Files/Directories

• /etc/systemd/nspawn/xcache.nspawn: configuration for lauching containers from the xcache image, e.g. bind mounts
• /etc/pki/rpm-gpg, /etc/yum.repos.d: yum repositories and gpg keys on the host system - used by dnf to build new images
• /var/local/mkosi: build dir to make new images with mkosi
  • mkosi.default: image definition file (distribution, packages)
  • mkosi.extra: extra files/directories to be copied into the image (yum repos, systemd service file)
  • mkosi.postinst: extra commands that are executed inside the container at the end (install extra packages not in the default repositories)

Build new image

cd /var/local/mkosi
# if not existing yet
mkdir mkosi.cache

If not done yet, install latest version of mkosi in a virtualenv

python3 -m venv .venv
source .venv/bin/activate
python3 -m pip install git+https://github.com/systemd/mkosi.git

Otherwise, just activate the virtualenv

source .venv/bin/activate

Build the image

mkosi -i -t directory -o /var/lib/machines/xcache-$(date +%Y-%m-%d-%H%M)

To start xcache with the new image create a symlink and restart

ln -s /var/lib/machines/<image-to-use> /var/lib/machines/xcache
machinectl stop xcache
machinectl start xcache

Get shell in running container

Workaround from https://unix.stackexchange.com/questions/238478/how-to-run-a-command-inside-a-running-systemd-container/391671#391671
(in newer versions of systemd one could use machinectl shell but that might also require newer versions of systemd inside the container)

nsenter --target=$(machinectl show --property Leader xcache | sed "s/^Leader=//") --mount --uts --ipc --net --pid