[lxc-devel] Unprivileged setns
Eric W. Biederman
ebiederm at xmission.com
Mon Jan 20 21:13:49 UTC 2014
Stéphane Graber <stgraber at ubuntu.com> writes:
> The problem obviously comes from those two error messages which say that
> setns back to the original namespace failed.
>
> I can't think of a nice way around this particular limitation nor am I
> convinced that there is any safe way to fix that at the kernel level.
> (CCing Eric in case there's something I missed)
No. Switching back to the original user namespace can not be
supported. It is am important property that once you are inside a user
namespace you can not escape. Similarly with the pid namespace.
Eric
More information about the lxc-devel
mailing list