Quoting Glauber Costa (glommer@xxxxxxxxxxxxx): > On 03/15/2013 06:07 PM, Serge Hallyn wrote: > > Quoting Glauber Costa (glommer@xxxxxxxxxxxxx): > >> Most of the other subsystems already keep track of that in some way. We > >> will do that internally and provide a test to determine whether or not > >> our task is in a device cgroup that is not the root one. We can relax > >> some of our checks in that case, trusting that whoever set device cgroup > >> rules will be responsible to control access to their devices. > >> > >> Signed-off-by: Glauber Costa <glommer@xxxxxxxxxxxxx> > >> Cc: Aristeu Rozanski <aris@xxxxxxxxxx> > >> Cc: Eric Biederman <ebiederm@xxxxxxxxxxxx> > >> Cc: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > > > > Patch looks fine. AFAIK we're still waiting on Aristeu's patchset to > > hit upstream. As your patches are simpler I'd prefer, if there is > > churn, for yours to be refactored than his. > > > I have no problem with that. There is also a small build issue here that > needs to be fixed. If you allow me, with my guarantees that the patch > will be preserved in spirit I will keep your ack after any refactoring =) > Of course :) Please keep my ack on it so long as you don't feel any substantive changes were needed :) -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
