[Lxc-users] Refreshing for 2013: LXC hiding container processes from Host/HN's 'ps'

ian sison (mailing list) ian.sison at gmail.com
Wed Feb 20 08:19:36 UTC 2013


Hi - i'm re forwarding this email from 2011 in the hope that there's
been some work done on the mainline LXC code regarding hiding
container processes from the hardware node's process list.  Back then
there was no option available in LXC to implement this.  How about
today?

- Ian


---------- Forwarded message ----------
From: ian sison (mailing list) <ian.sison at gmail.com>
Date: Tue, May 3, 2011 at 6:53 PM
Subject: Hiding container processes from Host/HN's 'ps'
To: lxc-users at lists.sourceforge.net


Hi all -

In openvz, a certain sysctl parameter,

kernel.pid_ns_hide_child = 1

when executed at HN system startup will hide any processes that run
inside the running containers from appearing in the output of 'ps'.
This makes for a cleaner 'ps' output in the hardware node, and
prevents inadvertent container malfunctions when something like
'killall -9 httpd' is executed in the command line of the HN.

How can i do the same with LXC?  My google searches draw up a blank.

- Ian




More information about the lxc-users mailing list