Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> Just a few quick comments because I'm very interested in the lxc-attach
> utility:
>
> > + ret = lxc_cgroup_prepare_attach(my_args.name,
> > &cgroup_data);
> > + if (ret < 0) {
> > +
Hi Serge,
Just a few quick comments because I'm very interested in the lxc-attach
utility:
> + ret = lxc_cgroup_prepare_attach(my_args.name,
> &cgroup_data);
> + if (ret < 0) {
> + ERROR("failed to prepare attaching to cgroup");
When you clone a new user_ns, the child cannot write to the fds
opened by the parent. Hnadle this by doing an extra fork. The
grandparent hangs around and waits for its child to tell it the
pid of of the grandchild, which will be the one attached to the
container. The grandparent then moves the
Quoting Serge Hallyn (serge.hal...@canonical.com):
> When you clone a new user_ns, the child cannot write to the fds
> opened by the parent. Hnadle this by doing an extra fork. The
> grandparent hangs around and waits for its child to tell it the
> pid of of the grandchild, which will be the one
When you clone a new user_ns, the child cannot write to the fds
opened by the parent. Hnadle this by doing an extra fork. The
grandparent hangs around and waits for its child to tell it the
pid of of the grandchild, which will be the one attached to the
container. The grandparent then moves the
On 01/17/2013 10:53 AM, Serge Hallyn wrote:
> Only the container parent needs to keep that fd open. Close it
> as soon as the container's first task is spawned. Else it can
> show up in /proc/$$/fd in the container.
>
> Signed-off-by: Serge Hallyn
Acked-by: Stéphane Graber
> ---
> src/lxc/s