Clark Williams <willi...@redhat.com> writes: > The more I look at that the more I think I should nuke CLONE_NEWPID in > mock. It came in with a commit that added NEWIPC, which I think is valid > for mock managing a chroot, but we're not looking to do full-up > containers at this point and it looks like containers is the only place > you'd want to start a new set of pids.
Just taking the code out seems reasonable. Howerver there is a practical use for a pid namespace in a setup like mock. A pid namespace makes it so your sub processes can not reparent and get away from you, which could be handy in case someone starts a system daemon in a post install script. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
