's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
1: Add [PATCH 2/2] which was todo in [RFC v1].
2: Pass a test script for each function.
3: Rebase on top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Zhao Lei
Signed-off-by: Cao Shufeng
Cao Shufeng (2):
Make call_usermodehelper_exec possible to set n
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
Co-author-by: Zhao Lei
---
fs/coredump.c
From: Zhao Lei
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
Co-author-by: Zhao Lei
---
fs/coredump.c
odo in [RFC v1].
2: Pass a test script for each function.
3: Rebase on top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Zhao Lei
Signed-off-by: Cao Shufeng
Cao Shufeng (2):
Make call_usermodehelper_exec possible to set namespaces
Limit dump_pipe
From: Zhao Lei
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container
's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
odo in [RFC v1].
2: Pass a test script for each function.
3: Rebase on top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Zhao Lei
Signed-off-by: Cao Shufeng
Cao Shufeng (2):
Make call_usermodehelper_exec possible to set namespaces
Limit dump_pipe
From: Zhao Lei
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
Co-author-by: Zhao Lei
---
fs/coredump.c
's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
Co-author-by: Zhao Lei
---
fs/coredump.c
's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
From: Zhao Lei
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container
t by:
Andrei Vagin
Changelog v1(RFC)->v2:
1: Add [PATCH 2/2] which was todo in [RFC v1].
2: Pass a test script for each function.
3: Rebase on top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Zhao Lei
Signed-off-by: Cao Shufeng
Cao Shuf
n top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao Shufeng
Cao Shufeng (3):
Make call_usermodehelper_exec possible to set namespaces
Limit dump_pipe program's permission to init for container
Make core_pattern support namesp
's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
---
fs/coredump.c | 3 ++-
include
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container based on namespac
cleanup_intermediate is introduced for cleaning
up what we have done in init_intermediate, like switching back
the namespace.
This function is helpful for coredump to run pipe_program in
specific container environment.
Signed-off-by: Cao Shufeng
---
fs/coredump.c | 3 ++-
include
's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao ShuFeng
---
fs/coredump.c | 126 ++
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container based on namespac
gin
Changelog v1(RFC)->v2:
1: Add [PATCH 2/2] which was todo in [RFC v1].
2: Pass a test script for each function.
3: Rebase on top of v4.7.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Cao Shufeng
Cao Shufeng (3):
Make call_usermodehelper_exec possible to
ut in container's filesystem, and
write coredump into container's filesystem.
The dumper's permission is also limited into subset of container's init
process.
Suggested-by: Eric W. Biederman
Suggested-by: KOSAKI Motohiro
Signed-off-by: Zhao Lei
Co-Author
From: Zhao Lei
Current call_usermodehelper_exec() can not set pid namespace for
the executed program, because we need addition fork to make pid
namespace active.
This patch add above function for call_usermodehelper_exec().
When init_intermediate callback return -EAGAIN, the usermodehelper
will
From: Zhao Lei
Currently, each container shared one copy of coredump setting
with the host system, if host system changed the setting, each
running containers will be affected.
Same story happened when container changed core_pattern, both
host and other container will be affected.
For container
This patchset includes following function points:
1: Let usermodehelper function possible to set pid namespace
done by: [PATCH v3.1 1/3] Make call_usermodehelper_exec possible
to set pid namespace.
2: Let pipe_type core_pattern write dump into container's rootfs
done by: [PATCH v3.1 2/3] L
ping
在 2016-10-25二的 15:28 +0800,Cao Shufeng写道:
> This patchset includes following function points:
> 1: Let usermodehelper function possible to set pid namespace
>done by: [PATCH v4 1/3] Make call_usermodehelper_exec possible
>to set pid namespace.
> 2: Let pipe_type cor
ping
在 2017-02-08三的 11:00 +0800,Cao Shufeng写道:
> This patchset includes following function points:
> 1: Let usermodehelper function possible to set pid namespace
>done by: [PATCH v4 1/3] Make call_usermodehelper_exec possible
>to set pid namespace.
> 2: Let pipe_type cor
30 matches
Mail list logo
