Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > Benjamin Thery <benjamin.thery@xxxxxxxx> writes: > > > Support for network namespaces in mainline is pretty complete for > > some time now, but there is still this issue with sysfs that prevents > > more people to use it easily. > > Ben your patchset is completely inappropriate. > > Temporarily adding elements to the ABI that we intend to remove > is not a proper solution to this problem. > > That user space visible ida you add is a namespace identifier that breaks > nested containers and migration. It is very very very wrong. I disagree (not surprising :) completely. The well-known userspace tools (ifconfig, ip, etc) will not see the lo@1, they'll see lo. Userspace in a container can either umount /sys completely, or do mount -t tmpfs none /sys/class/net mount --bind /sys/devices/virtual/net/lo@1 /sys/class/net/lo if they really want to, in which case only their view of /sys/devices/virtual/net would be different. Eric, would you hate this less if it was under some CONFIG_SYSFS_NETNS_HACK config variable? -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
