[Devel] Re: The issues for agreeing on a virtualization/namespaces implementation.
Serge E. Hallyn
serue at us.ibm.com
Wed Feb 8 13:22:12 PST 2006
Quoting Dave Hansen (haveblue at us.ibm.com):
> On Wed, 2006-02-08 at 12:03 -0600, Serge E. Hallyn wrote:
> > Now I believe Eric's code so far would make it so that you can only
> > refer to a namespace from it's *creating* context. Still restrictive,
> > but seems acceptable.
>
> The same goes for filesystem namespaces. You can't see into random
> namespaces, just the ones underneath your own. Sounds really reasonable
> to me.
Hmmm? I suspect I'm misreading what you're saying, but to be clear:
Let's say I start a screen session. In one of those shells, I clone,
specify CLONE_NEWNS, and exec a shell. now i do a bunch of mounting.
Other shells in the screen session won't see the results of those
mounts, and if i ctrl-d, the shell which started the screen session
can't either. Each of these is in the "parent filesystem namespace".
OTOH, shared subtrees specified in the parent shell could make it such
that the parent ns, but not others, see the results. Is that what
you're referring to?
thanks,
-serge
More information about the Devel
mailing list