Quoting Dan Kegel (d...@kegel.com):
I'd like to strace a stray process, but in Ubuntu 12.04, to do that
you have to do
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
This fails inside an LXC (ephemeral) container.
But since there's only one kernel, you can do that in the host, and
I would not use lxc for shared vps setup (like openvz) at this moment
due to some unsolved security issues.
I've seen security issues with lxc mentioned in a few places, but nothing
very specific (one thing specific was something to do with /proc
filtering). (I've googled a bit, but it's hard
On 12-09-13 06:56 PM, Stuart Yoder wrote:
I would not use lxc for shared vps setup (like openvz) at this moment
due to some unsolved security issues.
I've seen security issues with lxc mentioned in a few places, but nothing
very specific (one thing specific was something to do with /proc