On Fri, Feb 14, 2014 at 08:49:07AM +0100, Richard Weinberger wrote:
Am 13.02.2014 18:16, schrieb Daniel P. Berrange:
On Tue, Feb 11, 2014 at 11:51:26PM +0100, Richard Weinberger wrote:
Due to security concerns we delegate only VIR_CGROUP_CONTROLLER_SYSTEMD
to containers.
Currently it is
Am 14.02.2014 11:30, schrieb Daniel P. Berrange:
On Fri, Feb 14, 2014 at 08:49:07AM +0100, Richard Weinberger wrote:
Am 13.02.2014 18:16, schrieb Daniel P. Berrange:
On Tue, Feb 11, 2014 at 11:51:26PM +0100, Richard Weinberger wrote:
Due to security concerns we delegate only
On Fri, Feb 14, 2014 at 12:11:13PM +0100, Richard Weinberger wrote:
Am 14.02.2014 11:30, schrieb Daniel P. Berrange:
On Fri, Feb 14, 2014 at 08:49:07AM +0100, Richard Weinberger wrote:
Am 13.02.2014 18:16, schrieb Daniel P. Berrange:
On Tue, Feb 11, 2014 at 11:51:26PM +0100, Richard
On Tue, Feb 11, 2014 at 11:51:26PM +0100, Richard Weinberger wrote:
Due to security concerns we delegate only VIR_CGROUP_CONTROLLER_SYSTEMD
to containers.
Currently it is not safe to allow a container access to a resource controller.
We *do* want to allow all controllers to be visible to the
Am 13.02.2014 18:16, schrieb Daniel P. Berrange:
On Tue, Feb 11, 2014 at 11:51:26PM +0100, Richard Weinberger wrote:
Due to security concerns we delegate only VIR_CGROUP_CONTROLLER_SYSTEMD
to containers.
Currently it is not safe to allow a container access to a resource
controller.
We
Due to security concerns we delegate only VIR_CGROUP_CONTROLLER_SYSTEMD
to containers.
Currently it is not safe to allow a container access to a resource controller.
Signed-off-by: Richard Weinberger rich...@nod.at
---
src/lxc/lxc_container.c | 3 ++-
src/util/vircgroup.c| 5 -