On Fri, Sep 22, 2017 at 4:43 PM, James McMechan <[email protected]> wrote: > > # now create a separate mount namespace non-persistent > unshare -m bash >
If you're going to go to the trouble to set up a container, you might as well add some more isolation: unshare --mount --net --pid --uts --cgroup --fork --ipc --mount-proc bash I'm not sure how much of a hassle mapping a uid namespace would be or if it would really add anything, especially if this chroots to portage right away. -- Rich
