Escaping Containers

Serge E. Hallyn serge.hallyn at canonical.com
Wed Aug 3 14:49:51 PDT 2011


Quoting Prashanth Mohan (prashmohan at gmail.com):
> Hello,
> 
> I recently came across this blog posting
> (http://blog.bofh.it/debian/id_413) which details a mechanism to
> escape from Linux Containers. The posting seems to indicate that this
> is because sysfs does not support namespaces. Is this a problem that
> is being actively looked into? Is there a workaround for this and/or a
> permanent solution in the works?

For the latter, please read the whole blog post you cited.

For a workaround using Smack, see
   http://sourceforge.net/mailarchive/message.php?msg_id=27895058
from the lxc-users mailing list.

-serge


More information about the Containers mailing list