[lxc-devel] [PATCH] Unshare user namespace as well
Daniel Lezcano
daniel.lezcano at free.fr
Wed May 5 15:32:55 UTC 2010
Mikhail Gusarov wrote:
> Daniel.
>
> >> Unshare user namespace to make sure setrlimit and other per-user
> >> limits are accounted properly in containers
>
> [skip]
>
> DL> I am not sure to see all the implications of having this namespace
> DL> by default, especially for application containers which can be
> DL> executed by non-root user. I think it would make sense to make this
> DL> flag optional with the configuration.
>
> Fully agree. I don't use LXC at the moment, so don't expect new patch
> From me -- I will scratch one when I get to using LXC again unless
> someone else implements it before.
>
Ok, thanks Mikhail.
More information about the lxc-devel
mailing list