[lxc-devel] per-session network namespace question
Daniel Lezcano
daniel.lezcano at free.fr
Thu Oct 15 12:55:03 UTC 2009
Wilhelm Meier wrote:
> Hi,
>
Hi Wilheim,
I am not sure I understand your question. Can you elaborate a little bit ?
Thanks
-- Daniel
> I'm looking for a possibiliy to dynamically setup a per-session
> network-namespace as an user logs into the machine.
The lxc tools allow to do that with the right configuration, you should
look at lxc-sshd example.
That runs container with a sshd inside with its own network stack and
rootfs. You can login the container with ssh.
> Preferably this
> should be done via some sort of pam-module like pam-namespace.
>
> The difficuly I see here is to move the newly created vethx to the first
> process-id in the user-session.
>
This is done automatically with lxc.
eg of configuration file:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.mtu = 1500
More information about the lxc-devel
mailing list