On Mon, Feb 17, 2020 at 2:24 PM Nikos Chantziaras <rea...@gmail.com> wrote: > > On 17/02/2020 21:05, Rich Freeman wrote: > > I wouldn't use a chroot for anything at this point - anything you can > > do with one you can do just as easily with a container, with more > > separation. They're just as easy to set up as well - I personally use > > nspawn to run my containers but I'm sure lxc is almost as simple and > > of course it doesn't require running systemd. > > nspawn seems very nice indeed. Haven't used it before, and that's simply > because I never heard of it :-) Now that I did, it looks like it's what > I'll be using from now on: > > https://wiki.archlinux.org/index.php/Systemd-nspawn
Well, if you decide to play with it I'll offer up: https://rich0gentoo.wordpress.com/2014/07/14/quick-systemd-nspawn-guide/ That, and: ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/path/to/container/root --network-bridge=<brname> KillMode=mixed Type=notify Though, if I didn't already have this recipe handy I'd be using nspawn units I suppose. Oh, this does require a bridge for your networking. If you're using KVM you probably already have one set up - the approach is identical. Rich
