Re: Detecting if you are running in a container

[david]

On Tue, 11 Oct 2011, Eric W. Biederman wrote:

> david@xxxxxxx writes:
>
> > On Tue, 11 Oct 2011, Eric W. Biederman wrote:
> >
> > > Theodore Tso <tytso@xxxxxxx> writes:
> > >
> > > > On Oct 11, 2011, at 2:42 AM, Eric W. Biederman wrote:
> > > I admit for a lot of test cases that it makes sense not to use a full
> > > set of userspace daemons.  At the same time there is not particularly
> > > good reason to have a design that doesn't allow you to run a full
> > > userspace.
> >
> > how do you share the display between all the different containers if they are
> > trying to run the X server?
>
> Either X does not start because the hardware it needs is not present or
> Xnest or similar gets started.
>
> > how do you avoid all the containers binding to the same port on the default IP
> > address?
>
> Network namespaces.
>
> > how do you arbitrate dbus across the containers.
>
> Why should you?

because the containers are simulating different machines, and dbus doesn't 
work arcross different machines.

> > when a new USB device gets plugged in, which container gets control of
> > it?
>
> None of them.  Although today they may all get the uevent.  None of the
> containers should have permission to call mknod to mess with it.

why would the software inside a container not have the rights to do a 
mknod inside the container?

> > there are a LOT of hard questions when you start talking about running a full
> > system inside a container that do not apply for other use of
> > containers.
>
> Not really mostly the answer is that you say no.
>
> Eric

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/