[lxc-devel] [lxc/lxc] 432faf: cgroup isolation: handle devices cgroup early
Christian Brauner
noreply at github.com
Tue Apr 7 08:35:41 UTC 2020
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 432faf202e7b303af9a476a707db5d0f57085fa0
https://github.com/lxc/lxc/commit/432faf202e7b303af9a476a707db5d0f57085fa0
Author: Wolfgang Bumiller <w.bumiller at proxmox.com>
Date: 2020-04-07 (Tue, 07 Apr 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/start.c
Log Message:
-----------
cgroup isolation: handle devices cgroup early
Otherwise we cannot use an 'a' entry in devices.deny/allow
as these are not permitted once a subdirectory was created.
Without isolation we initialize the devices cgroup
particularly late, so there are probably cases which cannot
work with isolation.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
Commit: 51c8368a374726485b7a99b7e4dff05f60b1872c
https://github.com/lxc/lxc/commit/51c8368a374726485b7a99b7e4dff05f60b1872c
Author: Christian Brauner <christian.brauner at ubuntu.com>
Date: 2020-04-07 (Tue, 07 Apr 2020)
Changed paths:
M src/lxc/cgroups/cgfsng.c
M src/lxc/start.c
Log Message:
-----------
Merge pull request #3359 from Blub/legacy-devices-isolation-change
cgroup isolation: handle devices cgroup early
Compare: https://github.com/lxc/lxc/compare/d8ccf906038e...51c8368a3747
More information about the lxc-devel
mailing list