[Devel] [RFC rh7] ve: cgroups -- Allow to attach non-self into ve cgroups
Cyrill Gorcunov
gorcunov at virtuozzo.com
Thu Jun 18 11:26:38 PDT 2015
On Tue, Jun 16, 2015 at 07:51:52PM +0300, Cyrill Gorcunov wrote:
> >
> > If we have any problems because of this, the solution is good.
>
> OK. Gimme sometime (util tomorrow probably) to think of. This issue
> not critical at the moment because we know that we're moving one
> task only (from vzctl). So we can investigate.
Kirill, you know I think Vladimir's proposal is the best option here.
Yes there is a window when task_ve is not yet updated but ve interface
is special and supposed to be run in a predefined way (ie moving
caller of container's init [read vzctl] should be done in a forkless
manner). So I think we can trade this off for a simplier solution,
right? Also maybe we should add some check for creds thus arbitrary
userspace apps wont be moved here and there. If there some other
way -- please share (rcu for get-exec-env still look woth to add).
More information about the Devel
mailing list