I thought we were going to use chown in the initial version to enforce the
ownership/permissions on the hierarchy. Only the cgroup manager has access
to the hierarchy, but it tries to access the hierarchy as the user that
sent the request. It was only meant to be a "for now" solution while the
real
If this daemon works as advertised, we will explore moving all write
traffic to use it. I still have concerns that this can't handle read
traffic at the scale we need.
Tejun, I am not sure why chown came back into the conversation. This
is a replacement for that.
On Tue, Dec 3, 2013 at 6:31 PM
Hi,
On Tue, Dec 3, 2013 at 6:53 PM, Stéphane Graber wrote:
> On Tue, Dec 03, 2013 at 05:43:47PM -0600, Serge Hallyn wrote:
>> Quoting S.Çağlar Onur (cag...@10ur.org):
>> > Hey Stéphane,
>> >
>> > On Wed, Nov 27, 2013 at 7:49 PM, Stéphane Graber
>> > wrote:
>> > > THe recent reorg of lxc-ubuntu
Quoting Tejun Heo (t...@kernel.org):
> Hello, Serge.
>
> On Tue, Dec 03, 2013 at 06:03:44PM -0600, Serge Hallyn wrote:
> > > As I communicated multiple times before, delegating write access to
> > > control knobs to untrusted domain has always been a security risk and
> > > is likely to continue t
And can somebody please fix up lxc-devel so that it doesn't generate
"your message awaits moderator approval" notification on *each*
message? :(
--
tejun
--
Sponsored by Intel(R) XDK
Develop, test and display web and h
Hello, Serge.
On Tue, Dec 03, 2013 at 06:03:44PM -0600, Serge Hallyn wrote:
> > As I communicated multiple times before, delegating write access to
> > control knobs to untrusted domain has always been a security risk and
> > is likely to continue to remain so. Also, organizationally, a
>
> Then
Quoting Tejun Heo (t...@kernel.org):
> Hello, guys.
>
> Sorry about the delay.
>
> On Mon, Nov 25, 2013 at 10:43:35PM +, Serge E. Hallyn wrote:
> > Additionally, Tejun has specified that we do not want users to be
> > too closely tied to the cgroupfs implementation. Therefore
> > commands wi
On Tue, Dec 03, 2013 at 05:43:47PM -0600, Serge Hallyn wrote:
> Quoting S.Çağlar Onur (cag...@10ur.org):
> > Hey Stéphane,
> >
> > On Wed, Nov 27, 2013 at 7:49 PM, Stéphane Graber
> > wrote:
> > > THe recent reorg of lxc-ubuntu introduced some package installation in
> > > post-process but witho
Quoting S.Çağlar Onur (cag...@10ur.org):
> Hey Stéphane,
>
> On Wed, Nov 27, 2013 at 7:49 PM, Stéphane Graber wrote:
> > THe recent reorg of lxc-ubuntu introduced some package installation in
> > post-process but without first disabling service startup.
> >
> > As a result, if the cache is a bit
On Tue, 2013-12-03 at 11:04 -0500, Stéphane Graber wrote:
> On Tue, Dec 03, 2013 at 10:57:44AM -0500, Michael H. Warfield wrote:
> > On Tue, 2013-12-03 at 10:20 -0500, Stéphane Graber wrote:
> > > On Tue, Dec 03, 2013 at 10:00:02AM -0500, Michael H. Warfield wrote:
> > > > On Tue, 2013-12-03 at 1
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 2b25068a3dc719a7b107d2c7009b06104b53a520
https://github.com/lxc/lxc/commit/2b25068a3dc719a7b107d2c7009b06104b53a520
Author: Stéphane Graber
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M src/lxc/Mak
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: c5d32181c550f75ef83f13ba1ca2eff3997b3621
https://github.com/lxc/lxc/commit/c5d32181c550f75ef83f13ba1ca2eff3997b3621
Author: Stéphane Graber
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M templates/l
Signed-off-by: S.Çağlar Onur
---
src/lxc/lxc_snapshot.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/src/lxc/lxc_snapshot.c b/src/lxc/lxc_snapshot.c
index f80afe5..1de5671 100644
--- a/src/lxc/lxc_snapshot.c
+++ b/src/lxc/lxc_snapshot.c
@@ -41,6 +41,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Mike,
Of course I understand that the lxc container search path might
lead to confusion in case of ambiguous container names. However,
similar problems exist for $PATH and $LD_LIBRARY_PATH and others.
How about "first match wins"?
If lxcpath is
On Tue, Dec 03, 2013 at 10:57:44AM -0500, Michael H. Warfield wrote:
> On Tue, 2013-12-03 at 10:20 -0500, Stéphane Graber wrote:
> > On Tue, Dec 03, 2013 at 10:00:02AM -0500, Michael H. Warfield wrote:
> > > On Tue, 2013-12-03 at 12:49 +0100, Harald Dunkel wrote:
> > > > Hi folks,
> > >
> > > >
On Tue, 2013-12-03 at 10:20 -0500, Stéphane Graber wrote:
> On Tue, Dec 03, 2013 at 10:00:02AM -0500, Michael H. Warfield wrote:
> > On Tue, 2013-12-03 at 12:49 +0100, Harald Dunkel wrote:
> > > Hi folks,
> >
> > > do you think it would be possible to make the path set by
> > > -P/--lxcpath or i
On Tue, Dec 03, 2013 at 10:00:02AM -0500, Michael H. Warfield wrote:
> On Tue, 2013-12-03 at 12:49 +0100, Harald Dunkel wrote:
> > Hi folks,
>
> > do you think it would be possible to make the path set by
> > -P/--lxcpath or in the config file a _real_ path, e.g.
>
> > lxc-ls -P /data1/lxc:/
On Tue, 2013-12-03 at 12:49 +0100, Harald Dunkel wrote:
> Hi folks,
> do you think it would be possible to make the path set by
> -P/--lxcpath or in the config file a _real_ path, e.g.
> lxc-ls -P /data1/lxc:/data2/lxc --fancy
> ?
You had me confused for a brief moment, referring to this
Hello,
On Tue, Nov 26, 2013 at 09:19:18AM -0800, Victor Marmol wrote:
> > > >From my discussions with Tejun, he wanted to move to using inotify so it
> > > may still be an fd we pass around.
> >
> > Hm, would that just be inotify on the memory.max_usage_in_bytes
> > file, of inotify on a specific
Hello, Tim.
On Mon, Nov 25, 2013 at 08:58:09PM -0800, Tim Hockin wrote:
> Thanks for this! I think it helps a lot to discuss now, rather than
> over nearly-done code.
>
> On Mon, Nov 25, 2013 at 2:43 PM, Serge E. Hallyn wrote:
> > Additionally, Tejun has specified that we do not want users to b
Hello, guys.
Sorry about the delay.
On Mon, Nov 25, 2013 at 10:43:35PM +, Serge E. Hallyn wrote:
> Additionally, Tejun has specified that we do not want users to be
> too closely tied to the cgroupfs implementation. Therefore
> commands will be just a hair more general than specifying cgroup
Ooh, can you also please cc Li Zefan when
replying?
Thanks.
--
tejun
--
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
Hi folks,
do you think it would be possible to make the path set by
-P/--lxcpath or in the config file a _real_ path, e.g.
lxc-ls -P /data1/lxc:/data2/lxc --fancy
?
This could help to support HA scenarios based on DRBD or
a network file system, for example. If one LXC server
dies, then
23 matches
Mail list logo
