Kirill Korotaev wrote:
>> On Thu, Sep 07, 2006 at 08:05:30PM +0400, Kirill Korotaev wrote:
>>
>>> BTW...
>>>
>>>
>>>> --- 2.6.18-rc4-mm3.orig/include/linux/sched.h
>>>> +++ 2.6.18-rc4-mm3/include/linux/sched.h
>>>> @@ -26,6 +26,7 @@
>>>> #define CLONE_STOPPED		0x02000000	/* Start in stopped state */
>>>> #define CLONE_NEWUTS		0x04000000	/* New utsname group? */
>>>> #define CLONE_NEWIPC		0x08000000	/* New ipcs */
>>>> +#define CLONE_NEWUSER		0x10000000	/* New user */
>>> we have place for 3 namespaces more only.
>>> Does anyone have a plan what to do then?
>>
>> what about having a new clone syscall with 32 or 
>> better 64 bits reserved for namespace stuff, and
>> only put basic/generic namespaces or even aggregate
>> flags into the existing clone interface?
>>
>> something like: uts+ipc+user -> CLONE_NEWXYZ
>> but CLONE2_NEWUTS, CLONE2_NEWIPC, CLONE2_NEWUSER
> I would suggest to do it another way then:
> remove CLONES_NEWXXXNS from clone() at all (except for MNT NS for compatibility)
> and introduce sys_clone_ns() with totatally new 64bit flags like
> CLONE_NS_UTS
> CLONE_NS_IPC
> CLONE_NS_USER
> CLONE_NS_NET

yep. I like the idea of a specific syscall. It would certainly help us to
handle some corner cases in the namespaces.

OTOH, the unshare/clone semantic is right in most cases.

How would the community feel about this ? would they say "fix
unshare/clone" or this is a new API, move it somewhere else ?

thanks,

C.
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers