On Wed, Nov 13, 2013 at 11:33:46AM -0700, Eric Blake wrote: > On 11/13/2013 11:16 AM, Rich Felker wrote: > > >> We are not using clone() in a manner that is strictly equivalent > >> to fork(). Libvirt is using clone() to create Linux containers > >> with new namespaces. eg we do > >> > >> clone(CLONE_NEWPID|CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWUSER|CLONE_NEWNET|SIGCHLD) > > > > Understood. I still call this a fork-like manner since it's not > > sharing VM or using CLONE_THREAD and using the default signal of > > SIGCHLD. BTW is there a reason to prefer this usage over regular fork > > followed by unshare()? > > Yes. Per 'man 2 unshare', CLONE_NEWPID is not supported with unshare(), > yet we require our child to have pid 1 in its new pid namespace. Yeah, I also wish we could use unshare() instead of clone(), but the CLONE_NEWPID design limitation is a blocker for that. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list