OpenVZ Forum


Home » Mailing lists » Devel » [RFC] [PATCH 0/2] namespace enter through hijack
Re: [RFC] [PATCH 2/2] namespace enter: introduce sys_hijack (v3) [message #19919 is a reply to message #19916] Tue, 04 September 2007 19:06 Go to previous messageGo to previous message
Dave Hansen is currently offline  Dave Hansen
Messages: 240
Registered: October 2005
Senior Member
 
On Tue, 2007-09-04 at 07:50 -0500, Serge E. Hallyn wrote:
> > What do you do if there are no processes in a particular container?
> 
> The nsproxy will have been released so you couldn't enter it anyway. 

Yeah, we'd need some kind of other object to keep the nsproxy around and
hold a reference to it.

But, it also begs other questions about how we define the namespace
boundaries vs. containers.  What if we have a normal container with
chroot'd process inside of it?  Two such processes will not share an
nsproxy because the chroot'd one has switched filesystem namespaces.

Who is to say that the "container" is represented by one process's
nsproxy more than another?

-- Dave

_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: [RFC][patch 0/3] Network container subsystem - bind filtering
Next Topic: pid namespace .text overhead
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Aug 10 01:47:27 GMT 2025

Total time taken to generate the page: 0.66360 seconds
Powered by FUDforum Powered by Virtuozzo Containers