[RFC][PATCH] ns: Syscalls for better namespace sharing control.
Eric W. Biederman
ebiederm at xmission.com
Thu Feb 25 16:53:16 PST 2010
Matt Helsley <matthltc at us.ibm.com> writes:
> Seems like an ok concept to me. Did you try doing this with
> anon_inodes and bind mounting the /proc/<pid>/fd/N as above to keep
> them alive and name them?
Of course this part doesn't work in my patch because I have the wrong
mnt_ns on my mount MS_NOUSER on my superblock.
MS_NOUSER is easy to get past. Getting a vfsmount in the proper mnt
namespace could be tricky.
More information about the Containers