[Devel] [RFC] [PATCH 2/2] namespace enter: introduce sys_hijack (v3)
Dave Hansen
haveblue at us.ibm.com
Tue Sep 4 12:06:18 PDT 2007
On Tue, 2007-09-04 at 07:50 -0500, Serge E. Hallyn wrote:
> > What do you do if there are no processes in a particular container?
>
> The nsproxy will have been released so you couldn't enter it anyway.
Yeah, we'd need some kind of other object to keep the nsproxy around and
hold a reference to it.
But, it also begs other questions about how we define the namespace
boundaries vs. containers. What if we have a normal container with
chroot'd process inside of it? Two such processes will not share an
nsproxy because the chroot'd one has switched filesystem namespaces.
Who is to say that the "container" is represented by one process's
nsproxy more than another?
-- Dave
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list