units: set ConditionVirtualization=!private-users on journald audit socket (#6508)

It fails to start in an unprivileged container as audit is not namespace aware.
author: Dimitri John Ledkov <xnox@ubuntu.com> 2017-08-02 09:15:26 +0100
committer: Martin Pitt <martinpitt@users.noreply.github.com> 2017-08-02 10:15:26 +0200
commit: d2a1ba103b4ea22764953d795c36db3d492d50c9 (patch)
tree: 2b04981b01836a14c538ed2bc162e1977ed94e07
parent: ebc6f34a0b2359ac0da41037a1122d3abe02caee (diff)
download: systemd-d2a1ba103b4ea22764953d795c36db3d492d50c9.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/units/systemd-journald-audit.socket b/units/systemd-journald-audit.socket
index 541f2cf38d..6ee86214c4 100644
--- a/units/systemd-journald-audit.socket
+++ b/units/systemd-journald-audit.socket
@@ -12,6 +12,7 @@ DefaultDependencies=no
 Before=sockets.target
 ConditionSecurity=audit
 ConditionCapability=CAP_AUDIT_READ
+ConditionVirtualization=!private-users
 
 [Socket]
 Service=systemd-journald.service
author	Dimitri John Ledkov <xnox@ubuntu.com>	2017-08-02 09:15:26 +0100
committer	Martin Pitt <martinpitt@users.noreply.github.com>	2017-08-02 10:15:26 +0200
commit	d2a1ba103b4ea22764953d795c36db3d492d50c9 (patch)
tree	2b04981b01836a14c538ed2bc162e1977ed94e07
parent	ebc6f34a0b2359ac0da41037a1122d3abe02caee (diff)
download	systemd-d2a1ba103b4ea22764953d795c36db3d492d50c9.tar.gz