On Tue, 23 Apr 2013 19:30:07 +0100 Christian Seiler <christ...@iwakd.de> wrote:
> Hi again, > > > util-linux is affected the same way as far as I can tell (haven't > > tried > > it though), and should run into the assertion and fail for no good > > reason. > > Btw. I just noticed: -F is actually worse than not using -F. If you > use the -F flag for nsenter, nsenter itself will not fork(), but > directly exec() to the specified program. That program will not > completely be in the pid namespace, but its children will be. So if > that program then uses fork(), because it's a shell for example, most > of those forks will work without a hitch, but some will fail for the > exact same reason and then that will be a whole other kind of mess... > > -- Christian Hi Christian, it looks to me like do_fork is forced to 1 when CLONE_NEWPID is in the list of name spaces to be entered so hopefully this prevents the scenario you mention. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
