On Wed, 2011-07-20 at 07:10 -0500, Serge Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > [root@forest ~]# lxc-start --name Plover > > lxc-start: Invalid argument - pivot_root syscall failed
> sort of unrelated, but Rob Landley had mentioned he wanted to fix chroot > to prevent the chdir-based chroot escape, allowing lxc to use chroot in > place of pivot_root. As you see above, pivot_root has some very stringent > constaints regarding the ms_shared state of the mounpoints *and* their > parents, so this would be a very good thing. Interesting. Very interesting. Especially since I remember being involved in the whole transition from chroot over to pivot_root way back when. Explains a couples of other anomalies I observed. > And would prevent the above. I'm going to have to refresh my memory of the reasons for switching from chroot over to pivot_root in the first place. There was more than one and the chdir-based chroot escape was only one. > As far as the main topic of this thread, I feel I can't really do it > justice without trying harder to reproduce, which I can't do today. I'm > going to try and find time tomorrow or friday to do so (if you haven't > gotten to the bottom of this before that). We also might want to point > dhansen at the mail archive of this thread and get his input. Ok... I've still got some testing and experimenting to do based on those hints C Anthony gave me. ITMT, I'm not sure who you are referring to as dhansen (so I can't point them anywhere) but, the more the merrier if it helps this thing along. > -serge Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
