[RFC][PATCH 0/8][v2]: Enable multiple mounts of devpts

Eric W. Biederman ebiederm at xmission.com
Wed Sep 3 06:12:06 PDT 2008


Cedric Le Goater <clg at fr.ibm.com> writes:

> ok. complete isolation would require 2 steps. I guess this is
> acceptable because mq uses a fs
>
> allowing the host to see the child's /dev/mqueue is also 'a nice 
> to have' feature. unfortunately, we can't do that for all namespaces,
> for sysvipc for example. So I'm wondering if we should allow it
> at all ?

Definitely.

One of the lessons from the people doing monitoring is that it really
is best done through a filesystem interface.  You don't have
to have it mounted and there are times you don't want to be able
to mount a view into another namespace but having the option is nice.

I'm torn because the more I look at the way posix message queues are
implemented the more it looks like new versions of sys_open and
sys_unlink should never have been written and it should have been a
user space convention to always mount mqueuefs on /dev/mqueue.

Just doing newinstance and having a pointer in nsproxy will get the
job done, but it feels like we may have the opportunity to correct a
blunder in the initial implementation.

Eric


More information about the Containers mailing list