[cgmanager-devel] [cgmanager/cgmanager] ad4994: README: think through special cases
GitHub
noreply at github.com
Mon Feb 24 22:32:31 UTC 2014
Branch: refs/heads/master
Home: https://github.com/cgmanager/cgmanager
Commit: ad49947c612fb9a1e05de3487aa0d2e391c11d93
https://github.com/cgmanager/cgmanager/commit/ad49947c612fb9a1e05de3487aa0d2e391c11d93
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M README
Log Message:
-----------
README: think through special cases
think through special cases for older kernels.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: e612928fbcba24d2d1a7085799bf6242d8c70012
https://github.com/cgmanager/cgmanager/commit/e612928fbcba24d2d1a7085799bf6242d8c70012
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M access_checks.c
M frontend.c
Log Message:
-----------
Update cross-namespace behavior
As per the newly added section to README:
If we are on an older kernel, the only calls we want to reject are
MovePidAbs. The others will confuse the caller, but not compromise
the host.
On newer kernels we do want to avoid calls which can only confuse
the caller, so require a proxy for those. There is no good case for
allowing those calls.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: a30d8144512376b17b9ef35100907dcfc832e852
https://github.com/cgmanager/cgmanager/commit/a30d8144512376b17b9ef35100907dcfc832e852
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M cgmanager.c
M frontend.c
Log Message:
-----------
move_pid: stick to what the README says
If the kernel does not support /proc/pid/ns/pid, then don't
require an scm call. Rather, require that the target pid be
in a child cgroup of the proxy.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 4987e495cf74087cc84b4d84642c072c29cf6dc0
https://github.com/cgmanager/cgmanager/commit/4987e495cf74087cc84b4d84642c072c29cf6dc0
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M cgmanager.c
Log Message:
-----------
cgmanager_chown_main: don't fail for root on old kernel
If our kernel doesn't do user namespaces, still allow root
to chown.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 3b25f3f969851d16f6800574b39891879f703c65
https://github.com/cgmanager/cgmanager/commit/3b25f3f969851d16f6800574b39891879f703c65
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M tests/test19.sh
Log Message:
-----------
test19: give the test something to escape from
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: f925157090f694cf23195da40323e1668dd4796c
https://github.com/cgmanager/cgmanager/commit/f925157090f694cf23195da40323e1668dd4796c
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2014-02-24 (Mon, 24 Feb 2014)
Changed paths:
M tests/test19.sh
Log Message:
-----------
test19: final cg may not be original
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Compare: https://github.com/cgmanager/cgmanager/compare/a3970f6b7b51...f925157090f6
More information about the cgmanager-devel
mailing list