On Thu, 2009-01-15 at 09:25 -0800, Paul Menage wrote: > On Thu, Jan 15, 2009 at 5:57 AM, Stephan Peijnik <[email protected]> wrote: > > > > So Paul, do you think the interface would be of any use to you? > > Potentially, yes. My concern was that we not add another new > (incomplete) userspace API in cgroups for doing socket permissions - > hooking into iptables was one way to do it, but if sactl is going to > become the official way to do this, then hooking a cgroups filter into > that seems like a good alternative.
Just to clarify that: sactl is my pet project and inclusion in linux-next (or whenever) has not been discussed yet, but if enough potential users pop up I would love try getting it included. I rather meant to ask if this interface could be of any use to you (and others) and whether you would want/need any modifications to it, if there are any flaws in its design, bugs in the code, etc. -- Stephan _______________________________________________ Containers mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/containers _______________________________________________ Devel mailing list [email protected] https://openvz.org/mailman/listinfo/devel
