[Devel] [PATCH] netfilter: get UID and GID from container user ns on rule match

[Cyrill Gorcunov]

On Tue, Jun 06, 2017 at 02:00:32PM +0400, Stanislav Kinsburskiy wrote:
> It's good enough for us. It won't work properly in case of setting rules by
> joining container network namespace without VE cgroup, but it's acceptable,
> because proper fix needs a lot of backporting.
> 
> https://jira.sw.ru/browse/PSBM-43609
> 
> Signed-off-by: Stanislav Kinsburskiy <skinsbursky at virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcunov at openvz.org>