Hi Marco, thanks for these infos!
On Montag, 30. Januar 2012, Marco d'Itri wrote: > Let's start with this: in its current form, it is not designed to > protect the host system from an untrusted root user in a guest. > So far lxc is nice for testing, but not much more. > http://blog.bofh.it/debian/id_413 would you mind filing a bug about this?! Refering to your blog post is nice, but it's harder to track and to subscribe to. > > * how to execute a command in a running VM? lxc-execute complains that > > the > Lack of something like VE_ENTER also makes it unsuitable for me. eek, me too. Another bug. > > container is busy, forcing it results in processes in both sessions not > > seeing each other (ie, they end up in different cgroups instead of > > entering the existing one). > AFAIK there is still no way to attach a process to an existing cgroup, > so you need to have a sshd in the guest. uh :( cheers, Holger -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
