[lxc-devel] [RFC lxc 2/2] Added lxc.start.unshare

[Serge Hallyn]

Quoting Wolfgang Bumiller (w.bumiller at proxmox.com):
> If manual mounting with elevated permissions is required
> this can currently only be done in pre-start hooks or before
> starting LXC. In both cases the mounts would appear in the
> host's namespace.
> With this flag the namespace is unshared before the startup
> sequence, so that mounts performed in the pre-start hook
> don't show up on the host.
> 
> Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>

Thanks,

I'm going to think about this a bit.  What you have may be the
cleanest generic thing we can do.  But I want to look over it
again and see if there are any cases where we expect the
monitor to remain in the host ns.  (I don't think so)  It also
may be worthwhile, if anyone uses pre-start hooks to actually
put some mounts in the host-ns, to change the semantics here:
have a lxc.pre-start-cntns or somesuch hook;  if not defined,
nothing changes.  if defined, it runs immediately after the
pre-start hooks, but after an unshare.  I prefer your way
for being more explicit.

Do you think we'll ever want to have the monitor unshare
other namespaces?  We could turn this into

lxc.monitor.unshare = <mask-of-namespaces>

but if noone will ever want to do that, then a simpler boolean
flag is nicer.