Andy Lutomirski <luto@xxxxxxxxxxxxxx> writes: > Unless I'm missing some trick, it's currently rather painful to mount > a namespace /proc. You have to actually be in the pid namespace to > mount the correct /proc instance, and you can't unmount the old /proc > until you've mounted the new /proc. This means that you have to fork > into the new pid namespace before you can finish setting it up. Yes. You have to be inside just about all namespaces before you can finish setting them up. I don't know the context in which needed to be inside the pid namespace is a burden. > Would it make sense to add a mount option to procfs to request a mount > for pid_ns_for_children instead of task_active_pid_ns? This is about the using setns and unshare? Adding a proc amount option that takes a pid namespace file descriptor would be the general solution, and might be worth implementing. Getting a pid namespace file descriptors when there are no pids might be a challenge. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
