Jean-Marc Pigeon <j...@safe.ca> writes: > Added syslog.c such container /proc/kmsg and host /proc/kmsg > do not leak in each other. > Running rsyslog daemon within a container won't destroy > host kernel messages.
If the goal is to not destroy the host kernel messages the much simpler solution would be to simply disable /proc/kmsg in the container. I expect we can get that for free with a some bug fixes to the user namespace (aka if you are not in the global namespace you can't touch /proc/kmsg). Additionally except for the possible exception of logging firewall rules I can't think of a case where I would want kernel printk's in anything other than the global kernel ring buffer. Eric _______________________________________________ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers _______________________________________________ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
