Hello, Aristeu. On Mon, Jun 17, 2013 at 09:00:29AM -0400, Aristeu Rozanski wrote: > sure, I'm on it. that sounds like one of the versions of the hierarchy > patchset - having the local configuration saved but only applying what's > possible based on parent's state. Yes, basically, any configuration should be allowed but its application would be confined by its ancestors and a parent changing configuration should propagate the effective limits down the hierarchy but shouldn't affect the configurations directly - ie. if an ancestor adds a device to the list of disallowed devices and then removes it back, the whole subtree should return to the original state. As we're introducing an incompatible interface with cgroup_sane_behavior() anyway, if necessary, devcg can also change behaviors dependent on the flag. Not encouraged but given the breadth of the changes we're making with the flag, I don't think devcg would stand out too much by doing so. Thanks. -- tejun _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
