[RFC][PATCH] ns: Syscalls for better namespace sharing control.

Eric W. Biederman ebiederm at xmission.com
Thu Feb 25 16:53:16 PST 2010


Matt Helsley <matthltc at us.ibm.com> writes:


> 	Seems like an ok concept to me. Did you try doing this with
> anon_inodes and bind mounting the /proc/<pid>/fd/N as above to keep
> them alive and name them?

Of course this part doesn't work in my patch because I have the wrong
mnt_ns on my mount MS_NOUSER on my superblock.

MS_NOUSER is easy to get past.  Getting a vfsmount in the proper mnt
namespace could be tricky.

Eric


More information about the Containers mailing list