On Sun, Jul 24, 2016 at 12:10:21AM -0500, Eric W. Biederman wrote: > Andrey Vagin <avagin@xxxxxxxxxx> writes: > > > Hello, > > > > I forgot to add --cc-cover for git send-email, so everyone who is in > > Cc got only a cover letter. All messages were sent in mail lists. > > > > Sorry for inconvenience. > > Mostly the code looked sensible. But I had a couple of issues. > Resend this in September (when the merge window is closed and I am back > from vacation) and I will give this a thorough review and get this > merged. Or possibly next week if Linus releases another -rc Eric, thank you for the detailed comments. I will rework this series and send it after the merge window. > > > On Thu, Jul 14, 2016 at 11:20 AM, Andrey Vagin <avagin@xxxxxxxxxx> wrote: > >> Each namespace has an owning user namespace and now there is not way > >> to discover these relationships. > >> > >> Pid and user namepaces are hierarchical. There is no way to discover > >> parent-child relationships too. > >> > >> Why we may want to know relationships between namespaces? > >> > >> One use would be visualization, in order to understand the running system. > >> Another would be to answer the question: what capability does process X have to > >> perform operations on a resource governed by namespace Y? > >> > >> One more use-case (which usually called abnormal) is checkpoint/restart. > >> In CRIU we age going to dump and restore nested namespaces. > >> > >> There [1] was a discussion about which interface to choose to determing > >> relationships between namespaces. > >> > >> Eric suggested to add two ioctl-s [2]: > >>> Grumble, Grumble. I think this may actually a case for creating ioctls > >>> for these two cases. Now that random nsfs file descriptors are bind > >>> mountable the original reason for using proc files is not as pressing. > >>> > >>> One ioctl for the user namespace that owns a file descriptor. > >>> One ioctl for the parent namespace of a namespace file descriptor. > >> > >> Here is an implementaions of these ioctl-s. > >> > >> [1] https://lkml.org/lkml/2016/7/6/158 > >> [2] https://lkml.org/lkml/2016/7/9/101 > >> > >> Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > >> Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > >> Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx> > >> Cc: "W. Trevor King" <wking@xxxxxxxxxx> > >> Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx> > >> Cc: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > > > Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers