nsjail icon indicating copy to clipboard operation
nsjail copied to clipboard

Published 20 hours ago verified publisher icon google

nsjail + systemd

Open farconada opened this issue 8 years ago • 2 comments

Question of use

what's the best way to integrate nsjail with systemd? systemd has some features that overlaps with nsjail and could conflict ideas:

  • nsjail as setuid, capabilities?
  • systemd unit running as root
  • dont use systemd security features at all
  • ....

farconada avatar May 20 '17 11:05 farconada

Hm.. I haven't researched the topic. If you feel like it could be an useful feature, feel free to implement something or create a doc, though running it as set-uid might requiring reviewing the code for this use-case.

robertswiecki avatar May 21 '17 18:05 robertswiecki

I'm playing with it and I'll post here. I think that systemd is an essential piece of the puzzle. I want to run sandboxed services so nsjail is fom sandbox and systemd for running services.

farconada avatar May 22 '17 19:05 farconada