Developer Diary Excerpts: machinectl auto-login

Bringing up a root filesystem with systemd-nspawn -b -D and consequently logging into the container necessitates that either a password is set for the desired user, or that an autologin override is present for the console-getty service.

If a container is brought up with machinectl start instead, the console-getty override has no effect for consequent machinectl login invocations, as container-getty@.service is in charge of the pseudo terminals that login attaches to instead.

    State: running
     Jobs: 0 queued
   Failed: 0 units
    Since: Sat 2019-03-16 17:11:26 CET; 16min ago
   CGroup: /
           ├─init.scope
           │ └─1 /lib/systemd/systemd
           └─system.slice
             ├─console-getty.service
             │ └─48 /sbin/agetty --noclear --keep-baud console 115200,38400,9600 vt220
             └─system-container\x2dgetty.slice
               └─container-getty@0.service
                 ├─53 /bin/login -f
                 └─58 -bash
Shortened systemctl status output of container.

Logging into the container without a password can still be achieved by using the shell subcommand of machinectl, though the login subcommand remains the only option for Linux distributions that ship with older versions of systemd, which do not include shell (before v224).

An ExecStart override for container-getty@.service can be used to replicate the behaviour of shell with login.

systemctl edit container-getty@.service
Execute inside the container, not the host system (a text editor has to be installed).
[Service]
ExecStart= 
ExecStart=-/sbin/agetty --noclear --autologin root --keep-baud pts/%I 115200,38400,9600 $TERM 

Notes

Attribution-NonCommercial 4.0 International (only applies to text, code license: MIT)