dasharo/systemd
0
0
Fork 0
mirror of https://github.com/Dasharo/systemd.git synced 2026-03-06 15:02:31 -08:00
Code Issues Packages Projects Releases Wiki Activity

nspawn: add --suppress-sync=yes mode for turning sync() and friends into NOPs via seccomp

Browse Source 
This is supposed to be used by package/image builders such as mkosi to
speed up building, since it allows us to suppress sync() inside a
container.

This does what Debian's eatmydata tool does, but for a container, and
via seccomp (instead of LD_PRELOAD).
This commit is contained in:
Lennart Poettering
2021-10-19 14:56:49 +02:00
parent 231c7645ca
commit 4a4654e024
9 changed files with 167 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
shell-completion/bash/systemd-nspawn
+1 -1
View File
@@ -63,7 +63,7 @@ _systemd_nspawn() {
local -A OPTS=(
[STANDALONE]='-h --help --version --private-network -b --boot --read-only -q --quiet --share-system
--keep-unit -n --network-veth -j -x --ephemeral -a --as-pid2 -U'
--keep-unit -n --network-veth -j -x --ephemeral -a --as-pid2 -U --suppress-sync=yes'
[ARG]='-D --directory -u --user --uuid --capability --drop-capability --link-journal --bind --bind-ro
-M --machine -S --slice -E --setenv -Z --selinux-context -L --selinux-apifs-context
--register --network-interface --network-bridge --personality -i --image --tmpfs