Podman: Document using rootless container with systemd

Created on 21 Aug 2019 · 5Comments · Source: containers/podman

Rootless podman works great with systemd to manage services ran as a user.
However it would be nice to add some docs for that somewhere, or tweak generate systemd for the rootless use case.

The 2 difficult points I ran into was:

the service must depends on [email protected] so the user dbus session is initialized and the /run user folder exists
KillMode=none as explained in #3657

Here is a working unit:

[Unit]
Description=nginx
[email protected]
[email protected]

[Service]
Type=simple
KillMode=none
ExecStartPre=-/usr/bin/podman rm -f nginx
ExecStartPre=/usr/bin/podman pull nginx
ExecStart=/usr/bin/podman run --name=nginx -p 8080:80 nginx
ExecStop=/usr/bin/podman stop nginx
Restart=always
User=nginx
Group=nginx

[Install]
WantedBy=multi-user.target

Source

MatMaul

All 5 comments

PRs and Blogs welcomed. :^)

rhatdan on 21 Aug 2019

😄1

Where do you think I could contribute such a doc ?

MatMaul on 21 Aug 2019

rootless_tutorial.md ?

MatMaul on 21 Aug 2019

👍1

I'd drop it in rootless_tutorial at least to start. I'd make a new section for it in that md file.

TomSweeneyRedHat on 21 Aug 2019

👍1

I think both of these could be pretty easily dropped into generate systemd as defaults based on a rootless.IsRootless() check

mheon on 3 Sep 2019

Was this page helpful?

0 / 5 - 0 ratings

Related issues

Error pulling image , Error committing the finished image: error adding layer with blob ...

juansuerogit · 5Comments

podman system service consuming 100% CPU

dmesser · 3Comments

Still get "Error: stats is not supported in rootless mode without cgroups v2" after install and config crun

hong-duc · 3Comments

`podman play kube` (rootless) does not set `command` and `args` as specfied at the k8s specs

cruwe · 3Comments

Unable to find user $USER: no matching entries in passwd file

runlevel5 · 4Comments