[Devel] [PATCH rh7] fs: make overlayfs disabled in CT by default
Vladimir Davydov
vdavydov at virtuozzo.com
Mon Jul 4 08:53:24 PDT 2016
On Tue, Jun 28, 2016 at 03:48:54PM -0700, Maxim Patlasov wrote:
...
> @@ -643,6 +643,7 @@ static struct cgroup_subsys_state *ve_create(struct cgroup *cg)
>
> ve->odirect_enable = 2;
> ve->fsync_enable = 2;
> + ve->experimental_fs_enable = 2;
For odirect_enable and fsync_enable, 2 means follow the host's config, 1
means enable unconditionally, and 0 means disable unconditionally. But
we don't want to allow a user inside a CT to enable this feature, right?
This is confusing. May be, we'd better add a new VE_FEATURE for the
purpose?
>
> #ifdef CONFIG_VE_IPTABLES
> ve->ipt_mask = ve_setup_iptables_mask(VE_IP_DEFAULT);
>
More information about the Devel
mailing list