Re: [lxc-devel] [PATCH v2 1/4] add list_all_containers(), returns defined and active containers

On Tue, 5 Nov 2013 22:17:28 -0600 Serge Hallyn serge.hal...@ubuntu.com wrote: Quoting Serge Hallyn (serge.hal...@ubuntu.com): Quoting Dwight Engen (dwight.en...@oracle.com): Signed-off-by: Dwight Engen dwight.en...@oracle.com Hi, One comment below: fwiw there's no resulting

[lxc-devel] [PATCH] coverity 1126129: don't try to print c-name when c is NULL

I accidentally introduced this with the change to lxc-info (commit b9d957c3). Signed-off-by: Dwight Engen dwight.en...@oracle.com --- src/lxc/lxc_info.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/lxc/lxc_info.c b/src/lxc/lxc_info.c index ba43f37..6c35bbb 100644

Re: [lxc-devel] [PATCH] coverity 1126129: don't try to print c-name when c is NULL

Quoting Dwight Engen (dwight.en...@oracle.com): I accidentally introduced this with the change to lxc-info (commit b9d957c3). Signed-off-by: Dwight Engen dwight.en...@oracle.com Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com --- src/lxc/lxc_info.c | 4 +--- 1 file changed, 1

[lxc-devel] [lxc/lxc] 9beb9c: coverity 1126129: don't try to print c-name when ...

Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: 9beb9ce0ef1c5975e922768afdf51dc39ca5b0b9 https://github.com/lxc/lxc/commit/9beb9ce0ef1c5975e922768afdf51dc39ca5b0b9 Author: Dwight Engen dwight.en...@oracle.com Date: 2013-11-06 (Wed, 06 Nov 2013) Changed

Re: [lxc-devel] [PATCH RFC] install lxc-user-nic with setuid bit set

On Wed, Nov 06, 2013 at 09:31:35AM -0600, Serge Hallyn wrote: It's worthless without it. However it's a scary thing to do. Before acking this, reviewers may want to take another close look at lxc-user-nic itself :) Can you perhaps try to get someone on the Ubuntu Security team to do a quick

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

On Wed, Nov 6, 2013 at 11:33 AM, Oleg Nesterov o...@redhat.com wrote: Hi Serge, On 11/06, Serge Hallyn wrote: Hi Oleg, commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks breaks lxc-attach in 3.12. That code forks a child which

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

On 11/06, Andy Lutomirski wrote: On Wed, Nov 6, 2013 at 11:33 AM, Oleg Nesterov o...@redhat.com wrote: Hi Serge, On 11/06, Serge Hallyn wrote: Hi Oleg, commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks breaks

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

Quoting Oleg Nesterov (o...@redhat.com): Hi Serge, On 11/06, Serge Hallyn wrote: Hi Oleg, commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks breaks lxc-attach in 3.12. That code forks a child which does setns() and then

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

On Wed, Nov 6, 2013 at 2:50 PM, Eric W. Biederman ebied...@xmission.com wrote: Oleg Nesterov o...@redhat.com writes: Hi Serge, On 11/06, Serge Hallyn wrote: Hi Oleg, commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks breaks

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

Serge Hallyn serge.hal...@ubuntu.com writes: So apart from peers seeing the new task as having pid 0, and sigchild going to the grandparent, are there any other side effects? Is ptrace an issue? (I took a quick look but it doesn't seem like it) There is nothing new the pid namespace adds

Re: [lxc-devel] CLONE_PARENT after setns(CLONE_NEWPID)

Quoting Eric W. Biederman (ebied...@xmission.com): Oleg Nesterov o...@redhat.com writes: Hi Serge, On 11/06, Serge Hallyn wrote: Hi Oleg, commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks breaks lxc-attach in 3.12.