Dave Leskovec wrote: > Daniel Hokka Zakrisson wrote: >> Dave Leskovec wrote: >> >>> Attached is a simple program that uses the clone() function to create a >>> container. This is not intended as a patch - just an example of what >>> creating a Linux Container looks like. Something along these lines >>> will >>> be used by the Linux Container driver to start the domain. The code >>> run >>> within this container is really simple. It just mounts the /proc file >>> system and then dumps the ps output to a file showing that the >>> container >>> is in separate process space. >>> >>> To run this you will need to have PID namespaces support enabled. Turn >>> on CONFIG_PID_NS when compiling the kernel. You must run the program >>> as >>> root or the clone() call will fail. >>> >>> Any questions or comments are welcome. Thanks! >>> >> >> You want to use at least CLONE_NEWIPC and CLONE_NEWUSER too. >> CLONE_NEWUTS >> is probably desired as well, so you can have different hostnames, and >> CLONE_NEWNET for networking (though that's probably not going to be >> usable >> until after 2.6.25, at least). >> >> > Thanks! I added CLONE_NEWIPC and CLONE_NEWUTS. Adding CLONE_NEWUSER > caused clone() to fail. I'm looking into that. Make sure you have CONFIG_USER_NS=y > I'll post in the near future regarding CLONE_NEWNET, network support for > containers, and the XML format. -- Daniel Hokka Zakrisson -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list