Yiannis пишет: > (LXC) which is supposed to finally land on the kernel. I think that this > might be worth trying as opposed to linux-vserver.
Unfortunately, Grsecurity's RBAC does not support per-cgroup role assignment, the roles are all system-wide. So don't expect much from RBAC with LXC.
