[Devel] [RFC rhel7] Disabling mounting cgroups from inside of container
Stanislav Kinsburskiy
skinsbursky at odin.com
Mon Jan 18 09:54:12 PST 2016
18.01.2016 16:16, Cyrill Gorcunov пишет:
> On Mon, Jan 18, 2016 at 01:33:39PM +0300, Konstantin Khorenko wrote:
>> JFYI: i'm not going to drop rh7-revert-ve-mark because otherwise cgroups mounted in 1 CT will be visible from other Containers as well.
>> (those cgroups which are mounted during CT start or restore).
> If we won't revert it we still continue failing with -EBUSY.
> As I said it's CRIU specific that we're mounting toplevel cgroups
> on the restore (but libvzctl already mounted them as well).
>
> That said without revert we won't able to restore.
Ok, now it's clear.
Kostya, please, drop my patch.
It's the only simple way to forbid cgroups mounts completely.
More information about the Devel
mailing list