containers: reload fails with user namespace enabled #57087
Description
Issue description
Reloading of containers fails with:
org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
I think it's connected to #57083 because adding -U to nsenter command seem to fix an error (not 100% sure yet).
Steps to reproduce
configuration.nix:
containers.test = {
extraFlags = [ "-U" ];
config = {};
};
# systemctl start test
# systemctl reload test # hangs for a few seconds
# journalctl -M test
# systemctl status container@test.service
...
Process: 13923 ExecReload=/nix/store/agr8dhkpx995hfbgwdx43if3j0vwl242-reload-container (code=exited, status=2)
...Technical details
- system: `"x86_64-linux"`
- host os: `Linux 4.14.104, NixOS, 18.09pre-git (Jellyfish)`
- multi-user?: `yes`
- sandbox: `yes`
- version: `nix-env (Nix) 2.1.3`
- channels(root): `"nixos-server-18.09.1834.9d608a6f592, nixos-18.03"`
- nixpkgs: `/var/src/nixpkgs`