Dear Sharma, Because container virtualization may be roughly described as a "complex chroot tool", a process actually don't "run" inside container. It's acting in the same context of one-and-only kernel which have bootstrapped the host. It is just inside a access control group, which phenotype forms "the container".
Therefore, since container isolation in LXC is mainly formed by different namespaces and the host -- as a super-root -- is able to distinguish and access all processes of a container, you may use the same mechanisms to inspect the system as in the vanilla case, e.g. to hook strace to a process which belongs to a container. Guido >-----Original Message----- >From: Kushan Sharma [mailto:mlkus...@gmail.com] >Sent: Thursday, June 28, 2012 8:39 AM >To: lxc-devel@lists.sourceforge.net >Subject: [lxc-devel] [Need Assistance] How to monitor activities inside >LXC-Container > >Dear All, > >I am a computer science and engineering research student at University of >Moratuwa, Sri Lanka. > >I need to write a program to monitor activities of Arkose container ><https://launchpad.net/arkose> . Since this uses LXC- >container as, is it possible for write a program to externally (external to >the container) monitor system calls executes by Arkose >and applications running inside Arkose? > >Your advice on this regard is highly appreciated. > >Thank you very much and I await your feedback. > >-- >Kushan Sharma >Research Student. > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
