On Wed, 2005-05-18 at 20:15 +0200, Enrico Scholz wrote: > This CLONE_NEWNS and (related) 'mount --bind' operations are not very > well supported by the kernel: > > * there does not exist a way to enter an already existing namespace; so, > e.g. two different ssh sessions would have different /tmp directories Right, but that shouldn't be a problem since you can share data via your home directory or a specially-designated scratch area, etc. > * namespaces are causing problems with automounters Sounds like a regular bug; I don't think automounters would come into play for /tmp anyways? > * 'mount --bind' does not accept/honor options like 'noatime' or 'noexec' > (which could be usefully e.g. to mount $HOME/tmp as /tmp). Patches are > existing but responsible kernel maintainer refuses to apply them :( noexec's always been virtually useless. noatime is useful, but not so much that it would be a showstopper for CLONE_NEWNS, in my opinion. > * CLONE_NEWNS + 'mount --bind' are not very well documented and it is > often unclear whether strange behavior is expected or not. E.g. it may > happen that '/' and '/..' are pointing to different inodes; dunno if > this is wanted or not. Hm, so it might confuse tools? I'd imagine most tools out there recurse downwards into a path and so won't hit that issue, but it is something to watch out for. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
