Hi
I`m tring to prepare solution for run user task inside docker/lxc. I was inspired by bocker https://github.com/p8952/bocker. Now I have PoC based on modified _become_user function which keep CAP_SYS_CHROOT capability and task_plugin (it can also be spank, now i think is even better): prepare image in task_p_pre_setuid and chdir,chroot in task_p_pre_launch. I wonder if this is a good direction? Regards DB
