Am 29.05.2014 12:02, schrieb Pavel Emelyanov: >>> We need to know what pid namespaces a task lives in and how pid, sid and >>> pgid look in all of them. A short example with pids only >> >> So use case is to checkpoint/restore nested containers? :) > > Yes, but there's one more scenario. AFAIK some applications create pid > namespaces > themselves, without starting what is typically called "a container" :) And > when > such an applications are run inside, well ... "more real" container (e.g. > using > openvz, lxc or docker tools) we face this issue.
Do you know such an application? I'm a aware of systemd which uses CLONE_NEWNET/NS to implement security features. We could add a directory like /proc/<pidX>/ns/proc/ which would contain everything from /proc/<pidX inside the namespace>/. This needs definitely more discussion and must not solved by ad-hoc solutions. Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
