[libvirt] [PATCH 2 of 2] [LXC] Create and enter the cgroup before starting container process

Daniel Veillard veillard at redhat.com
Tue Oct 21 16:17:01 UTC 2008


On Thu, Oct 16, 2008 at 02:07:57PM -0700, Dan Smith wrote:
> Without this, our container child doesn't actually end up in the cgroup,
> and thus runs unrestricted.  Note that this does not address the container's
> ability to mount cgroup and move itself into the parent namespace.

  Okay this moves the initialization  earlier, makes sense,

    +1

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/




More information about the libvir-list mailing list