From 017c8535589147158669479cbf1f02cd03dbc1e5 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Fri, 13 Oct 2017 11:41:49 +0200
Subject: FIXME

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 share/config/container.nspawn.in | 72 +++++++++++++++++++++++++++++++++-------
 1 file changed, 60 insertions(+), 12 deletions(-)

diff --git a/share/config/container.nspawn.in b/share/config/container.nspawn.in
index 322e2c9..a0c8227 100644
--- a/share/config/container.nspawn.in
+++ b/share/config/container.nspawn.in
@@ -1,23 +1,20 @@
 # container-tools: @NAME@
 
-[start]
-cnt.auto=@CNT_AUTO@
-cnt.container-server=@CNT_CONTAINER_SERVER@
-cnt.network-bridge=@CNT_NETWORK_BRIDGE@
-cnt.overlay=@CNT_OVERLAY@
-bind=@BIND@
-bind-ro=@BIND_RO@
-boot=@BOOT@
-capability=@CAPABILITY@
-directory=@DIRECTORY@
-drop-capability=@DROP_CAPABILITY@
+[Exec]
+Boot=@BOOT@
+Capability=@CAPABILITY@
+Drop-capability=@DROP_CAPABILITY@
 link-journal=@LINK_JOURNAL@
 machine=@MACHINE@
 network-veth-extra=@NETWORK_VETH_EXTRA@
 private-users=@PRIVATE_USERS@
 register=@REGISTER@
 
-[limit]
+[Files]
+bind=@BIND@
+bind-ro=@BIND_RO@
+
+
 BlockIODeviceWeight=
 BlockIOReadBandwidth=
 BlockIOWeight=
@@ -26,3 +23,54 @@ CPUQuota=
 CPUShares=
 MemoryLimit=
 TasksMax=
+
+[container-tools]
+cnt.auto=@CNT_AUTO@
+cnt.container-server=@CNT_CONTAINER_SERVER@
+cnt.network-bridge=@CNT_NETWORK_BRIDGE@
+cnt.overlay=@CNT_OVERLAY@
+
+
+@@ -1,23 +1,31 @@
+-# container-tools: @NAME@
++# systemd-nspawn @NAME@
+
+-[start]
++[Exec]
++Boot=@BOOT@
++Capability=@CAPABILITY@
++DropCapability=@DROP_CAPABILITY@
++PrivateUsers=@PRIVATE_USERS@
++
++[Files]
++Bind=@BIND@
++BindReadOnly=@BIND_RO@
++Overlay=@CNT_OVERLAY@
++
++[Network]
++VirtualEthernetExtra=
++
++# open-infrastructure-container-tools extension
++[ContainerToolsStart]
+ cnt.auto=@CNT_AUTO@
+ cnt.container-server=@CNT_CONTAINER_SERVER@
+ cnt.network-bridge=@CNT_NETWORK_BRIDGE@
+-cnt.overlay=@CNT_OVERLAY@
+-bind=@BIND@
+-bind-ro=@BIND_RO@
+-boot=@BOOT@
+-capability=@CAPABILITY@
+ directory=@DIRECTORY@
+-drop-capability=@DROP_CAPABILITY@
+ link-journal=@LINK_JOURNAL@
+ machine=@MACHINE@
+ network-veth-extra=@NETWORK_VETH_EXTRA@
+-private-users=@PRIVATE_USERS@
+ register=@REGISTER@
+
+-[limit]
++[ContainerToolsLimit]
+ BlockIODeviceWeight=
+ BlockIOReadBandwidth=
+ BlockIOWeight=
+
-- 
cgit v1.2.3