Mikhail Gusarov wrote: > Daniel. > > >> Unshare user namespace to make sure setrlimit and other per-user > >> limits are accounted properly in containers > > [skip] > > DL> I am not sure to see all the implications of having this namespace > DL> by default, especially for application containers which can be > DL> executed by non-root user. I think it would make sense to make this > DL> flag optional with the configuration. > > Fully agree. I don't use LXC at the moment, so don't expect new patch > From me -- I will scratch one when I get to using LXC again unless > someone else implements it before. >
Ok, thanks Mikhail. ------------------------------------------------------------------------------ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
