On 05/13/2010 09:34 PM, Serge E. Hallyn wrote:
> I would like to also automatically have /proc remounted, but
> that would require digging deeper into lxc_clone.
You should not make that automatically, especially in lxc-clone because
this function is just for cloning a process in a new namespace, nothing
more. We may want to access /proc after cloning, for example to reach
/proc/<pid>/ns/*. The automatic mount, should be done in your child
reaper (like lxc-init), otherwise let the container init to run the
services and mount /proc.
In the case of lxc_unshare, you can add a new option to remount /proc
when there is the pidns or the mountns options.
Otherwise, adding the NEWNS with the NEWPID makes sense for me.
Don't forget lxc_unshare is a simple tool, it is not supposed to replace
lxc-start/lxc-execute, at least it should do a bit more than the
"unshare" command.
> Mind you perhaps having NEWPID imply NEWNS should be done there,
> at src/lxc/namespace.c:lxc_clone anyway. I'm starting here...
> Won't be offended if it's rejected on those grounds :)
>
> Signed-off-by: Serge E. Hallyn<serue@xxxxxxxxxx>
> ---
> src/lxc/lxc_unshare.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c
> index 8db1cb7..8531b59 100644
> --- a/src/lxc/lxc_unshare.c
> +++ b/src/lxc/lxc_unshare.c
> @@ -49,6 +49,7 @@ void usage(char *cmd)
> "\t MOUNT, PID, UTSNAME, IPC, USER, NETWORK\n");
> fprintf(stderr, "\t -u<id> : new id to be set if -s USER is specified\n");
> fprintf(stderr, "\t if -s PID is specified,<command> is mandatory)\n");
> + fprintf(stderr, "\t If -s PID is specified, then -s MOUNT is implied\n");
> _exit(1);
> }
>
> @@ -213,6 +214,9 @@ int main(int argc, char *argv[])
> if (ret)
> usage(argv[0]);
>
> + if (flags& CLONE_NEWPID)
> + flags |= CLONE_NEWNS;
> +
> if (!(flags& CLONE_NEWUSER)&& uid != -1) {
> ERROR("-u<uid> needs -s USER option");
> return 1;
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/containers
