On 4/26/05, Jamie Lokier <[email protected]> wrote:
>
> It's called /proc/NNN/root.
>
> So no new system calls are needed. A daemon to hand out per-user
> namespaces (or any other policy) can be written using existing
> kernels, and those namespaces can be joined using chroot.
>
> That's the theory anyway. It's always possible I misread the code (as
> I don't use namespaces and don't have tools handy to try them).
>
Should have checked myself before posting my previous reply -- but
this doesn't seem to work. /proc/NNN/root is represented as a
symlink, but when you CLONE_NS and then try to look at another one of
your process' /proc/NNN/root the link doesn't seem to have a target
and you get permission denied on all accesses. I haven't looked at
the underlying procfs code, but adapting procfs for this sort of
purpose feels wrong.
-eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
