[Lxc-users] Setting yama/ptrace_scope to 0 inside container?
Dan Kegel
dank at kegel.com
Wed Sep 12 17:36:23 UTC 2012
I'd like to strace a stray process, but in Ubuntu 12.04, to do that
you have to do
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
This fails inside an LXC (ephemeral) container.
But since there's only one kernel, you can do that in the host, and
it will affect the containers as well.
At least for now. There's some talk of changing that
( http://www.openwall.com/lists/kernel-hardening/2011/11/23/1 /
http://lkml.indiana.edu/hypermail/linux/kernel/1111.2/03494.html )
Is there an LXC FAQ somewhere for tidbits like this?
More information about the lxc-users
mailing list