On Thu, 9 Oct 2014 16:05:19 +0000 Serge Hallyn <serge.hal...@ubuntu.com> wrote:
> Quoting Bertrand Paquet (bertrand.paq...@gmail.com): > > Hi all, > > > > I have noticed that changing the overcommit > > (/proc/sys/vm/overcommit_memory) mode inside a container change the > > overcommit mode of the host. Is it normal ? > > Yes, sadly those are not namespaced. The apparmor (and hopefully > selinux, I'm not sure bc I'm not sure what the selinux type on that > file is) profiles don't allow writing to those. Yep, the selinux policy doesn't allow lxc_t to write to sysctl_vm_t either. > > For /proc/sys/kernel/shmmax, the value seems to be local to the > > container. > > > > Regards, > > > > Bertrand > > > > PS : my LXC version : 1.0.1 > > > _______________________________________________ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-users > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users