vserver development mailing list: Re: [vserver] 2.6: less is more

Re: [vserver] 2.6: less is more:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Enrico Scholz (enrico.scholz_at_informatik.tu-chemnitz.de)
Date: Thu 25 Sep 2003 - 21:36:38 BST

Previous message: Tomas Fasth: "Re: [vserver] vserver Google topspot..."
In reply to: Rik van Riel: "[vserver] 2.6: less is more"
Next in thread: Alex Lyashkov: "Re: [vserver] 2.6: less is more"
Reply: Alex Lyashkov: "Re: [vserver] 2.6: less is more"

riel_at_surriel.com (Rik van Riel) writes:

> - unbreakable chroot
> --> filesystem namespaces, CLONE_NS, recursive bind mount
> (already in 2.4 and 2.6 kernels, needs userspace helper)

Unfortunately, CAP_SYS_ADMIN capabilities are required for CLONE_NEWNS. So,
vservers within vservers will be impossible with this method.

Another problem is that 'vserver XXX enter' can not be used anymore. Or
does there exist a way to enter the namespace of foreign processes?
Doing the mounts on every 'enter' seems to be expensive on the first
glance.

Enrico

Previous message: Tomas Fasth: "Re: [vserver] vserver Google topspot..."
In reply to: Rik van Riel: "[vserver] 2.6: less is more"
Next in thread: Alex Lyashkov: "Re: [vserver] 2.6: less is more"
Reply: Alex Lyashkov: "Re: [vserver] 2.6: less is more"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 25 Sep 2003 - 22:33:00 BST by hypermail 2.1.3