[lxc-devel] Closing all fds by default
Stéphane Graber
stgraber at ubuntu.com
Tue Jun 12 16:34:14 UTC 2012
On 06/12/2012 12:03 PM, Daniel Smith wrote:
> On 6/8/2012 5:17 AM, Daniel Godás wrote:
>> I guess my point is --close-all-fds was actually useful and I think
>> removing it should be reconsidered.
>>
>> Regards,
>> Dan
>
> I don't think that this necessarily needs to be reconsidered but perhaps
> a more formal method to establish a communication channel between host
> and container. I am thinking of something in the spirit of the Serial
> I/O host-guest communication channel implemented for KVM. I recall there
> was a lot of discussion over this feature with some suggesting just to
> establish a network connection. In the end it was agreed that some
> communication channel independent of the network stack was necessary.
> Like-wise in the container world I think we could benefit from a formal
> way to establish a communication channel between the host and a
> container. Thoughts?
>
> V/r,
> Daniel
Well, the easiest way to achieve that with LXC is simply to bind mount a
socket into the container. Just create a socket outside of the
container, add it to the container's fstab and make sure the file exists
in the container, and you're done.
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20120612/7ce47c70/attachment.pgp>
More information about the lxc-devel
mailing list