On Mon, May 23, 2011 at 03:43:03AM +0200, David Lamparter wrote: > Then I make a mount namespace, bind-mount the net namespace, bind mount > the mount namespace and terminate all processes that reference it (yes > this does work, i just checked [!]). Actually, Eric, bind-mounting a mount namespace inside itself should probably be forbidden? No idea if you changed that (running a year-old version of your patches here). Not only can you lose network namespaces inside those self-referential mount namespaces but also references to block devices, unix socket connections, etc. pp. -David _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
