[lxc-devel] Anybody looked at unshare(2)?
rlandley at parallels.com
Wed Feb 23 04:22:15 UTC 2011
It looks like clone flags aren't the only way to create a new namespace,
any existing process can move to a new namespace via unshare(2).
This sounds like you could fairly easily make a super_chroot() function
that does most of the container stuff. The hard part would be doing
mount points, device setup, and TTY I/O. (How much of this requires a
host daemon? I still haven't properly investigated how the current
container TTY stuff behind lxc-console works...)
More information about the lxc-devel