[lxc-devel] [PATCH 1/1] preserve_ns: ignore open failures due to ENOENT

Wolfgang Bumiller w.bumiller at proxmox.com
Tue Nov 17 19:54:45 UTC 2015


(once again I should have read the rest of the mailing list before replying...
happens when you forget about automated move-to-folder filters...)

> On November 17, 2015 at 7:57 PM Stéphane Graber <stgraber at ubuntu.com> wrote:
>
> As we're now calling that code for every single container, we should
> make sure that in the common case, no extra user visible messages appear
> (INFO/DEBUG/TRACE is fine, those only hit the log).
> 
> 
> So anyway, ideally I'd like to see:
>  - User requests some namespaces be preserved:
>     - If /proc/self/ns is missing => fail (saying kernel misses setns)
>     - If /proc/self/ns/<namespace> entry is missing => fail (saying kernel
> misses setns for <namespace>)
>  - User doesn't request some namespaces be preserved:
>     - If /proc/self/ns is missing => log an INFO message (kernel misses setns)
> and continue
>     - If /proc/self/ns/<namespace> entry is missing => log an INFO message
> (kernel misses setns for <namespace>) and continue
> 
> That won't cause any regression for users of old kernels, the only
> change in behavior is that if you request some namespaces be preserved
> on pre-3.8, LXC will now fail rather than pretend it succeeded in
> attaching you to those namespaces.

Okay so we need a way to request to preserve namespaces, since it currently
always happens.
Or should specifying a stop hook count as requesting them to be preserved
(since it's currently the only hook getting them passed).



More information about the lxc-devel mailing list