[Devel] Re: [PATCH 1/1] Syslog are now containerized
Eric W. Biederman
ebiederm at xmission.com
Sat Feb 13 11:13:21 PST 2010
Jean-Marc Pigeon <jmp at safe.ca> writes:
> Added syslog.c such container /proc/kmsg and host /proc/kmsg
> do not leak in each other.
> Running rsyslog daemon within a container won't destroy
> host kernel messages.
If the goal is to not destroy the host kernel messages the much
simpler solution would be to simply disable /proc/kmsg in the container.
I expect we can get that for free with a some bug fixes to the user
namespace (aka if you are not in the global namespace you can't
touch /proc/kmsg).
Additionally except for the possible exception of logging firewall rules
I can't think of a case where I would want kernel printk's in anything
other than the global kernel ring buffer.
Eric
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list