On Thu, 2009-01-15 at 09:25 -0800, Paul Menage wrote: > On Thu, Jan 15, 2009 at 5:57 AM, Stephan Peijnik <stephan@xxxxxxxxxx> wrote: > > > > So Paul, do you think the interface would be of any use to you? > > Potentially, yes. My concern was that we not add another new > (incomplete) userspace API in cgroups for doing socket permissions - > hooking into iptables was one way to do it, but if sactl is going to > become the official way to do this, then hooking a cgroups filter into > that seems like a good alternative. Just to clarify that: sactl is my pet project and inclusion in linux-next (or whenever) has not been discussed yet, but if enough potential users pop up I would love try getting it included. I rather meant to ask if this interface could be of any use to you (and others) and whether you would want/need any modifications to it, if there are any flaws in its design, bugs in the code, etc. -- Stephan _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers