On Thu, 2006-12-14 at 09:36 -0600, Serge E. Hallyn wrote:
> one container corresponds to one nsproxy which is one set of namespaces.
On container has at least one nsproxy associated with it. Did you mean
to say here that each container has one and only one nsproxy?
> As I said, once a process is in a container, it never leaves that
> container. It only enters additional ones. That model fits everyone's
> needs, without needing some funky API.
This makes logical sense to me. In practice this has the feel of
ptracing where the ptracer becomes a temporary parent of the tracee.
The process entering a container temporarily becomes a member of that
container, but it doesn't completely _stop_ being a member of its
container. The real_parent of a process being ptraced may not be doing
all of the parental duties during a ptrace, but it doesn't _stop_ being
the real_parent.
Maybe I'm stretching the analogy too far :)
-- Dave
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers