On 2013/03/27 13:26, Gao feng wrote: > On 2013/03/20 16:14, Gao feng wrote: >> There are 3 reason we need to rework the cgroupfs >> mounting in container. >> >> 1, Yin Olivia reported a "failed to mount cgroup" >> problem, now we given that the name of cgroup mount point >> is same with the subsystem type, Or libvirt_lxc >> will fail to start. >> >> 2, The cgroup configuration is leaked to the container, >> even user can change host's cgroup configuration in >> container. >> >> 3, After we enable userns, the cgroupfs is unable to be >> mounted in uninit-userns. >> >> This patch tries to resolve these 3 problem, >> uses mount --bind to set cgroupfs for container. >> >> It means the directory /sys/fs/cgroup/memory/libvirt/lxc/domain >> of host will be binded to the directory /sys/fs/cgroup/memory of >> container. >> > > Hi Daniel, > > what's your idea about this patch? > Ping Again -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list