How to run a command inside a running systemd container
Clash Royale CLAN TAG#URR8PPP
up vote
6
down vote
favorite
I have a systemd
container running, and I can login into it with machinectl login <container>
. How can I execute a command inside the container directly, i.e. without first logging in, executing the command, and then logging out?
Another way to put it is that I'm looking for the systemd
equivalent of:
$ docker exec <container> <command>
or
$ ssh <host> <command>
systemd containers
add a comment |Â
up vote
6
down vote
favorite
I have a systemd
container running, and I can login into it with machinectl login <container>
. How can I execute a command inside the container directly, i.e. without first logging in, executing the command, and then logging out?
Another way to put it is that I'm looking for the systemd
equivalent of:
$ docker exec <container> <command>
or
$ ssh <host> <command>
systemd containers
1
Run asshd
or something that keeps listening inside then. Or letexpect
get the password-input job done.
â Arthur2e5
Oct 25 '15 at 9:13
Both suggestions sound like workarounds for something that should be possible directly. But maybesystemd
just isn't there yet. A smallexpect
script gets the job done nicely. Thanks, @Arthur2e5.
â Ilari Scheinin
Oct 26 '15 at 11:30
To be honest, I often treat a container as a real machine and I runsshd
on say, port 61022 inside.
â Arthur2e5
Oct 26 '15 at 12:36
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15
add a comment |Â
up vote
6
down vote
favorite
up vote
6
down vote
favorite
I have a systemd
container running, and I can login into it with machinectl login <container>
. How can I execute a command inside the container directly, i.e. without first logging in, executing the command, and then logging out?
Another way to put it is that I'm looking for the systemd
equivalent of:
$ docker exec <container> <command>
or
$ ssh <host> <command>
systemd containers
I have a systemd
container running, and I can login into it with machinectl login <container>
. How can I execute a command inside the container directly, i.e. without first logging in, executing the command, and then logging out?
Another way to put it is that I'm looking for the systemd
equivalent of:
$ docker exec <container> <command>
or
$ ssh <host> <command>
systemd containers
edited Jul 22 at 4:17
slmâ¦
237k65486659
237k65486659
asked Oct 25 '15 at 9:02
Ilari Scheinin
19317
19317
1
Run asshd
or something that keeps listening inside then. Or letexpect
get the password-input job done.
â Arthur2e5
Oct 25 '15 at 9:13
Both suggestions sound like workarounds for something that should be possible directly. But maybesystemd
just isn't there yet. A smallexpect
script gets the job done nicely. Thanks, @Arthur2e5.
â Ilari Scheinin
Oct 26 '15 at 11:30
To be honest, I often treat a container as a real machine and I runsshd
on say, port 61022 inside.
â Arthur2e5
Oct 26 '15 at 12:36
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15
add a comment |Â
1
Run asshd
or something that keeps listening inside then. Or letexpect
get the password-input job done.
â Arthur2e5
Oct 25 '15 at 9:13
Both suggestions sound like workarounds for something that should be possible directly. But maybesystemd
just isn't there yet. A smallexpect
script gets the job done nicely. Thanks, @Arthur2e5.
â Ilari Scheinin
Oct 26 '15 at 11:30
To be honest, I often treat a container as a real machine and I runsshd
on say, port 61022 inside.
â Arthur2e5
Oct 26 '15 at 12:36
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15
1
1
Run a
sshd
or something that keeps listening inside then. Or let expect
get the password-input job done.â Arthur2e5
Oct 25 '15 at 9:13
Run a
sshd
or something that keeps listening inside then. Or let expect
get the password-input job done.â Arthur2e5
Oct 25 '15 at 9:13
Both suggestions sound like workarounds for something that should be possible directly. But maybe
systemd
just isn't there yet. A small expect
script gets the job done nicely. Thanks, @Arthur2e5.â Ilari Scheinin
Oct 26 '15 at 11:30
Both suggestions sound like workarounds for something that should be possible directly. But maybe
systemd
just isn't there yet. A small expect
script gets the job done nicely. Thanks, @Arthur2e5.â Ilari Scheinin
Oct 26 '15 at 11:30
To be honest, I often treat a container as a real machine and I run
sshd
on say, port 61022 inside.â Arthur2e5
Oct 26 '15 at 12:36
To be honest, I often treat a container as a real machine and I run
sshd
on say, port 61022 inside.â Arthur2e5
Oct 26 '15 at 12:36
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
4
down vote
accepted
Try systemd-run
:
# systemd-nspawn -D <machine-root> -b 3 --link-journal host
# systemd-run --machine <machine-name> env
Running as unit run-1356.service.
# journalctl --machine <machine-name> -u run-1356 -b -q
Oct 30 07:45:09 jessie-64 systemd[1]: Started /usr/bin/env.
Oct 30 07:45:09 jessie-64 env[37]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Excerpt from the manpage:
Use shell (see below) or systemd-run(1) with the --machine= switch to directly invoke a single command, either interactively or in the background.
(The command shell
available since v225)
Thanks. I have v215, so don't haveshell
, butsystemd-run
works. This I find weird though: Insystemd-run [OPTIONS...] COMMAND [ARGS...]
, if forCOMMAND
I use the path inside the container, I (immediately) get an error sayingFailed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (throughjournalctl
) get an error sayingFailed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use/bin/sh /container/path.sh
, but there must be a "correct" way.
â Ilari Scheinin
Nov 2 '15 at 8:25
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
add a comment |Â
up vote
1
down vote
For systems without machinectl shell
(e.g. systemd v219 on CentOS 7 Atomic) or during situations where machinectl login
fails for any reason, you can get a shell or run commands directly using nsenter
:
Example:
$ nsenter
--target=$(machinectl show --property Leader ipsec-libreswan | sed "s/^Leader=//")
--mount --uts --ipc --net --pid
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
accepted
Try systemd-run
:
# systemd-nspawn -D <machine-root> -b 3 --link-journal host
# systemd-run --machine <machine-name> env
Running as unit run-1356.service.
# journalctl --machine <machine-name> -u run-1356 -b -q
Oct 30 07:45:09 jessie-64 systemd[1]: Started /usr/bin/env.
Oct 30 07:45:09 jessie-64 env[37]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Excerpt from the manpage:
Use shell (see below) or systemd-run(1) with the --machine= switch to directly invoke a single command, either interactively or in the background.
(The command shell
available since v225)
Thanks. I have v215, so don't haveshell
, butsystemd-run
works. This I find weird though: Insystemd-run [OPTIONS...] COMMAND [ARGS...]
, if forCOMMAND
I use the path inside the container, I (immediately) get an error sayingFailed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (throughjournalctl
) get an error sayingFailed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use/bin/sh /container/path.sh
, but there must be a "correct" way.
â Ilari Scheinin
Nov 2 '15 at 8:25
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
add a comment |Â
up vote
4
down vote
accepted
Try systemd-run
:
# systemd-nspawn -D <machine-root> -b 3 --link-journal host
# systemd-run --machine <machine-name> env
Running as unit run-1356.service.
# journalctl --machine <machine-name> -u run-1356 -b -q
Oct 30 07:45:09 jessie-64 systemd[1]: Started /usr/bin/env.
Oct 30 07:45:09 jessie-64 env[37]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Excerpt from the manpage:
Use shell (see below) or systemd-run(1) with the --machine= switch to directly invoke a single command, either interactively or in the background.
(The command shell
available since v225)
Thanks. I have v215, so don't haveshell
, butsystemd-run
works. This I find weird though: Insystemd-run [OPTIONS...] COMMAND [ARGS...]
, if forCOMMAND
I use the path inside the container, I (immediately) get an error sayingFailed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (throughjournalctl
) get an error sayingFailed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use/bin/sh /container/path.sh
, but there must be a "correct" way.
â Ilari Scheinin
Nov 2 '15 at 8:25
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
add a comment |Â
up vote
4
down vote
accepted
up vote
4
down vote
accepted
Try systemd-run
:
# systemd-nspawn -D <machine-root> -b 3 --link-journal host
# systemd-run --machine <machine-name> env
Running as unit run-1356.service.
# journalctl --machine <machine-name> -u run-1356 -b -q
Oct 30 07:45:09 jessie-64 systemd[1]: Started /usr/bin/env.
Oct 30 07:45:09 jessie-64 env[37]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Excerpt from the manpage:
Use shell (see below) or systemd-run(1) with the --machine= switch to directly invoke a single command, either interactively or in the background.
(The command shell
available since v225)
Try systemd-run
:
# systemd-nspawn -D <machine-root> -b 3 --link-journal host
# systemd-run --machine <machine-name> env
Running as unit run-1356.service.
# journalctl --machine <machine-name> -u run-1356 -b -q
Oct 30 07:45:09 jessie-64 systemd[1]: Started /usr/bin/env.
Oct 30 07:45:09 jessie-64 env[37]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Excerpt from the manpage:
Use shell (see below) or systemd-run(1) with the --machine= switch to directly invoke a single command, either interactively or in the background.
(The command shell
available since v225)
answered Oct 30 '15 at 4:56
Evgeny Vereshchagin
3,05242134
3,05242134
Thanks. I have v215, so don't haveshell
, butsystemd-run
works. This I find weird though: Insystemd-run [OPTIONS...] COMMAND [ARGS...]
, if forCOMMAND
I use the path inside the container, I (immediately) get an error sayingFailed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (throughjournalctl
) get an error sayingFailed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use/bin/sh /container/path.sh
, but there must be a "correct" way.
â Ilari Scheinin
Nov 2 '15 at 8:25
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
add a comment |Â
Thanks. I have v215, so don't haveshell
, butsystemd-run
works. This I find weird though: Insystemd-run [OPTIONS...] COMMAND [ARGS...]
, if forCOMMAND
I use the path inside the container, I (immediately) get an error sayingFailed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (throughjournalctl
) get an error sayingFailed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use/bin/sh /container/path.sh
, but there must be a "correct" way.
â Ilari Scheinin
Nov 2 '15 at 8:25
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
Thanks. I have v215, so don't have
shell
, but systemd-run
works. This I find weird though: In systemd-run [OPTIONS...] COMMAND [ARGS...]
, if for COMMAND
I use the path inside the container, I (immediately) get an error saying Failed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (through journalctl
) get an error saying Failed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use /bin/sh /container/path.sh
, but there must be a "correct" way.â Ilari Scheinin
Nov 2 '15 at 8:25
Thanks. I have v215, so don't have
shell
, but systemd-run
works. This I find weird though: In systemd-run [OPTIONS...] COMMAND [ARGS...]
, if for COMMAND
I use the path inside the container, I (immediately) get an error saying Failed to find executable /container/path.sh: No such file or directory
. And if I give the full host path, I (through journalctl
) get an error saying Failed at step EXEC spawning /var/lib/machines/<container>/container/path.sh: No such file or directory
. Since mine is a shell script, I can use /bin/sh /container/path.sh
, but there must be a "correct" way.â Ilari Scheinin
Nov 2 '15 at 8:25
1
1
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
@IlariScheinin, that was fixed: "It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could."
â Evgeny Vereshchagin
Nov 2 '15 at 8:59
add a comment |Â
up vote
1
down vote
For systems without machinectl shell
(e.g. systemd v219 on CentOS 7 Atomic) or during situations where machinectl login
fails for any reason, you can get a shell or run commands directly using nsenter
:
Example:
$ nsenter
--target=$(machinectl show --property Leader ipsec-libreswan | sed "s/^Leader=//")
--mount --uts --ipc --net --pid
add a comment |Â
up vote
1
down vote
For systems without machinectl shell
(e.g. systemd v219 on CentOS 7 Atomic) or during situations where machinectl login
fails for any reason, you can get a shell or run commands directly using nsenter
:
Example:
$ nsenter
--target=$(machinectl show --property Leader ipsec-libreswan | sed "s/^Leader=//")
--mount --uts --ipc --net --pid
add a comment |Â
up vote
1
down vote
up vote
1
down vote
For systems without machinectl shell
(e.g. systemd v219 on CentOS 7 Atomic) or during situations where machinectl login
fails for any reason, you can get a shell or run commands directly using nsenter
:
Example:
$ nsenter
--target=$(machinectl show --property Leader ipsec-libreswan | sed "s/^Leader=//")
--mount --uts --ipc --net --pid
For systems without machinectl shell
(e.g. systemd v219 on CentOS 7 Atomic) or during situations where machinectl login
fails for any reason, you can get a shell or run commands directly using nsenter
:
Example:
$ nsenter
--target=$(machinectl show --property Leader ipsec-libreswan | sed "s/^Leader=//")
--mount --uts --ipc --net --pid
edited Jul 22 at 4:16
slmâ¦
237k65486659
237k65486659
answered Sep 11 '17 at 19:13
jwmullally
1112
1112
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f238478%2fhow-to-run-a-command-inside-a-running-systemd-container%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Run a
sshd
or something that keeps listening inside then. Or letexpect
get the password-input job done.â Arthur2e5
Oct 25 '15 at 9:13
Both suggestions sound like workarounds for something that should be possible directly. But maybe
systemd
just isn't there yet. A smallexpect
script gets the job done nicely. Thanks, @Arthur2e5.â Ilari Scheinin
Oct 26 '15 at 11:30
To be honest, I often treat a container as a real machine and I run
sshd
on say, port 61022 inside.â Arthur2e5
Oct 26 '15 at 12:36
similar question (for others searching): unix.stackexchange.com/q/302239/4808
â dcousens
Sep 21 '17 at 8:15