subject:"\\\\\\\[libvirt\\\\\\\] \\\\\\\[PATCH RFC\\\\\\\] LXC\\\\\\\: don't RO mount \\\\\\\/proc, \\\\\\\/sys when user namespce enabled"

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2015-01-05 Thread Chen, Hanxiao

-Original Message- From: libvir-list-boun...@redhat.com [mailto:libvir-list-boun...@redhat.com] On Behalf Of Chen Hanxiao Sent: Monday, December 22, 2014 11:57 AM To: libvir-list@redhat.com Subject: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2014-12-24 Thread Richard Weinberger

RO mount /proc, /sys when user namespce enabled On Mon, Dec 22, 2014 at 4:12 PM, Eric Blake ebl...@redhat.com wrote: On 12/21/2014 08:57 PM, Chen Hanxiao wrote: s/namespce/namespace/ in the subject line If we enabled user ns and provided a uid/gid map, we do not need to mount /proc, /sys

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2014-12-23 Thread Richard Weinberger

On Mon, Dec 22, 2014 at 4:12 PM, Eric Blake ebl...@redhat.com wrote: On 12/21/2014 08:57 PM, Chen Hanxiao wrote: s/namespce/namespace/ in the subject line If we enabled user ns and provided a uid/gid map, we do not need to mount /proc, /sys as readonly. Leave it to kernel for protection.

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2014-12-23 Thread Chen, Hanxiao

-Original Message- From: Richard Weinberger [mailto:richard.weinber...@gmail.com] Sent: Wednesday, December 24, 2014 5:36 AM To: Eric Blake Cc: Chen, Hanxiao/陈晗霄; libvir-list@redhat.com Subject: Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2014-12-22 Thread Eric Blake

On 12/21/2014 08:57 PM, Chen Hanxiao wrote: s/namespce/namespace/ in the subject line If we enabled user ns and provided a uid/gid map, we do not need to mount /proc, /sys as readonly. Leave it to kernel for protection. Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com ---

[libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

2014-12-21 Thread Chen Hanxiao

If we enabled user ns and provided a uid/gid map, we do not need to mount /proc, /sys as readonly. Leave it to kernel for protection. Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 6 ++ 1 file changed, 6 insertions(+) diff --git

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

[libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

6 matches

Site Navigation

Mail list logo

Footer information