Eric W. Biederman wrote: > Kirill Korotaev <dev at sw.ru> writes: > > >>BTW... >> >> >>>--- 2.6.18-rc4-mm3.orig/include/linux/sched.h >>>+++ 2.6.18-rc4-mm3/include/linux/sched.h >>>@@ -26,6 +26,7 @@ >>>#define CLONE_STOPPED 0x02000000 /* Start in stopped state */ >>> #define CLONE_NEWUTS 0x04000000 /* New utsname group? */ >>> #define CLONE_NEWIPC 0x08000000 /* New ipcs */ >>>+#define CLONE_NEWUSER 0x10000000 /* New user */ >> >>we have place for 3 namespaces more only. >>Does anyone have a plan what to do then? >>I warned about this at the beginning when we were discussing the interfaces >>and this flags soon going to be exhausted, so probably it is time to >>do something in advance... > > > Actually there is another unused bit in the middle :) > Plus there are a bunch of bits that unshare can use but clone can't. :))) I suggest to write HOWTO-select-unused-bits in CodingStyle :)) > Plus what other namespaces are on the todo list? > We have network, and pid, and time. I think more. proc-ns, sysfs-ns, printk-ns or syslog-ns?: syslog should be virtualized and more... semi-namespaces: fs-ns (should regulate which filesystems are accessiable from container, but probably this is not exact name space... need to think over...), dev-ns (should regulate which devices are accessiable from container) Thanks, Kirill