Quoting Aristeu Rozanski (aris@xxxxxxxxxx):
> On Mon, Feb 11, 2013 at 06:52:39PM +0000, Serge E. Hallyn wrote:
> > > getting rid of local settings would buy more simplicity
> >
> > (Not sure which you mean here by 'getting rid of local settings')
>
> no local.{behavior,exceptions}, which still would allow behavior
> propagation, but simply wouldn't keep local behavior or exceptions.
> a change in behavior on parent would simply reset the child to parent's
Why would that be necessary? If I add permission to the parent, I just
don't propagate it. If I remove permission from the parent, I make sure
all children don't have that permission, but keep everything else.
The child's permission is never allowed to exceed its parent's.
We don't need to reset the child's to the parent's.
> state. exception propagation would mean inserting/removing the new
> exception and making sure the others are still valid.
>
> --
> Aristeu
>
--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
