Commit 2aba426f authored by Lennart Poettering's avatar Lennart Poettering

man: document that the kernel's audit subsystem is currently incompatible with nspawn containers

parent b62ee524
......@@ -142,6 +142,16 @@
might be necessary to add this file to the container
tree manually if the OS of the container is too old to
contain this file out-of-the-box.</para>
<para>Note that the kernel auditing subsystem is
currently broken when used together with
containers. We hence recommend turning it off entirely
when using <command>systemd-nspawn</command> by
booting with <literal>audit=0</literal> on the kernel
command line, or by turning it off at kernel build
time. If auditing is enabled in the kernel operating
systems booted in an nspawn container might refuse
log-in attempts.</para>
</refsect1>
<refsect1>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment