> > > So this may get fixed with cgroup namespaces, > > (i.e. > https://git.kernel.org/cgit/linux/kernel/git/sergeh/linux-security.git/log/?h=2015-11-10/cgroupns > , > github.com/hallyn/lxcfs #2015-11-10/cgns and github.com/lxc/ > #2015-11-09/cgns) >
This is great! Using this patch would mean that we don't need cgmanager or lxcfs, is that correct? Does it already work for unprivileged containers? If so, I can spend some time trying to generate a deb for the branch, create an unprivileged container and then try to start up the docker daemon inside the container to see the next step where it fails. I need to see if the process of generating debs is documented somewhere. > > but of course for backward compatability that should still be fixed. Which > requires choosing a way for docker to decide whether cgroups are in fact > mounted. > For the backward compatibility, it would mean changing docker such that it can run without checking if the right cgroups are mounted?
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
