Hey there,
I believe Christian may have relayed some of this already but on my
side, as much as I can sympathize with the annoyance of having to
support both cgroup1 and cgroup2 side by side, I feel that we're sadly
nowhere near the cut off point.
>From what I can gather from various stats we hav
On Thu, Jan 15, 2015 at 07:20:55PM +0100, Lennart Poettering wrote:
> On Thu, 15.01.15 12:14, Stéphane Graber (stgra...@ubuntu.com) wrote:
>
> > Hello,
> >
> > The last big issue I'm running into when running systemd in an
> > unprivileged LXC container is tha
existing mount_point_ignore function to ignore any mountpoint which is a
character or block device.
I tend to prefer the latter because it's future-proof and avoids
hardcoding paths, however it certainly is more likely to have
side-effects than the first (though I can't think of any o
On Fri, Jan 09, 2015 at 11:08:26AM +0100, David Herrmann wrote:
> Hi
>
> On Fri, Jan 9, 2015 at 12:07 AM, Stéphane Graber wrote:
> > This adds a new detect_userns function in virt.c which will check
> > whether systemd is running in the host user namespace (single map of a
On Fri, Jan 09, 2015 at 01:16:15AM +0100, Tom Gundersen wrote:
> On Fri, Jan 9, 2015 at 12:55 AM, Stéphane Graber wrote:
> > I expect we'll run into some more problems when dealing with units that
> > start with their own view of /dev since mknod in a userns isn't allo
On Fri, Jan 09, 2015 at 12:39:23AM +0100, Lennart Poettering wrote:
> On Thu, 08.01.15 15:33, Stéphane Graber (stgra...@ubuntu.com) wrote:
>
> > As far as I know there's no obvious way to detect this case (well,
> > short of trying a bunch of restricted syscalls). The only
On Thu, Jan 08, 2015 at 11:17:44PM +0100, Lennart Poettering wrote:
> On Thu, 08.01.15 14:27, Stéphane Graber (stgra...@ubuntu.com) wrote:
>
> > This adds a new detect_userns function in virt.c which will check
> > whether systemd is running in the host user namespace
This adds a new detect_userns function in virt.c which will check
whether systemd is running in the host user namespace (single map of all
available uids and gids) or is using a uid/gid map.
The check makes sure that uid_map and gid_map are both exactly equal to
the default host map (assuming 32bi
On Thu, Jan 08, 2015 at 09:25:07PM +0100, Tom Gundersen wrote:
> On Thu, Jan 8, 2015 at 8:59 PM, Stéphane Graber wrote:
> > On Thu, Jan 08, 2015 at 08:43:12PM +0100, Tom Gundersen wrote:
> >> On Thu, Jan 8, 2015 at 8:27 PM, Stéphane Graber
> >> wrote:
> >&g
On Thu, Jan 08, 2015 at 08:43:12PM +0100, Tom Gundersen wrote:
> On Thu, Jan 8, 2015 at 8:27 PM, Stéphane Graber wrote:
> > This adds a new detect_userns function in virt.c which will check
> > whether systemd is running in the host user namespace (single map of all
> > av
This adds a new detect_userns function in virt.c which will check
whether systemd is running in the host user namespace (single map of all
available uids and gids) or is using a uid/gid map.
The check makes sure that uid_map and gid_map are both exactly equal to
the default host map (assuming 32bi
In a user namespace, uid 0 is mapped to a non-root uid outside the
namespace. As a result, uid 0 in the namespace can only use the oom_adj
scores which a regular user can use, all others fail with EACCES.
This change makes it so that EACCES in a uid/gid shifted environment
only results in a log en
On Mon, Dec 29, 2014 at 02:32:36PM +0100, Lennart Poettering wrote:
> On Sun, 28.12.14 18:18, Stéphane Graber (stephane.gra...@canonical.com) wrote:
>
> > My host system doesn't have nspawn so I can't easily test it this way,
> > but it was my understanding tha
n
> --
> Martin Pitt| http://www.piware.de
> Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
--
Stéphane Graber
Ubuntu developer
http://www.canonical.com
signature.asc
Description: Digital signature
__
I figure before adding these controllers to the list systemd manages
> > we need to open the discussion with Tejun about the future of the
> > respective controllers...
> >
> > I think it would be better to apply a patch of thee downstream if at
> > all, for now, if you
15 matches
Mail list logo
