[lxc-devel] [RFC lxc 2/2] Added lxc.start.unshare

Wolfgang Bumiller w.bumiller at proxmox.com
Fri Nov 20 16:02:38 UTC 2015


> Do you think we'll ever want to have the monitor unshare
> other namespaces?  We could turn this into
> 
> lxc.monitor.unshare = <mask-of-namespaces>
> 
> but if noone will ever want to do that, then a simpler boolean
> flag is nicer.

That could be tricky. The only use case I can _imagine_ would be
a hidden veth-device to talk to just some specific program started in
the pre-start hook for instance, but that's what sockets are for ;-)
And this wouldn't work at all with the network setup as far as I can
tell as it happens after the pre-start hook.
But yeah, if I can think of anything else I'll let you know...



More information about the lxc-devel mailing list