On 8/29/07, Serge E. Hallyn <serue@xxxxxxxxxx> wrote: > >From aec05999084bf3a94add66e98462652ed9408f86 Mon Sep 17 00:00:00 2001 > From: sergeh@xxxxxxxxxx <sergeh@xxxxxxxxxx> > Date: Wed, 22 Aug 2007 15:03:57 -0700 > Subject: [RFC] [PATCH 2/2] namespace enter: introduce sys_hijack (v3) > > Introduce sys_hijack (for x86 only). It is like clone, but in > place of a stack pointer (which is assumed null) it accepts a > pid. The process identified by that pid is the one which is > actually cloned. Some state - include the file table, the signals > and sighand (and hence tty), and the ->parent are taken from the > calling process. What do you do if there are no processes in a particular container? I prefer your suggestion of tying this to the nsproxy subsystem - that would allow you to spawn a child with a given set of namespaces, even if there were no appropriate process to hijack. Paul _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
