Re: Linux 3.2 in wheezy

To: debian-devel@lists.debian.org
Subject: Re: Linux 3.2 in wheezy
From: Holger Levsen <holger@layer-acht.org>
Date: Mon, 30 Jan 2012 10:32:32 +0100
Message-id: <[🔎] 201201301032.33146.holger@layer-acht.org>
In-reply-to: <[🔎] 20120130013115.GB19215@bongo.bofh.it>
References: <20120129182205.GR12704@decadent.org.uk> <[🔎] 20120130004459.GA22039@angband.pl> <[🔎] 20120130013115.GB19215@bongo.bofh.it>

Hi Marco,

thanks for these infos!

On Montag, 30. Januar 2012, Marco d'Itri wrote:
> Let's start with this: in its current form, it is not designed to
> protect the host system from an untrusted root user in a guest.
> So far lxc is nice for testing, but not much more.
> http://blog.bofh.it/debian/id_413

would you mind filing a bug about this?! Refering to your blog post is nice, 
but it's harder to track and to subscribe to.

> > * how to execute a command in a running VM?  lxc-execute complains that
> > the
> Lack of something like VE_ENTER also makes it unsuitable for me.

eek, me too. Another bug.

> >   container is busy, forcing it results in processes in both sessions not
> >   seeing each other (ie, they end up in different cgroups instead of
> >   entering the existing one).
> AFAIK there is still no way to attach a process to an existing cgroup,
> so you need to have a sshd in the guest.

uh :(


cheers,
	Holger

Reply to:

Follow-Ups:
- Re: Linux 3.2 in wheezy
  - From: md@Linux.IT (Marco d'Itri)

References:
- Re: Linux 3.2 in wheezy
  - From: Adam Borowski <kilobyte@angband.pl>
- Re: Linux 3.2 in wheezy
  - From: md@Linux.IT (Marco d'Itri)

Prev by Date: Re: -fPIE and stuff
Next by Date: Bug#657957: ITP: starlink-libast -- Handle World Coordinate Systems in Astronomy
Previous by thread: Re: Linux 3.2 in wheezy
Next by thread: Re: Linux 3.2 in wheezy
Index(es):
- Date
- Thread