Mark Nelson <markn@xxxxxxxxxxx> writes: > Hi Paul and Eric, > > Do you guys have any objections to dropping the hijack_pid() and > hijack_cgroup() parts of sys_hijack, leaving just hijack_ns() (see > below for discussion)? I need to step back and study what is being proposed. My gut feeling is that you are proposing something that does not support forking me a process inside a container so I can have a shell without having to run a login program. There is a reason I proposed ptrace as an initial prototype. All of the other uses of enter in a namespace context I feel confident we can support by just having proper virtual filesystems available to processes outside of the container. For monitoring and control. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers