[PATCH for v3.14] AUDIT: Allow login in non-init namespaces
Linus Torvalds
torvalds at linux-foundation.org
Thu Apr 10 00:18:13 UTC 2014
On Wed, Apr 9, 2014 at 5:08 PM, Steve Grubb <sgrubb at redhat.com> wrote:
>
> This is a requirement. I do not advocate "tricking" user space.
It's not about tricking user space. This is how we used to behave.
ECONNREFUSED is what you got in a non-init namespace. So this is a
*regression fix*, not some kind of trick.
And there is absolutely nothing to "discuss" about regression fixes.
If people want to start auditing non-init namespaces, go right ahead.
But it will *not* happen by breaking old behavior that people depended
on.
Linus
More information about the Containers
mailing list