"Peter Dolding" <oiaohm@xxxxxxxxx> writes: > http://opensolaris.org/os/community/brandz/ I would like to see if > something equal to this is on the roadmap in particular. Being able > to run solaris and aix closed source binaries contained would be > useful. There have been projects to do this at various times on linux. Having a namespace dedicated to a certain kind of application is no big deal. Someone would need to care enough to test and implement it though. > Other useful feature is some way to share a single process between PID > containers as like a container bridge. For containers used for > desktop applications not having a single X11 server interfacing with > video card is a issue. X allows network connections, and I think unix domain sockets will work. The latter I need to check on. The pid namespace is well defined and no a task will not be able to change it's pid namespace while running. That is nasty. > These container bridges avoid having to go threw network cards and > other means to share data between containers. A user space solution. There are lots of opportunities for user space solutions. > I know this reduces secuirty but when you need a application form X > distrobuton and you have Y distribution and its opengl heavy you are > kinda stuffed at moment. > > Final one is some form of LSM processing different. Lot of the Linux > Secuirty channel talk about containers as light weight virtualisation > so will never need to run a OS inside with a different LSM profile to > the master OS. If containers plan to go after brandz like containers > this needs to be made clear that LSM different processing will be > required. We have had that discussion mostly this appears to be a measure of matureness. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers