[lxc-users] Overcommit and kernel isolation
Bertrand Paquet
bertrand.paquet at gmail.com
Thu Oct 9 08:22:40 UTC 2014
Ok. Thx you for information.
It's very very dangerous :(
Bertrand
On Thu, Oct 9, 2014 at 10:15 AM, Tamas Papp <tompos at martos.bme.hu> wrote:
>
> On 10/09/2014 10:07 AM, Bertrand Paquet wrote:
>
> Hi all,
>
> I have noticed that changing the overcommit
> (/proc/sys/vm/overcommit_memory) mode inside a container change the
> overcommit mode of the host. Is it normal ?
>
> For /proc/sys/kernel/shmmax, the value seems to be local to the
> container.
>
> Regards,
>
> Bertrand
>
> PS : my LXC version : 1.0.1
>
>
> Without apparmor, selinux or other restictions and privileged containers
> yes, it is.
> AFAIK there is no namespace for that.
>
> tamas
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141009/e31dd2bf/attachment.html>
More information about the lxc-users
mailing list