suggestion: decouple unshare from mounting in pam_namespace

Louis-Dominique Dubeau ldd at lddubeau.com
Fri May 23 17:50:31 UTC 2008


On Fri, 2008-05-23 at 10:24 -0400, Louis-Dominique Dubeau wrote:
> It makes sense somewhat. But with the KISS principle in mind - when you
> want just the unshare, why not create a new module called pam_unshare,
> which would just call unshare and not do anything else? I think we could
> accept such module into Linux-PAM.

I have no problem with this approach.  I just do not know pam well
enough to know whether this would have unforeseen consequences or not.

What needs to be done to ensure the presence of pam_unshare in a future
version of pam?

Thanks,
Louis





More information about the Pam-list mailing list