Currently, the maintainers of runC are working on implementing rootless containers using the new unprivileged user namespace capabilities of Linux[1]. The only missing core feature is management of cgroups by the container (such as setting resource limits and pausing containers). Given the recent addition of the new cgroup namespace, this patchset implements additional functionality to cgroup namespaces to allow containers to set up and manage their own cgroup subtrees without compromising the resource limitations enforced by cgroup controllers. [1]: https://github.com/opencontainers/runc/pull/774 Aleksa Sarai (1): cgroup: allow management of subtrees by new cgroup namespaces kernel/cgroup.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 69 insertions(+), 2 deletions(-) -- 2.8.1 -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
