop-control and /dev/loop, to
  57. # implement the --image= option. Add these here, too.
  58. DeviceAllow=/dev/loop-control rw
  59. DeviceAllow=block-loop rw
  60.  
  61. [Install]
  62. WantedBy=machines.target
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!