Daniel Lezcano wrote: > Pavel Emelyanov wrote: >>> So there are 2 cases: >>> * full isolation : restriction on VPS >>> * partial isolation : no restriction but *perhaps* problem when migrating >>> >>> Looks like we need an option per namespace to reduce the isolation for >>> af_unix sockets :) >>> - on (default): current behaviour => full isolation >>> - off : partial isolation >> You mean some sysctl, that enables/disables this check in unix_find_socket_byinode? > > Yes. OK. Den, please, do :) _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers