[lxc-devel] [PATCH 2/5] cgroup: don't set devices cgroup if not in init_user_ns (v2)

[Serge Hallyn]

Quoting serge.hallyn at ubuntu.com (serge.hallyn at ubuntu.com):
> From: Serge Hallyn <serge.hallyn at ubuntu.com>
> 
> Changelog: (Jul 22) only do this when actually mapping ids

Another note, as per lkml discussion, unprivileged container
creation will (at least for now) simply not create or enter
cgroups - other than an 'lxc' cgroup which only tracks tasks.

So maybe I sent this patch prematurely...

-serge