[eulenteufel]

I really like quadlets as they enable using containers like normal system services. That said the UX for rootless containers does not play well with this conceptualization.

Normally system services run as system users in the system systemd-session, but for rootless containers the services reside in the user systemd sessions of the system user. I'd love to be able to run rootless quadlets within the system session.

[GCUMstlyHarmls]

Is there any effective difference by enabling user-linger and running rootless via user systemd? That's what I've always done.

[Svenstaro]

I used to do that but I find the UX of that quite annoying because before you can do: systemctl status and see what's up with all the system services. Now you have to do systemctl status -M <user-for-that-stack> for every stack that you're running to get a complete picture.

I haven't found a way around that and would be very thankful for pointers.

[illamint]

> I'd love to be able to run rootless quadlets within the system session.

Likewise. I'd also like to be able to run rootless quadlets with the DynamicUser= option. DynamicUser= has been a great way to restrict privileges for system services, and it just doesn't fit with podman right now.