<para>As a safety check
<command>systemd-nspawn</command> will verify the
- existence of <filename>/etc/os-release</filename> in
- the container tree before starting the container (see
+ existence of <filename>/usr/lib/os-release</filename>
+ or <filename>/etc/os-release</filename> in the
+ container tree before starting the container (see
<citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>). It
might be necessary to add this file to the container
tree manually if the OS of the container is too old to
<listitem><para>After transitioning
into the container, change to the
- specified user defined in the
+ specified user-defined in the
container's user database. Like all
other systemd-nspawn features, this is
not a security feature and provides
container's name (as specified with
<option>--machine=</option>), prefixed
with <literal>ve-</literal>. The
- container side of the the Ethernet
+ container side of the Ethernet
link will be named
<literal>host0</literal>. Note that
<option>--network-veth</option>
<option>--network-bridge=</option>
implies
<option>--network-veth</option>. If
- this option is used the host side of
+ this option is used, the host side of
the Ethernet link will use the
<literal>vb-</literal> prefix instead
of <literal>ve-</literal>.</para></listitem>
mounts.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--tmpfs=</option></term>
+
+ <listitem><para>Mount a tmpfs file
+ system into the container. Takes a
+ single absolute path argument that
+ specifies where to mount the tmpfs
+ instance to (in which case the
+ directory access mode will be chosen
+ as 0755, owned by root/root), or
+ optionally a colon-separated pair of
+ path and mount option string, that is
+ used for mounting (in which case the
+ kernel default for access mode and
+ owner will be chosen, unless otherwise
+ specified). This option is
+ particularly useful for mounting
+ directories such as
+ <filename>/var</filename> as tmpfs, to
+ allow state-less systems, in
+ particular when combined with
+ <option>--read-only</option>.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>--setenv=</option></term>
<literal>x86</literal> and
<literal>x86-64</literal> are
supported. This is useful when running
- a 32bit container on a 64bit
- host. If this setting is not used
+ a 32-bit container on a 64-bit
+ host. If this setting is not used,
the personality reported in the
container is the same as the one
reported on the