Quoting Gyeongmin Kim ([email protected]): > Dear, All > > Have been using kvm or qemu to create build environment in my build system > However, It's slow performance of the kvm or qemu > So, Considering changing to lxc for to create the build environment > > But, build in opensuse ( > http://www.rpmfind.net//linux/RPM/opensuse/factory/armv7hl/noarch/build-20150317-1.1.noarch.html) > said that 'This may be not 100% safe' > > $ build --help > ... > --lxc > Use Linux Containers to isolate the process. This may not be > 100% safe. > ... > > Of course, guaranteed to be 100% safe be vary hard > Why not safe for any reason to build environment ( including cross > compilation) ?
It depends on how you configure the containers. If they are not using a private user namespace, then they are quite a bit less safe. If they are using lxc.id_map, seccomp, and apparmor or selinux, then you should be quite safe - but certain things (software that wants to create devices during build) will fail. -serge _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
