Hi Serge, I've updated my patch for lxc-attach in order to reflect your comments: The ordering of the flags is now consistent across the source code and I've added CLONE_NEWUSER to the list of flags. The only thing I wasn't clear about was what the file in /proc/pid/ns will be called once setns() supports user namespaces - I used 'usr' but added a comment that this might need to be changed once the kernel actually supports this and the kernel developers decide to use something else.
I've also added a patch to add the -R option to allow the remounting of /proc and /sys when attaching to e.g. only a network namespace. Regards, Christian ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
