Differences between revisions 52 and 53
Revision 52 as of 2024-03-17 10:18:54
Size: 2969
Editor: Praveen A
Revision 53 as of 2024-05-26 00:18:28
Size: 3013
Editor: PaulWise
Comment: reword note about distros without mmdebstrap
Deletions are marked like this. Additions are marked like this.
Line 18: Line 18:
Note: Fedora/Arch users may install and use debootstrap instead of mmdebstrap /!\ Users of distributions that do not include apt and mmdebstrap, can install and use debootstrap instead of mmdebstrap.

See nspawn for more details of configuring systemd-nspawn containers. See Arch Linux specific tips if you have Arch Linux as host machine. For clean builds, you can install sbuild inside your container or setup sbuild on host and use the shared home option to access packaging files.

Install required packages and enable networking service

Install systemd-container and mmdebstrap packages

sudo apt install systemd-container mmdebstrap

Setup the root filesystem using mmdebstrap

sudo mmdebstrap --include=systemd-container,auto-apt-proxy,sudo unstable /var/lib/machines/debian-sid

/!\ Users of distributions that do not include apt and mmdebstrap, can install and use debootstrap instead of mmdebstrap.

Optional: If you already have apt-cacher-ng setup, then speed up the setup by running

sudo auto-apt-proxy mmdebstrap --include=systemd-container,auto-apt-proxy,sudo unstable /var/lib/machines/debian-sid

Enable systemd-networkd

sudo systemctl enable systemd-networkd
sudo systemctl start systemd-networkd

Start the container

Create /var/lib/machines/debian-sid.nspawn and add the following lines




See man 5 systemd.nspawn for more options you can add to this file.

sudo machinectl start debian-sid

To stop the container, run:

sudo machinectl stop debian-sid

See man machinectl for more options.

Use the container (get a shell inside container)

You can get a shell inside the container with the following command,

sudo machinectl shell debian-sid

Switch to normal user for packaging (Basic thumb rule of security: never use root user when you can do something as a normal user). You will need to crate this user first, see below for creating a normal user.

# su - <username>

Configure the container (add normal user and networking)

Create a normal user with sudo access (so you can get root access for specific commans with sudo - alternatively, you can exit from su for root shell)

root@debian-sid:~# adduser <username>
root@debian-sid:~# adduser <username> sudo

Enable systemd-networkd inside the container,

root@debian-sid:~# sudo systemctl enable systemd-networkd

Optional: Setup hostname in /etc/hostname (use your favorite editor). This avoids confusing the container shell with host shell (if we don't set this, hostname of the host system will be used as hostname of the container as well).


and /etc/hosts

pravi@debian-sid:~$ cat /etc/hosts       localhost debian-sid
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters