> On November 30, 2015 at 5:41 PM Serge Hallyn <serge.hal...@ubuntu.com> wrote: > > > Quoting Wolfgang Bumiller (w.bumil...@proxmox.com): > > If manual mounting with elevated permissions is required > > this can currently only be done in pre-start hooks or before > > starting LXC. In both cases the mounts would appear in the > > host's namespace. > > With this flag the namespace is unshared before the startup > > sequence, so that mounts performed in the pre-start hook > > don't show up on the host. > > > > Signed-off-by: Wolfgang Bumiller <w.bumil...@proxmox.com> > > Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com> > > Note we should probably point out in the manpage that this > will only work for containers started by root. Can you send > a separate patch for that?
Since CLONE_NEWNS needs CAP_SYS_ADMIN, should I write that or mention root by name? _______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
