[lxc-devel] setns/fork(glibc) weird interaction, lxc-attach may hang sporadically

Dwight Engen dwight.engen at oracle.com
Tue Apr 23 19:36:51 UTC 2013


On Tue, 23 Apr 2013 19:30:07 +0100
Christian Seiler <christian at iwakd.de> wrote:

> Hi again,
> 
> > util-linux is affected the same way as far as I can tell (haven't 
> > tried
> > it though), and should run into the assertion and fail for no good
> > reason.
> 
> Btw. I just noticed: -F is actually worse than not using -F. If you
> use the -F flag for nsenter, nsenter itself will not fork(), but
> directly exec() to the specified program. That program will not
> completely be in the pid namespace, but its children will be. So if
> that program then uses fork(), because it's a shell for example, most
> of those forks will work without a hitch, but some will fail for the
> exact same reason and then that will be a whole other kind of mess...
> 
> -- Christian

Hi Christian, it looks to me like do_fork is forced to 1 when
CLONE_NEWPID is in the list of name spaces to be entered so
hopefully this prevents the scenario you mention.




More information about the lxc-devel mailing list