On Tue, Feb 20, 2018 at 07:17:42PM +0100, Dirk Geschke wrote: > Hi Christian, > > > > Does this mean that lxc 3.0 is systemd-only? > > > > No! > > > > This has no effect whatsoever on what init system you are running. This > > is completely orthogonal and to some extent always has been. In fact, > > we've become even more agnostic wrt to what init binary (be it a full > > init system or a simple application) can be run. Additionally, the > > current cgroup driver contains logic: > > - to mount cgroups for an init system that doesn't mount cgroups by > > itself (e.g. OpenRC) even when cgroup namespaces are supported. > > Something which wasn't possible before without specifying > > lxc.mount.entry entries or running hooks. > > - to mount cgroups for container that drop CAP_SYS_ADMIN (privilged and > > unprivileged) in their user namespace > > that sounds great: Well done! > > BTW: Do you know the kernel parameter for cgroup namespaces? The > kernel config knows only about CONFIG_NAMESPACES, UTS_NS, IPC_NS, > USER_NS, PID_NS and NET_NS. I know, there are cgroup namespaces, > but what is the configuration parameter? I'm just wondering...
There's no separate flag for cgroup namespaces in the upstream kernel. Cgroup namespaces are usually enabled by setting CONFIG_CGROUPS=y. From the manpage (man cgroup_namespaces): "Use of cgroup namespaces requires a kernel that is configured with the CONFIG_CGROUPS option." Christian _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
