[PATCH 9/9] Document usage of multiple-instances of devpts

H. Peter Anvin hpa at zytor.com
Wed Oct 15 12:03:18 PDT 2008


Serge E. Hallyn wrote:
> Looks good.  In the very last part, you might say just a little more to
> make sure it's clear:  You want to mount -o newinstance before sshd
> or gnome is started in the root container, so that a child container
> can't reach your devpts by doing a mount -t devpts without -o
> newinstance.  It's not that it's not clear in what you write, it's
> more that it's at the very end and brief, so I'm afraid it's not
> attention-grabbing enough as is.

Actually, you should just enable newinstance everywhere, in particular 
in your fstab, so that ALL instances of devpts in the system have 
newinstance (leaving the legacy one unreachable.)

In that sense I think your text above is more confusing than what 
Sukadev had.

	-hpa


More information about the Containers mailing list