[PATCH] devpts: Add ptmx_uid and ptmx_gid options
alexl at redhat.com
Thu May 28 20:06:17 UTC 2015
On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote:
> > Where does the second namespace enter into this?
> Step a. Create create a user namespace where uid 0 is mapped to your
> real uid, and set up your sandbox (aka mount /dev/pts and everything
> Step b. Create a nested user namespace where your uid is identity
> mapped and run your desktop application. You can even drop all caps
> your namespace.
Just tried this. Its not the nicest, and it doubles the number of
namespaces in action for each sandbox, but it does work.
More information about the Containers