Quoting Sukadev Bhattiprolu (sukadev@xxxxxxxxxxxxxxxxxx): > > From: Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx> > Date: Mon, 8 Mar 2010 12:03:46 -0800 > Subject: [PATCH 14/14][user-cr] Minimize unshare() calls > > We currently have a few unshare() calls at different points in the > code. While these don't affect the restart application itself, the > excess calls create additional levels in the cgroup hierarchy, which > can surprise the administrator (or other users of the hierarchy > such as LXC. > > Rather than several unshare() calls, can we instead specify the > appropriate clone_flags while creating the coordinator/root process > of the application tree ? When this root process is created it can > remount /proc, remount devpts, chroot() etc if necessary. > > Note that for "new-container with init" and "subtree restart", the > first process is also the root of the application process tree. > > In the case of "new-container without init", the coordinator process > which acts as the container-init can do the setup. > > In case of self-restart, the main process itself can do the unshare. > > This patch has been very gently tested :-) but wanted to get more feedback > on the direction and see if there is an easier way. No objection from me on the direction or the code. Acked-by: Serge Hallyn <serue@xxxxxxxxxx> _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
