Quoting "Axel Schöner" (axel.schoe...@gmx.de):
> Hello,
> 
> i need some feedback and suggestions for this project. If there are 
> similar solutions please let me know.
> 
> I want to build a solution for creating and starting a container on user 
> login 
> (via ssh or shell). The user should be redirected inside a container as root 
> to a bash.

For now, don't give away root in a container to anyone who you wouldn't
give root on your host.

> I know there is a PAM-module (pam-netns) for creating a network in 
> a separated namespace when a user logs in. I think it should be possible to 
> realize my goals based on this module.

Not until the patchset allowing you to unshare pidns goes upstream.
Cloning won't suffice.  That is actually the whole reason why Janak
initially pushed sys_unshare().

-serge

------------------------------------------------------------------------------
Special Offer -- Download ArcSight Logger for FREE!
Finally, a world-class log management solution at an even better 
price-free! And you'll get a free "Love Thy Logs" t-shirt when you
download Logger. Secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsisghtdev2dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel

Reply via email to