Description of problem: stopping privileged and SPC container running systemd services result in host os shutdown. How reproducible: 50% Steps to Reproduce: Create a systemd based container Run the container issue stop command for the container. Actual results: After some time the host will shutdown too. Expected results: Only container shutdown Additional info: it occurs more frequent in case the container is service launched by systemd on the host boot.
Well if the service asks systemd to shutdown then this can happen. What did the SPC service do? Is there a way to make it a little less sharing of the host. Did you volume mount in /run?
How are you running this container? What does the run or create line look like. The docker file you handed me just shows install and uninstall.
Please look at this repository git clone git://gerrit.ovirt.org/ovirt-container-node You will see the create command and we start the container using systemd
Could this be a process within the container sending a signal to /dev/initctl which is shared within the container and the host a message telling it to shutdown?
I assume systemd is doing this . But its systemd-container so I dont know how much it is container / host aware
Is /run shared between the container and the host?
/run/udev is shared. just in case here is my shared list -v /sys/fs/cgroup:/sys/fs/cgroup:rw \ -v /dev:/dev:rw \ -v /lib/modules:/lib/modules:ro \ -v /run/udev:/run/udev:rw \
I believe the problem is the shared /dev, and someone is communicating with /dev/initctl which is causing your machine to shutdown. You could prove this out by volume mounting something over /dev/initctl.
Anatoly any comment?
I did and then systemd broke down. It didnt even go up properly. I guess mounting empty file over is not good idea.
You could mount /dev/null over /dev/initctl and it should solve your problem.
Anatoly?