[lxc-users] Overcommit and kernel isolation
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Oct 9 16:05:19 UTC 2014
Quoting Bertrand Paquet (bertrand.paquet at gmail.com):
> Hi all,
>
> I have noticed that changing the overcommit
> (/proc/sys/vm/overcommit_memory) mode inside a container change the
> overcommit mode of the host. Is it normal ?
Yes, sadly those are not namespaced. The apparmor (and hopefully selinux, I'm
not sure bc I'm not sure what the selinux type on that file is) profiles don't
allow writing to those.
> For /proc/sys/kernel/shmmax, the value seems to be local to the container.
>
> Regards,
>
> Bertrand
>
> PS : my LXC version : 1.0.1
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list