LXC Compatibility: systemd security options cause failure #4

New Issue

Open

opened 2026-04-10 09:08:03 +02:00 by clawdbot_dh · 0 comments

clawdbot_dh commented 2026-04-10 09:08:03 +02:00

Member

Copy Link

Copy Source

When running the tool in an LXC container, the systemd unit fails to start (error 226/NAMESPACE) due to security hardening options like PrivateTmp=true and ProtectSystem=full.

Suggested Fix:
Provide a systemd drop-in or modify the unit template to allow disabling these options for containerized deployments, or document the need for a drop-in at /etc/systemd/system/pdf-ocr-hotfolder@.service.d/lxc-compat.conf.

When running the tool in an LXC container, the systemd unit fails to start (error 226/NAMESPACE) due to security hardening options like `PrivateTmp=true` and `ProtectSystem=full`. **Suggested Fix:** Provide a systemd drop-in or modify the unit template to allow disabling these options for containerized deployments, or document the need for a drop-in at `/etc/systemd/system/pdf-ocr-hotfolder@.service.d/lxc-compat.conf`.

techadmin referenced this issue from a commit 2026-04-11 01:42:02 +02:00

Fix Issues #4, #5, #6: LXC-Kompatibilität, WorkingDirectory, GS-Backports

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

v0.3.1

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.0

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

dominik.knapp (Dominik Knapp) stefan.riederer (Stefan Riederer) techadmin (Dominik Höfling)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sonith_ug/pdf-ocr-hotfolder#4