nspawn: add NamespacePath support for nspawn files

Commit d7bea6b6 ("nspawn: introduce an option for specifying network namespace path") already did most of the work here enabling a command line option for specifying the namespace path for a given container. Someone even took care of the merging code in merge_settings as though this already worked. All that's then needed is to add a line to the nspawn-gperf.gperf file to actually enable being able to specify NamespacePath from nspawn files as well. This greatly simplifies how we configure nspawn containers by being able to give all the options we need in .nspawn files instead of needing to also use command line parameters. Closes: #27188
2026-04-14 00:14:32 +09:00 · 2025-08-06 20:38:59 +03:00
parent 09f655ad4a
commit 113ef23264
2 changed files with 21 additions and 0 deletions
--- a/man/systemd.nspawn.xml
+++ b/man/systemd.nspawn.xml
@@ -585,6 +585,26 @@
        <xi:include href="version-info.xml" xpointer="v226"/></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><varname>NamespacePath=</varname></term>
+
+        <listitem><para>Takes the path to a file representing a kernel
+        network namespace that the container shall run in. The specified path
+        should refer to a (possibly bind-mounted) network namespace file, as
+        exposed by the kernel below <filename>/proc/$PID/ns/net</filename>.
+        This makes the container enter the given network namespace. One of the
+        typical use cases is to give a network namespace under
+        <filename>/run/netns</filename> created by <citerefentry
+        project='man-pages'><refentrytitle>ip-netns</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+        for example, <varname>NamespacePath=/run/netns/foo</varname>.
+        Note that this option cannot be used together with other
+        network-related options, such as <varname>Private=</varname>
+        or <varname>Interface=</varname>. This option corresponds to the
+        <option>--network-namespace-path</option> command line switch.</para>
+
+        <xi:include href="version-info.xml" xpointer="v259"/></listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><varname>VirtualEthernet=</varname></term>

--- a/src/nspawn/nspawn-gperf.gperf
+++ b/src/nspawn/nspawn-gperf.gperf
@@ -73,6 +73,7 @@ Files.PrivateUsersOwnership,  config_parse_userns_ownership, 0,
 Files.BindUser,               config_parse_bind_user,      0,                        offsetof(Settings, bind_user)
 Files.BindUserShell,          config_parse_bind_user_shell, 0,                       0
 Network.Private,              config_parse_tristate,       0,                        offsetof(Settings, private_network)
+Network.NamespacePath,        config_parse_path,           0,                        offsetof(Settings, network_namespace_path)
 Network.Interface,            config_parse_network_iface_pair, 0,                    offsetof(Settings, network_interfaces)
 Network.MACVLAN,              config_parse_macvlan_iface_pair, 0,                    offsetof(Settings, network_macvlan)
 Network.IPVLAN,               config_parse_ipvlan_iface_pair, 0,                     offsetof(Settings, network_ipvlan)