Pid namespace patchsets review

sukadev at us.ibm.com sukadev at us.ibm.com
Sat Mar 10 10:24:05 PST 2007


Eric W. Biederman [ebiederm at xmission.com] wrote:
| 
| It is good to see these patches are starting to come together.
| 
| Be patient a good review is going to take me a little bit.

Ok.
| 
| A couple of immediate things I see that would be nice to address before
| we aim at merging these patches upstream.
| 
| - Since there are known cases that we still need to convert to use struct
|   pid can we disable the clone/unshare unless we have the CONFIG_EXPERIMENTAL
|   flag set.  And a comment in Kconfig saying we are almost but not quite
|   there yet.  With that in place I would have no problems with the idea
|   of merging all of the bits needed to have multiple pid namespaces before
|   we finish making the code pid namespace safe.

Agree.

| 
| - When we do the rename can we please rename it task_proxy and have the functions
|   follow that naming.  The resource limiting conversation seems to be going in
|   that direction, and it more general then what we are using now.

Agree.

| 
| - At a first skim the patches didn't quite feel like they were git-bisect safe.
|   I haven't looked closely enough to be certain yet.

Yes. They were safe until my most recent changes :-) We are working on
cleaning that up.
| 
| 
| Eric



More information about the Containers mailing list