Quoting Christian Seiler (christ...@iwakd.de):
> + int flags[] = { CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWNET, CLONE_NEWIPC,
> CLONE_NEWUTS };
...
> -static char *namespaces_list[] = {
> - "MOUNT", "PID", "UTSNAME", "IPC",
> - "USER", "NETWORK"
> -};
> -static int cloneflags_list[] = {
> - CLONE_NEWNS, CLONE_NEWPID, CLONE_NEWUTS, CLONE_NEWIPC,
> - CLONE_NEWUSER, CLONE_NEWNET
> -};
These should be commonized. I'm surprised this patch worked for you, as
the indices for network don't match up.
CLONE_NEWUSER may be available pretty soon, no reason to blacklist it
in attach. Just have it gracefully fail if unavailable, just as PID
still needs to do.
thanks,
-serge
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
