Hi,
I've looked around (see
https://discuss.linuxcontainers.org/t/cri-o-plugin-for-lxc/4324)
and found no existing open source wrapper for plugging lxc into cri-o. So
I've created github.com/lxc/crio-lxc. It's an empty repo right now. I have
an idea how I would like to go about it, but if ther
Hi everyone,
I'm currently with Cisco, working on a fun project involving, among
other things, nomad, lxc, and the usual sets of languages - go, python,
some c, some kernel stuff, some packaging. We're looking for several
people with varying skillsets - go programmers, containers and
cluster expe
Quoting Rafał Miłecki (ra...@milecki.pl):
> Hi,
>
> currently lxccontainer's API has two functions for getting net info:
> char** (*get_interfaces)(struct lxc_container *c);
> char** (*get_ips)(struct lxc_container *c, const char* interface,
> const char* family, int scope);
>
> I'd like to get m
Quoting Harald Dunkel (ha...@afaics.de):
> On 12/07/17 22:30, Serge E. Hallyn wrote:
> >
> > What filesystem are you using?
>
> ext4 on a drbd block device:
>
> /dev/drbd1 /data1 ext4 rw,noatime,stripe=256,data=ordered 0 0
I have to think drbd would be the problem
Quoting Harald Dunkel (harald.dun...@aixigo.de):
> Hi folks,
>
> If a LXC server ran for several weeks and if I try to stop a
> container, then the server gets stuck for a few minutes (see
> attachment).
>
> Please note the
>
> :
> [8541088.226013] Task dump for CPU 31:
> [8541088.226015] mount
agreed to both, lxc-update-config should delete it, and it should be
(initially the only) member of a (new) group of keys to ignore, bc
it cannot possibly hurt. Do you happen to have time to write one
or both patches?
thanks,
-serge
On Wed, Oct 04, 2017 at 03:35:08PM -0400, Adrian Pepper wrote:
Quoting Kees Bos (cornelis@gmail.com):
> I'm not using it, but do expect the extra args:
>
> while [ {{ '${#@}' }} -gt 3 ] ; do
> ...
> shift
> done
>
> It might be that some users will need the last extra argument (stage:
> pre-start|start|post-stop). This is currently not available in
Quoting T.C 吳天健 (tcwu2...@gmail.com):
> I found some service in container's OS failed to start. The error message
> is "execve permission denied".
> Finally I chmod 755 to all directories from '/' to rootfs and problem
> solved. For example, my container's rootfs is at /data/maru/con1, then
> chm
On Thu, Jul 27, 2017 at 02:48:28PM +0200, Harald Dunkel wrote:
> Hi Serge,
>
> apparently all these fixes have been lost on the 2.0 branch:
Hm. are you sure? When I get diff lxc-2.0.0.. templates/lxc-altlinux.in,
rsync does not show up.
It looks like these were done by commit
44d397891e691ab99
Wouldn't it be better to have configure.ac check for the presence of
the function and store that as a separate HAVE_CAP_GET_FILE ?
Quoting brauner on Github (lxc-...@linuxcontainers.org):
> The following pull request was submitted through Github.
> It can be accessed and reviewed at: https://githu
On Mon, Feb 27, 2017 at 11:42:49PM -0800, Cam Cope wrote:
> I need to run nested Ubuntu 12.04 and 14.04 containers on 16.04 hosts, and
> have noticed that the cgroups-lite script for mounting the cgroups inside
> the containers has stopped working. This is because systemd now comounts
> multiple co
On Tue, Nov 08, 2016 at 06:43:17AM +0100, Harald Dunkel wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Hi Serge,
>
> On 10/21/16 16:56, Serge E. Hallyn wrote:
> > Quoting Harald Dunkel (harald.dun...@aixigo.de):
> >> On 10/20/2016 03:39 PM, Se
Quoting Harald Dunkel (harald.dun...@aixigo.de):
> On 10/20/2016 03:39 PM, Serge E. Hallyn wrote:
> > On Wed, Oct 19, 2016 at 02:10:59PM +0200, Harald Dunkel wrote:
> >>
> >> Following the api I am forced to use root permission or some
> >> hard-to-configure sud
On Wed, Oct 19, 2016 at 02:10:59PM +0200, Harald Dunkel wrote:
> Hi folks,
>
> using an unprivileged account for monitoring lxc-cgroup
> returns a "permission denied" messages for something that
> is world readable in the /cgroup directory. Sample:
>
> % lxc-cgroup -P /data1/lxc -n jerry1 memory.
Quoting jirutka on Github (lxc-...@linuxcontainers.org):
> The following pull request was submitted through Github.
> It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1241
>
> This e-mail was sent by the LXC bot, direct replies will not reach the author
> unless they happen to b
> Here is the questions:
> 1) Does the lxc-2.0.0 supports file capability? If not, is there way make
> it works.
Nothing to do with lxc. THe kernel does not support file capabilities
inside a user namespace as of yet.
___
lxc-devel mailing list
lxc-de
On Fri, Aug 12, 2016 at 04:16:52PM +, Yinon wrote:
> Hey,
> I have an ununtu 4.2.0-16-generic wily 15.10.I had a privileged container,
> and now I want to add proc mount to it.I added this:lxc.mount.auto = proc
>
> But I keep getting this error:
> lxc-start 1471017966.046 ERROR lxc_c
Why? readdir is not thread-safe...
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
Hi everyone,
I'm intending to remove cgmanager from Debian. Upstream and distro
maintainers all agree this is the right thing to do, but I don't want
this to come as a surprise to anyone - so wanted to send out one last
email warning and asking if anyone is depending on it.
I've said I'll act on
Quoting Saint Michael (vene...@gmail.com):
> When I try to use fuse in a container, I get
> fuse: failed to open /dev/fuse: Operation not permitted
> In my config file I have
> lxc.mount.entry = /dev/fuse dev/fuse none bind,create=file
>
> How can I get back to be able to use fuse inside a contain
Quoting rsampaio on Github (lxc-...@linuxcontainers.org):
> The following pull request was submitted through Github.
> It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1069
>
> This e-mail was sent by the LXC bot, direct replies will not reach the author
> unless they happen to
Quoting Laurent Vivier (laur...@vivier.eu):
>
>
> Le 17/06/2016 à 03:19, Laurent Vivier a écrit :
> > The first patch defines a default password for root.
> > The two following ones are copied from lxc-ubuntu to
> > allow to flush cache and to support btrfs snapshot
> > of the cache.
> >
> > Lau
Quoting Harald Dunkel (ha...@afaics.de):
> Hi Serge,
>
> On 06/15/16 19:00, Serge E. Hallyn wrote:
> > Quoting Harald Dunkel (harald.dun...@aixigo.de):
> >>
> >> Using "rsync -SHaAX" in lxc-debian it works (on Jessie).
> >> Attach
Quoting Laurent Vivier (laur...@vivier.eu):
> copied from lxc-ubuntu.in
>
> Signed-off-by: Laurent Vivier
Acked-by: Serge Hallyn
although note that the rsync at bottom will conflict with Harald's
patch to make rsync respect xattrs (no big deal).
> ---
> templates/lxc-debian.in | 55
> ++
Quoting Laurent Vivier (laur...@vivier.eu):
> copied from lxc-ubuntu.in
>
> Signed-off-by: Laurent Vivier
Acked-by: Serge Hallyn
> ---
> templates/lxc-debian.in | 14 --
> 1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/templates/lxc-debian.in b/templates/lxc-de
Quoting Laurent Vivier (laur...@vivier.eu):
> Signed-off-by: Laurent Vivier
Sorry but isn't this a regression? How about making this subject to a
--default-password argument or something?
I think Michael said he might be around right now, and at one point
he was trying to standardize this acros
Quoting Harald Dunkel (harald.dun...@aixigo.de):
> Hi Serge,
>
> On 06/14/16 17:10, Serge E. Hallyn wrote:
> >
> > Well I notice that copy_debian() rsyncs without -X. Does
> > adding -X fix it for you?
>
> Using "rsync -SHaAX" in lxc-debian it w
On Tue, Jun 14, 2016 at 10:59:51AM +0200, Harald Dunkel wrote:
> Hi folks,
>
> Problem: A container setup with "lxc-create -t debian" has
> lost its file-based capabilities (used by systemd, ping,
> iputils, ...). I didn't check other template scripts, but
> since the major suspect is tar (used fo
Quoting James Pic (james...@gmail.com):
> Hi all \o/
>
> There's been a lot of discussion around pylxd since a PR has been
> opened on Ansible to include an lxd_container module. It's really long
> so I'll try to brief you about it in this email, but FTR here it is:
> https://github.com/ansible/an
On Mon, Feb 29, 2016 at 03:38:20PM -0600, Serge E. Hallyn wrote:
> On Fri, Jan 29, 2016 at 01:31:51AM -0600, Serge E. Hallyn wrote:
> > On Wed, Jan 27, 2016 at 04:36:02PM -0800, Andy Lutomirski wrote:
> > > On Wed, Jan 27, 2016 at 9:22 AM, Jann Horn wrote:
> > > >
On Fri, Jan 29, 2016 at 01:31:51AM -0600, Serge E. Hallyn wrote:
> On Wed, Jan 27, 2016 at 04:36:02PM -0800, Andy Lutomirski wrote:
> > On Wed, Jan 27, 2016 at 9:22 AM, Jann Horn wrote:
> > > I think it sounds good from a security perspective.
> >
> > I'm a
On Fri, Feb 12, 2016 at 11:09:06AM -0500, Tejun Heo wrote:
> Hello,
>
> On Fri, Feb 12, 2016 at 12:18:28AM +0100, Alban Crequy wrote:
> > I just noticed commit c38c4597e4bf ("netfilter: implement xt_cgroup
> > cgroup2 path match") which, as far as I understand, introduces a new
> > userland facing
> new cgroup2 filesystem. Therefore this does not test that the cgroup2
> mount is correctly rooted to the cgroupns root at mount time.
>
> Signed-off-by: Alban Crequy
Thanks, Alban!
> Acked-by: Serge E. Hallyn
>
> ---
>
> Changelog:
> 20160131 - rebase on
On Wed, Jan 27, 2016 at 04:36:02PM -0800, Andy Lutomirski wrote:
> On Wed, Jan 27, 2016 at 9:22 AM, Jann Horn wrote:
> > I think it sounds good from a security perspective.
>
> I'm a bit late to the game, but I have a question: why should this be
> keyed to the *root* uid of the namespace in part
On Wed, Jan 20, 2016 at 01:48:16PM +0100, Jann Horn wrote:
> On Fri, Dec 04, 2015 at 02:21:16PM -0600, Serge E. Hallyn wrote:
> > Quoting Eric W. Biederman (ebied...@xmission.com):
> > > "Serge E. Hallyn" writes:
> > >
> > > > A common way for dae
On Fri, Dec 04, 2015 at 02:21:16PM -0600, Serge E. Hallyn wrote:
> Quoting Eric W. Biederman (ebied...@xmission.com):
> > "Serge E. Hallyn" writes:
> >
> > > A common way for daemons to run with minimal privilege is to start as
> > > root,
> > &
Introduce the ability to create new cgroup namespace. The newly created
cgroup namespace remembers the cgroup of the process at the point
of creation of the cgroup namespace (referred as cgroupns-root).
The main purpose of cgroup namespace is to virtualize the contents
of /proc/self/cgroup file. Pr
On Mon, Jan 04, 2016 at 06:53:08PM -0600, Serge E. Hallyn wrote:
> Ok, please hold off on this, there is another locking question i need to look
> into :(
With my v2 of patch 3 this is resolved, thanks.
___
lxc-devel mailing list
lxc
Introduce the ability to create new cgroup namespace. The newly created
cgroup namespace remembers the cgroup of the process at the point
of creation of the cgroup namespace (referred as cgroupns-root).
The main purpose of cgroup namespace is to virtualize the contents
of /proc/self/cgroup file. Pr
Ok, please hold off on this, there is another locking question i need to look
into :(
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
On Mon, Jan 04, 2016 at 01:54:48PM -0600, serge.hal...@ubuntu.com wrote:
> From: Aditya Kali
>
> Introduce the ability to create new cgroup namespace. The newly created
> cgroup namespace remembers the cgroup of the process at the point
> of creation of the cgroup namespace (referred as cgroupns-
On Fri, Jan 01, 2016 at 01:42:57AM -0800, Dan Williams wrote:
> On Fri, Jan 1, 2016 at 12:59 AM, Serge E. Hallyn
> wrote:
> > On Fri, Jan 01, 2016 at 12:19:44AM -0800, Dan Williams wrote:
> >> On Tue, Dec 22, 2015 at 8:23 PM, wrote:
> >> > Hi,
> >>
On Fri, Jan 01, 2016 at 12:19:44AM -0800, Dan Williams wrote:
> On Tue, Dec 22, 2015 at 8:23 PM, wrote:
> > Hi,
> >
> > following is a revised set of the CGroup Namespace patchset which Aditya
> > Kali has previously sent. The code can also be found in the cgroupns.v8
> > branch of
> >
> > https
On Thu, Dec 31, 2015 at 10:38:22PM +0900, Sergey Senozhatsky wrote:
> On (12/22/15 22:23), serge.hal...@ubuntu.com wrote:
> [..]
> > root = kzalloc(sizeof(*root), GFP_KERNEL);
> > if (!root) {
> > ret = -ENOMEM;
> > @@ -2124,12 +2143,30 @@ out_free:
> > kfree(opts.release_ag
Introduce the ability to create new cgroup namespace. The newly created
cgroup namespace remembers the cgroup of the process at the point
of creation of the cgroup namespace (referred as cgroupns-root).
The main purpose of cgroup namespace is to virtualize the contents
of /proc/self/cgroup file. Pr
The new function kernfs_path_from_node() generates and returns kernfs
path of a given kernfs_node relative to a given parent kernfs_node.
Signed-off-by: Aditya Kali
Signed-off-by: Serge E. Hallyn
Acked-by: Greg Kroah-Hartman
---
Changelog 20151125:
- Fully-wing multilinecomments
- Rework
On Wed, Dec 23, 2015 at 11:08:54AM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Tue, Dec 22, 2015 at 10:23:22PM -0600, serge.hal...@ubuntu.com wrote:
> > @@ -164,18 +286,39 @@ void pr_cont_kernfs_name(struct kernfs_node *kn)
> > void pr_cont_kernfs_path(struct kernfs_node *kn)
> > {
> > un
On Thu, Dec 10, 2015 at 06:58:58PM -0500, Stéphane Graber wrote:
> Signed-off-by: Stéphane Graber
Thanks, that's what I thought would have to happen when the problem
came up earlier.
Only thing is you have to free the path when done. After that,
Acked-by: Serge Hallyn
Oh wait, one other thin
On Wed, Dec 09, 2015 at 05:36:51PM -0500, Tejun Heo wrote:
> Hey,
>
> On Wed, Dec 09, 2015 at 10:13:27PM +, Serge Hallyn wrote:
> > we can rename kn_root to from here if you think that's clearer (and
> > change the order here as well).
>
> I think it'd be better for them to be consistent and
On Wed, Dec 09, 2015 at 05:36:51PM -0500, Tejun Heo wrote:
> Hey,
>
> On Wed, Dec 09, 2015 at 10:13:27PM +, Serge Hallyn wrote:
> > we can rename kn_root to from here if you think that's clearer (and
> > change the order here as well).
>
> I think it'd be better for them to be consistent and
On Tue, Dec 08, 2015 at 06:51:20AM -0500, Greg KH wrote:
> On Mon, Dec 07, 2015 at 05:06:16PM -0600, serge.hal...@ubuntu.com wrote:
> > From: Aditya Kali
> >
> > The new function kernfs_path_from_node() generates and returns kernfs
> > path of a given kernfs_node relative to a given parent kernfs
On Tue, Dec 08, 2015 at 11:20:40AM -0500, Tejun Heo wrote:
> Hello,
>
> On Mon, Dec 07, 2015 at 05:06:20PM -0600, serge.hal...@ubuntu.com wrote:
> > fs/kernfs/mount.c | 74
> >
> > include/linux/kernfs.h |2 ++
> > kernel/cgroup.c
On Tue, Dec 08, 2015 at 02:46:00PM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Tue, Dec 08, 2015 at 01:34:31PM -0600, Serge E. Hallyn wrote:
> > > I'd prefer collecting all ns related declarations in a single place.
> >
> > I can group some of
On Tue, Dec 08, 2015 at 11:04:53AM -0500, Tejun Heo wrote:
> On Mon, Dec 07, 2015 at 05:06:18PM -0600, serge.hal...@ubuntu.com wrote:
> > static const char *proc_ns_follow_link(struct dentry *dentry, void
> > **cookie)
> > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
> > index 2b3
On Tue, Dec 08, 2015 at 10:52:51AM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Mon, Dec 07, 2015 at 05:06:16PM -0600, serge.hal...@ubuntu.com wrote:
> > +/* kernfs_node_depth - compute depth from @from to @to */
> > +static size_t kernfs_node_distance(struct kernfs_node *from, struct
> > kernf
On Tue, Dec 08, 2015 at 11:20:40AM -0500, Tejun Heo wrote:
> Hello,
>
> On Mon, Dec 07, 2015 at 05:06:20PM -0600, serge.hal...@ubuntu.com wrote:
> > fs/kernfs/mount.c | 74
> >
> > include/linux/kernfs.h |2 ++
> > kernel/cgroup.c
On Tue, Dec 08, 2015 at 10:52:51AM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Mon, Dec 07, 2015 at 05:06:16PM -0600, serge.hal...@ubuntu.com wrote:
> > +/* kernfs_node_depth - compute depth from @from to @to */
> > +static size_t kernfs_node_distance(struct kernfs_node *from, struct
> > kernf
On Tue, Dec 08, 2015 at 11:10:03AM +0100, Alban Crequy wrote:
> Hi,
>
> Thanks for the patches!
>
> On 8 December 2015 at 00:06, wrote:
> > Hi,
> >
> > following is a revised set of the CGroup Namespace patchset which Aditya
> > Kali has previously sent. The code can also be found in the cgrou
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Serge E. Hallyn" writes:
>
> > A common way for daemons to run with minimal privilege is to start as root,
> > perhaps setuid-root, choose a desired capability set, set PR_SET_KEEPCAPS,
> > then change
On Wed, Dec 02, 2015 at 12:05:51PM -0500, Tejun Heo wrote:
> On Wed, Dec 02, 2015 at 11:02:39AM -0600, Serge E. Hallyn wrote:
> > On Wed, Dec 02, 2015 at 11:58:39AM -0500, Tejun Heo wrote:
> > > On Wed, Dec 02, 2015 at 10:56:37AM -0600, Serge E. Hallyn wrote:
> > > >
On Wed, Dec 02, 2015 at 11:58:39AM -0500, Tejun Heo wrote:
> On Wed, Dec 02, 2015 at 10:56:37AM -0600, Serge E. Hallyn wrote:
> > Can it be flushed when we know that the cgroup is being pinned by
> > a css_set? (There's either a task or a cgroup_namespace pinning it
> &g
On Wed, Dec 02, 2015 at 11:53:12AM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Tue, Dec 01, 2015 at 03:58:53PM -0600, Serge E. Hallyn wrote:
> > I mispoke before though - it's not the hierarchy's root dentry,
> > but rather a dentry for a descendent cgroup which
On Tue, Dec 01, 2015 at 11:46:49AM -0500, Tejun Heo wrote:
> Hey, Serge.
>
> On Mon, Nov 30, 2015 at 10:07:04PM -0600, Serge E. Hallyn wrote:
> > So actually the way the code is now, the first mount cannot
> > be done from a non-init user namespace; and kernfs_obtain_root
On Mon, Nov 30, 2015 at 10:09:38AM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Thu, Nov 26, 2015 at 11:17:45PM -0600, Serge E. Hallyn wrote:
> > > Wouldn't it be simpler to walk dentry from kernfs root than
> > > duplicating dentry instantiation?
> >
On Mon, Nov 30, 2015 at 05:08:34PM -0600, Eric W. Biederman wrote:
> "Serge E. Hallyn" writes:
>
> > A common way for daemons to run with minimal privilege is to start as root,
> > perhaps setuid-root, choose a desired capability set, set PR_SET_KEEPCAPS,
> &g
On Mon, Nov 30, 2015 at 05:53:18PM -0500, Tejun Heo wrote:
> Hello, Serge.
>
> On Mon, Nov 30, 2015 at 12:37:58PM -0600, Serge E. Hallyn wrote:
> > > Yeah, I agree but the name is kinda misleading tho. The output isn't
> > > really a relative path but rather abs
A common way for daemons to run with minimal privilege is to start as root,
perhaps setuid-root, choose a desired capability set, set PR_SET_KEEPCAPS,
then change uid to non-root. A simpler way to achieve this is to set file
capabilities on a not-setuid-root binary. However, when installing a pac
On Mon, Nov 30, 2015 at 10:11:47AM -0500, Tejun Heo wrote:
> Hello,
>
> On Thu, Nov 26, 2015 at 11:25:11PM -0600, Serge E. Hallyn wrote:
> > > > + /* Short-circuit the easy case - kn_to is the root node. */
> > > > + if ((kn_from == kn_t
On Tue, Nov 24, 2015 at 11:16:30AM -0500, Tejun Heo wrote:
> Hello,
>
> On Mon, Nov 16, 2015 at 01:51:38PM -0600, se...@hallyn.com wrote:
> > +static char * __must_check kernfs_path_from_node_locked(
(Note I've rewritten this to find a common ancestor and walk back to
and from that, as you sugges
On Tue, Nov 24, 2015 at 12:16:10PM -0500, Tejun Heo wrote:
> Hello,
>
> On Mon, Nov 16, 2015 at 01:51:44PM -0600, se...@hallyn.com wrote:
> > +struct dentry *kernfs_obtain_root(struct super_block *sb,
> > + struct kernfs_node *kn)
> > +{
> > + struct dentry *dentry;
>
On Tue, Nov 24, 2015 at 12:16:10PM -0500, Tejun Heo wrote:
...
> > + if (ns != &init_cgroup_ns) {
> > + struct dentry *nsdentry;
> > + struct cgroup *cgrp;
> > +
> > + cgrp = cset_cgroup_from_root(ns->root_cgrps, root);
> > +
On Tue, Nov 24, 2015 at 11:30:56AM -0500, Tejun Heo wrote:
> Hello,
>
> On Mon, Nov 16, 2015 at 01:51:41PM -0600, se...@hallyn.com wrote:
> > From: Aditya Kali
> >
> > move cgroup_get() and cgroup_put() into cgroup.h so that
> > they can be called from other places.
> >
> > Signed-off-by: Adity
On Tue, Nov 24, 2015 at 11:17:09AM -0500, Tejun Heo wrote:
> Oops, also please cc Greg Kroah-Hartman
> on kernfs changes.
Will do. Thank you for all the feedback. I'll send out a new set
when I get it all addressed.
___
lxc-devel mailing list
lxc-deve
On Wed, Nov 18, 2015 at 03:18:44AM -0600, Eric W. Biederman wrote:
> "Serge E. Hallyn" writes:
>
> > On Mon, Nov 16, 2015 at 04:24:27PM -0600, Eric W. Biederman wrote:
> >> Similary have you considered what it required to be able to safely set
> >> FS_USER
On Mon, Nov 16, 2015 at 04:24:27PM -0600, Eric W. Biederman wrote:
> Similary have you considered what it required to be able to safely set
> FS_USERNS_MOUNT?
I pushed the one patch which I feel is needed to my branch (it's also
included in another reply). Aditya had already added FS_USERNS_MOUNT
On Mon, Nov 16, 2015 at 07:40:26PM -0600, Serge E. Hallyn wrote:
> On Mon, Nov 16, 2015 at 07:13:49PM -0600, Serge E. Hallyn wrote:
> > On Mon, Nov 16, 2015 at 04:24:27PM -0600, Eric W. Biederman wrote:
...
> > > Similary have you considered what it required to be
On Mon, Nov 16, 2015 at 07:13:49PM -0600, Serge E. Hallyn wrote:
> On Mon, Nov 16, 2015 at 04:24:27PM -0600, Eric W. Biederman wrote:
> > "Serge E. Hallyn" writes:
> >
> > > On Mon, Nov 16, 2015 at 09:50:55PM +0100, Richard Weinberger wrote:
> > >>
On Mon, Nov 16, 2015 at 04:24:27PM -0600, Eric W. Biederman wrote:
> "Serge E. Hallyn" writes:
>
> > On Mon, Nov 16, 2015 at 09:50:55PM +0100, Richard Weinberger wrote:
> >> Am 16.11.2015 um 21:46 schrieb Serge E. Hallyn:
> >> > On Mon, Nov 16, 2015 at
On Mon, Nov 16, 2015 at 09:50:55PM +0100, Richard Weinberger wrote:
> Am 16.11.2015 um 21:46 schrieb Serge E. Hallyn:
> > On Mon, Nov 16, 2015 at 09:41:15PM +0100, Richard Weinberger wrote:
> >> Serge,
> >>
> >> On Mon, Nov 16, 2015 at 8:51 PM, wro
On Mon, Nov 16, 2015 at 09:41:15PM +0100, Richard Weinberger wrote:
> Serge,
>
> On Mon, Nov 16, 2015 at 8:51 PM, wrote:
> > To summarize the semantics:
> >
> > 1. CLONE_NEWCGROUP re-uses 0x0200, which was previously CLONE_STOPPED
> >
> > 2. unsharing a cgroup namespace makes all your curren
Quoting Marian Marinov (m...@1h.com):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 06/03/2014 08:54 PM, Eric W. Biederman wrote:
> > Serge Hallyn writes:
> >
> >> Quoting Pavel Emelyanov (xe...@parallels.com):
> >>> On 05/29/2014 07:32 PM, Serge Hallyn wrote:
> Quoting Marian Ma
Quoting Seth Forshee (seth.fors...@canonical.com):
> On Fri, May 23, 2014 at 03:23:50PM -0700, Eric W. Biederman wrote:
> > Serge Hallyn writes:
> >
> > > Quoting Eric W. Biederman (ebied...@xmission.com):
> > >>
> > >>
> > >> >> Ultimately the technical challenge is how do we create a block de
Quoting Michael H. Warfield (m...@wittsend.com):
> On Mon, 2014-05-26 at 11:16 +0200, Seth Forshee wrote:
> > On Fri, May 23, 2014 at 08:48:25AM +0300, Marian Marinov wrote:
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA1
> > >
> > > One question about this patch.
> > >
> > > Why don't
20/2014 05:19 PM, Serge Hallyn wrote:
> > > > > Quoting Andy Lutomirski (l...@amacapital.net):
> > > > >> On May 15, 2014 1:26 PM, "Serge E. Hallyn" wrote:
> > > > >>>
> > > > >>> Quoting Richard Weinberger
Quoting Seth Forshee (seth.fors...@canonical.com):
> On Fri, May 16, 2014 at 09:31:37PM -0700, Eric W. Biederman wrote:
> > Greg Kroah-Hartman writes:
> >
> > > On Fri, May 16, 2014 at 01:49:59AM +, Serge Hallyn wrote:
> > >> > I think having to pick and choose what device nodes you want in a
Quoting James Bottomley (james.bottom...@hansenpartnership.com):
> On Fri, 2014-05-16 at 11:57 -0700, Greg Kroah-Hartman wrote:
> > On Fri, May 16, 2014 at 09:06:07AM -0500, Seth Forshee wrote:
> > > On Thu, May 15, 2014 at 09:35:32PM -0700, Greg Kroah-Hartman wrote:
> > > > On Fri, May 16, 2014 at
Quoting Richard Weinberger (rich...@nod.at):
> Am 15.05.2014 21:50, schrieb Serge Hallyn:
> > Quoting Richard Weinberger (richard.weinber...@gmail.com):
> >> On Thu, May 15, 2014 at 4:08 PM, Greg Kroah-Hartman
> >> wrote:
> >>> Then don't use a container to build such a thing, or fix the build
> >
87 matches
Mail list logo
