On Thu, 2010-03-18 at 16:05 +0100, Georg Borgström wrote: > Hi, > > I tried to disable the "sandbox" mentioned in > http://code.google.com/p/chromium/issues/detail?id=35440 by adding the > switch --no-sandbox to google-chrome and the problem went away! > > With the switch I don't get "Not cloning cgroup for unused subsystem > ns" when starting chrome and no ugly "crash" when leaving chrome! > > Probably no kernel bug after all. > > Can you Berni try the switch and see if it helps? > > /Georg
I am still unable to reproduce this problem, but I do now understand what Chrome is doing that is unusual: the sandbox feature uses pid namespaces. Based on this information, I found a change included in Linux 2.6.27 which is described as fixing a bug that seems to be the same as this. The attached patch is applicable to the latest Debian stable kernel. Please test this fix by following the instructions at <http://kernel-handbook.alioth.debian.org/ch-common-tasks.html#s-common-official>. If you have trouble with this I can prepare packages for you to download. Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.
0001-pid_ns-zap_pid_ns_processes-fix-the-child_reaper-cha.patch~
Description: application/trash
signature.asc
Description: This is a digitally signed message part
