On 01/20, Bryan Donlan wrote: > > On Sat, Jan 17, 2009 at 3:26 PM, Sukadev Bhattiprolu > <sukadev@xxxxxxxxxxxxxxxxxx> wrote: > > > > - container-init may be immune to unhandled fatal signals (like > > SIGUSR1) even if they are from ancestor namespace (SIGKILL is > > the only reliable signal from ancestor namespace). > > SIGSTOP is normally uncatchable; I note that patch 4 states that > SIGSTOP is allowed through to container-init, but given this summary > is SIGSTOP still reliable when sent to a container-init from an > ancestor namespace? Yes we should handle SIGSTOP fine if it sent from the parent namespace. Also. Currently it is possible to ptrace the global init, but even ptracer can't stop it (but ptrace_stop() works). With these patches ptracer can stop init. I forgot to mention this behaviour change, imho this side-effect is good. Oleg. _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
