On Wed, Dec 10, 2014 at 8:39 AM, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > Will people please test these patches with their container project? > > These changes break container userspace (hopefully in a minimal way) if > I could have that confirmed by testing I would really appreciate it. I > really don't want to send out a bug fix that accidentally breaks > userspace again. > > The only issue sort of under discussion is if there is a better name for > /proc/<pid>/setgroups, and the name of the file will not affect the > functionality of the patchset. > > With the code reviewed and written in simple obviously correct, easily > reviewable ways I am hoping/planning to send this to Linus ASAP. I tested this with Sandstorm. It breaks as is and it works if I add the setgroups thing. Tested-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx> # breaks things as designed :( I still don't like the name "setgroups". --Andy > > Eric -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html