On 5/20/19 7:44 AM, Gordon Messmer wrote:
On 5/19/19 10:41 PM, Michael Eager wrote:
> Does anyone know why console-getty.service is masked by default?
(Where did you get the container image?)
It's a standard downloadable image using "lxc-create -t download". I
assume that this is
https://us.images.linuxcontainers.org/.
I don't know the answer, but my guess would be that a getty
doesn't
really serve a purpose in a container, since anyone who can access the
container tools can run an arbitrary process within the container,
including /bin/bash.
Getty serves the same purpose it does on real hardware: A way to log
into the system as a user (or root) and control or configure it. For
example, to set up SSH access for users who do not have root privileges
on the host system. Or to restart or shut down, not something that you
want a user to do remotely.
I looked at recent Fedora images (28, 29, 30) and they all mask getty.
CentOS 7 images don't. They treat the console in a container just the
same way that they do a real console. After boot messages, a login
prompt is displayed.
You might be right that the assumption is that configuration of a Fedora
LXC container would be done using "lxc-attach" on the host. After I
configure a container, I usually run it headless. While configuring, I
generally log in on the console. When I didn't get a console login
prompt, I thought that the Fedora container was broken.
--
Michael Eager eager(a)eagerm.com
1960 Park Blvd., Palo Alto, CA 94306