Q: How complete is the pid namespace in mainline

sukadev at us.ibm.com sukadev at us.ibm.com
Fri Oct 26 14:29:59 PDT 2007


Eric W. Biederman [ebiederm at xmission.com] wrote:
| sukadev at us.ibm.com writes:
| >
| > Dave had suggested we print a warning the first time a container-init forks()
| > without a handler for a fatal signal. I was planning on adding that as
| > patch 4 of the signal patch set and get some feedback.
| 
| Yes.  How to cleanly handle signalling of container init is
| a tricky one.  It does sound like you have made a reasonable start
| there.
| 
| Suka it is a lot more then that.  How much more I'm not certain
| of.  I suspect the only way to find the rest of the cases is
| just go through the code with a fine tooth come and read and look.

I agree. I did not mean to ignore the kthread conversions and was only
referring to the core pid namespace clone stuff.

| 
| So far doing that it has not at all hard for me to find either
| bugs or places where the implementation can be improved.
| 
| Currently we have little things like kill(-1,...) signalling the
| wrong set of processes, and a couple of proc bugs.

I just realized the fix for this is in the signal patchset I was
referring to.

https://lists.linux-foundation.org/pipermail/containers/2007-August/006987.html

I notice that you have sent a patch for the kill -1.

The proc_mnt bug Linus found seems to have slipped through when
merging Pavel's and my patches.


More information about the Containers mailing list