[RFC][PATCH 0/20] Multiple instances of the process id namespace

From: Eric W. Biederman
Date: Mon Feb 06 2006 - 14:20:47 EST



There have been several discussions in the past month about how
to do a good job of implementing a subset of user space that
looks like it has the system to itself. Essentially making
chroot everything it could be. This is my take on what
the implementation of a pid namespace should look like.


What follows is a real patch set that is sufficiently complete
to be used and useful in it's own right. There are a few areas
of the kernel where the patchset does not reach, mostly these
cause the compile to fail. In addition a good thorough review
still needs to be done. This patchset does paint a picture
of how I think things should look.

>From the kernel community at large I am asking:
Does the code look generally sane?

Does the use of clone to create a new namespace instance look
like the sane approach?


Hopefully this code is sufficiently comprehensible to allow a good
discussion to come out of this.

Thanks for your time,

Eric



p.s. My apologies at the size of the CC list. It is very hard to tell who
the interested parties are, and since there is no one list we all subscribe
to other than linux-kernel how to reach everyone in a timely manner. I am
copying everyone who has chimed in on a previous thread on the subject. If
you don't want to be copied in the future tell and I will take your name off
of my list.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/