Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> >Would you care to update the patch along these lines?
>
> Will do, but it will take me a few days time, since I have to set up an
> environment where I can test user namespaces first.
Awesome, it'll be good to have more people exper
Hi Serge,
> Would you care to update the patch along these lines?
Will do, but it will take me a few days time, since I have to set up an
environment where I can test user namespaces first.
Regards,
Christian
--
Master
Quoting Christian Seiler (christ...@iwakd.de):
> Hi Serge,
>
> Just a few quick comments because I'm very interested in the lxc-attach
> utility:
>
> > + ret = lxc_cgroup_prepare_attach(my_args.name,
> > &cgroup_data);
> > + if (ret < 0) {
> > +
Hi Serge,
Just a few quick comments because I'm very interested in the lxc-attach
utility:
> + ret = lxc_cgroup_prepare_attach(my_args.name,
> &cgroup_data);
> + if (ret < 0) {
> + ERROR("failed to prepare attaching to cgroup");
When you clone a new user_ns, the child cannot write to the fds
opened by the parent. Hnadle this by doing an extra fork. The
grandparent hangs around and waits for its child to tell it the
pid of of the grandchild, which will be the one attached to the
container. The grandparent then moves the
