On Mon, 2015-02-16 at 19:24 +0100, Oleg Nesterov wrote:
> On 02/16, Oleg Nesterov wrote:
> >
> > On 02/16, Ian Kent wrote:
> > >
> > > On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> > > > On 02/10, Ian Kent wrote:
> > > > >
> > > > > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov
On Mon, 2015-02-16 at 18:13 +0100, Oleg Nesterov wrote:
> On 02/16, Ian Kent wrote:
> >
> > On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> > > On 02/10, Ian Kent wrote:
> > > >
> > > > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> > > > >
> > > > > I understand. but I still
On Mon, 2015-02-16 at 19:24 +0100, Oleg Nesterov wrote:
On 02/16, Oleg Nesterov wrote:
On 02/16, Ian Kent wrote:
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I
On Mon, 2015-02-16 at 18:13 +0100, Oleg Nesterov wrote:
On 02/16, Ian Kent wrote:
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we
On 02/16, Oleg Nesterov wrote:
>
> On 02/16, Ian Kent wrote:
> >
> > On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> > > On 02/10, Ian Kent wrote:
> > > >
> > > > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> > > > >
> > > > > I understand. but I still can't understand why we
On 02/16, Ian Kent wrote:
>
> On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> > On 02/10, Ian Kent wrote:
> > >
> > > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> > > >
> > > > I understand. but I still can't understand why we can't implement
> > > > something
> > > > like
On 02/16, Ian Kent wrote:
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we can't implement
something
like
On 02/16, Oleg Nesterov wrote:
On 02/16, Ian Kent wrote:
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we can't implement
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> On 02/10, Ian Kent wrote:
> >
> > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> > >
> > > I understand. but I still can't understand why we can't implement
> > > something
> > > like
> > > enter_ns(struct nsproxy *p)
> > >
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we can't implement
something
like
enter_ns(struct nsproxy *p)
{
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
> On 02/10, Ian Kent wrote:
> >
> > On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> > >
> > > I understand. but I still can't understand why we can't implement
> > > something
> > > like
> > > enter_ns(struct nsproxy *p)
> > >
On 02/10, Ian Kent wrote:
>
> On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> >
> > I understand. but I still can't understand why we can't implement something
> > like
> > enter_ns(struct nsproxy *p)
> > {
> > new_nsproxy = create_new_namespaces(...);
> >
> >
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we can't implement something
like
enter_ns(struct nsproxy *p)
{
new_nsproxy = create_new_namespaces(...);
On Tue, 2015-02-10 at 17:55 +0100, Oleg Nesterov wrote:
On 02/10, Ian Kent wrote:
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
I understand. but I still can't understand why we can't implement
something
like
enter_ns(struct nsproxy *p)
{
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
> On 02/09, Ian Kent wrote:
> >
> > On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
> > > > +
> > > > + this = file_open_root(mnt->mnt_root, mnt, path,
> > > > O_RDONLY);
> > > > + if
On 02/09, Ian Kent wrote:
>
> On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
> > > +
> > > + this = file_open_root(mnt->mnt_root, mnt, path, O_RDONLY);
> > > + if (unlikely(IS_ERR(this))) {
> > > + err = PTR_ERR(this);
> > > + break;
> > > +
On 02/09, Ian Kent wrote:
On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
+
+ this = file_open_root(mnt-mnt_root, mnt, path, O_RDONLY);
+ if (unlikely(IS_ERR(this))) {
+ err = PTR_ERR(this);
+ break;
+ }
+
+
On Mon, 2015-02-09 at 17:03 +0100, Oleg Nesterov wrote:
On 02/09, Ian Kent wrote:
On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
+
+ this = file_open_root(mnt-mnt_root, mnt, path,
O_RDONLY);
+ if (unlikely(IS_ERR(this))) {
+
On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
> On 02/05, Ian Kent wrote:
> >
> > +int umh_enter_ns(struct task_struct *tsk, struct cred *new)
> > +{
> > + char path[NS_PATH_MAX];
> > + struct vfsmount *mnt;
> > + const char *name;
> > + pid_t pid;
> > + int err = 0;
> > +
> >
On 02/05, Ian Kent wrote:
>
> +int umh_enter_ns(struct task_struct *tsk, struct cred *new)
> +{
> + char path[NS_PATH_MAX];
> + struct vfsmount *mnt;
> + const char *name;
> + pid_t pid;
> + int err = 0;
> +
> + pid = task_pid_nr(tsk);
> +
> + /*
> + * The user
On 02/08, Ian Kent wrote:
>
> On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
> > On Thu, 05 Feb 2015 10:34:11 +0800
> > Ian Kent wrote:
> >
> > > +{
> > > + struct task_struct *tsk;
> > > +
> > > + rcu_read_lock();
> > > + tsk = find_task_by_vpid(1);
> > > + if (tsk)
> > > +
On Sun, 08 Feb 2015 11:07:32 +0800
Ian Kent wrote:
> On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
> > On Thu, 05 Feb 2015 10:34:11 +0800
> > Ian Kent wrote:
> >
> > > The call_usermodehelper() function executes all binaries in the
> > > global "init" root context. This doesn't allow a
On 02/08, Ian Kent wrote:
On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
On Thu, 05 Feb 2015 10:34:11 +0800
Ian Kent ik...@redhat.com wrote:
+{
+ struct task_struct *tsk;
+
+ rcu_read_lock();
+ tsk = find_task_by_vpid(1);
+ if (tsk)
+
On 02/05, Ian Kent wrote:
+int umh_enter_ns(struct task_struct *tsk, struct cred *new)
+{
+ char path[NS_PATH_MAX];
+ struct vfsmount *mnt;
+ const char *name;
+ pid_t pid;
+ int err = 0;
+
+ pid = task_pid_nr(tsk);
+
+ /*
+ * The user mode thread
On Sun, 08 Feb 2015 11:07:32 +0800
Ian Kent ik...@redhat.com wrote:
On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
On Thu, 05 Feb 2015 10:34:11 +0800
Ian Kent ik...@redhat.com wrote:
The call_usermodehelper() function executes all binaries in the
global init root context.
On Sun, 2015-02-08 at 20:00 +0100, Oleg Nesterov wrote:
On 02/05, Ian Kent wrote:
+int umh_enter_ns(struct task_struct *tsk, struct cred *new)
+{
+ char path[NS_PATH_MAX];
+ struct vfsmount *mnt;
+ const char *name;
+ pid_t pid;
+ int err = 0;
+
+ pid =
On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
> On Thu, 05 Feb 2015 10:34:11 +0800
> Ian Kent wrote:
>
> > The call_usermodehelper() function executes all binaries in the
> > global "init" root context. This doesn't allow a binary to be run
> > within a namespace (eg. the namespace of a
On Fri, 2015-02-06 at 07:08 -0500, Jeff Layton wrote:
On Thu, 05 Feb 2015 10:34:11 +0800
Ian Kent ik...@redhat.com wrote:
The call_usermodehelper() function executes all binaries in the
global init root context. This doesn't allow a binary to be run
within a namespace (eg. the namespace
On Thu, 05 Feb 2015 10:34:11 +0800
Ian Kent wrote:
> The call_usermodehelper() function executes all binaries in the
> global "init" root context. This doesn't allow a binary to be run
> within a namespace (eg. the namespace of a container).
>
> Both containerized NFS client and NFS server need
On Thu, 05 Feb 2015 10:34:11 +0800
Ian Kent ik...@redhat.com wrote:
The call_usermodehelper() function executes all binaries in the
global init root context. This doesn't allow a binary to be run
within a namespace (eg. the namespace of a container).
Both containerized NFS client and NFS
Ian Kent wrote:
> To do this use the init process of the callers environment is used to setup
> the namespaces in the same way the root init process is used otherwise.
This probably doesn't need both "use" and "used".
> +struct task_struct *umh_get_init_pid(void)
> +int umh_enter_ns(struct
Ian Kent ik...@redhat.com wrote:
To do this use the init process of the callers environment is used to setup
the namespaces in the same way the root init process is used otherwise.
This probably doesn't need both use and used.
+struct task_struct *umh_get_init_pid(void)
+int
The call_usermodehelper() function executes all binaries in the
global "init" root context. This doesn't allow a binary to be run
within a namespace (eg. the namespace of a container).
Both containerized NFS client and NFS server need the ability to
execute a binary in a container's context. To
The call_usermodehelper() function executes all binaries in the
global init root context. This doesn't allow a binary to be run
within a namespace (eg. the namespace of a container).
Both containerized NFS client and NFS server need the ability to
execute a binary in a container's context. To do
34 matches
Mail list logo
