[PATCH] [RFC] c/r: Add UTS support
daniel.lezcano at free.fr
Thu Mar 12 16:11:56 PDT 2009
Dan Smith wrote:
> DL> Assuming you have a process and this one unshared the network 100
> DL> times and each time opens a socket, how do you checkpoint these
> DL> namespaces ?
>>> What's the argument for depending on userspace to set this up?
> DL> Maybe, CR of the namespaces is more complicate topic than it looks
> DL> like and the CR itself is big enough to not complicate
> DL> things. IMHO, I would recommend as the first step to forbid the
> DL> unshare inside a container and let the container implementation to
> DL> save the configuration with the statefile in order to recreate it
> DL> at the restart
> I think what you're suggesting here is some sort of check to make sure
> we don't allow checkpointing a process with nested namespaces... is
> that correct? If so, I agree.
I guess it will be esay to implement with a nsproxy level counter.
Each time you unshare, the new nsproxy count is incremented.
Assuming the init_nsproxy is level 0, when the nsproxy counter is > 1,
the process is uncheckpointable.
More information about the Containers