Hi again, > - lxc-attach with shell > clear env + container=lxc only > when doing getent lookup logic, > default PATH just for getent call > BUT don't pass it to shell because it will > probably read some defaults anyway > - lxc-attach with program name > clear env + container=lxc + default PATH (see below) > - lxc-attach with only partial namespaces > always set container= > probably (?) keep env but set container=lxc > (any process that setsid()s away drags baggage into the > container anyway) > - if -s MOUNT maybe sanitize PATH and LD_LIBRARY_PATH > additionally (LD_LIBRARY_PATH empty, PATH to defaults > below) but DON'T touch other variables > - probably: add option to override defaults if wanted, i.e. > on partial attach clean anyway > or on full attach keep in anyway > - probably: add option to set specific environment variables > -v PATH=... -v LD_LIBRARY_PATH=... > regardless of other options > - other options should not make any difference > > Default PATH: > /usr/local/bin:/usr/bin:/bin probably safe bet > + .../sbin maybe if uid inside > container > is 0, also add those > > Thoughts?
In light of the fact that 0.9 is going to be here soon, any comments on this? -- Christian ------------------------------------------------------------------------------ Own the Future-Intel® Level Up Game Demo Contest 2013 Rise to greatness in Intel's independent game demo contest. Compete for recognition, cash, and the chance to get your game on Steam. $5K grand prize plus 10 genre and skill prizes. Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
