top | item 43125596

(no title)

I used nspawn to get a system running in the most ridiculous way.

A debian aarch64 vm on kvm starting a systemd-nspawn for an unpacked raspberry pi 3 iso.

It works way too well judging by how ridiculous it was.

Still saved me a few days instead of setting things up myself.

I actually liked how easy it is to spin up nspawn as a systemd service

  [Unit]
  Description=Raspberry Image Machine
  After=multi-user.target

  [Service]
  Type=simple
  User=root

  ExecStart=/usr/bin/systemd-nspawn -D /mnt/ /sbin/init

  [Install]
  WantedBy=multi-user.target

discuss

vaylian|1 year ago

You might want to look into .nspawn files instead. Then you can also manage your nspawn-containers with the machinectl command.

See man 5 systemd.nspawn

And many command like systemctl and journalctl accept the -M parameter, which allows you to query systemd units inside your nspawn-containers from the host.

edit: The article actually explains all of these things in more detail.

i_v|1 year ago

I used to use qemu-user-static to run ARM Linux distros like Buildroot, Yocto, and Raspbian on x88_64. It worked surprisingly well! Outside of some minor bugs here and there, it was perfect for local development, emulating an embedded system I was working on.

Vilian|1 year ago

Why run the Debian VM? Just use nspawn directly

Imustaskforhelp|1 year ago

hmm this is very interesting.

I am wondering though? Is there something like systemd-nspawn that doesn't require root?

vlowrian|1 year ago

If file system level isolation is enough for you, take a loot at schroot (https://linux.die.net/man/1/schroot) which allows root-less chroot. You can use something like debootstrap to get a complete userland into a user controlled directory and use schroot to chroot into it without root level access.

derobert|1 year ago

It looks like systemd-nspawn is gaining rootless support, see https://github.com/systemd/systemd/issues/30239

Until then, I'm not sure if there is anything lightweight. If you don't need lightweight, there is Podman.

1oooqooq|1 year ago

all containers require root.

docker and the rootless nonsense is just root daemons and suid.

...would never have believed marketing lies would reach linux tools if anyone told me this before 2018.