Received: by 2002:ac0:a679:0:0:0:0:0 with SMTP id p54csp575685imp; Wed, 20 Feb 2019 05:27:23 -0800 (PST) X-Google-Smtp-Source: AHgI3IYqAl39FZof7o+5H1q5Eo2gENC/uCQpJIrpc5gzmgWITlOFFkCwucizfE8Tc9lOsdhXkyDc X-Received: by 2002:a62:1b03:: with SMTP id b3mr35408352pfb.218.1550669243739; Wed, 20 Feb 2019 05:27:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550669243; cv=none; d=google.com; s=arc-20160816; b=f9ZGvpv2s6+2+IE8GHgg7YFDzZ+N/i1ALXR512C9oCexsZMeY453DwqfK46UNy2/GV C9j5S0TOiBOFGjm5KQBNL+JpsJw6/6cmzJ4xJESurV8XRtL+Kpv3eLx7jAbU6mg9PH1C gI8BYskJv6K2DdLIr0WRvtDAbCtzY3DDf7x6wyGW6h9vQsZgiucNfx1iX80tmShF7rOS reMGFocycl4F+9V7bGC697CnBeSAA9MYIs9Bya3FilH2xVahFAxceJnDZtOnhmxnlOw2 7WgxK0ZMnLWS7NZvtp89tmOBEj9MH/N3fVFrqYmtFOn1JwLX2WBEnvbEBOokjqk9btAk 7q5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=1JQam90U+6VOjJbiYx8tejOxAiXSTEoSs7kyr8I+VFw=; b=agS1kRE9C/6qSQAPYxtWwNJBKAEyXjLq2YCzUI2Hrm7QrpHsBkfP6kO4wbyORbh4R7 vXLX5PM6n1POi3neSd2Qfu3WRqeTS6nX1ImbFg5RH4+lmLv/XQM6RArYw52UVGFNfxdA P1D/pLiWP9sfB9EOKNeZ/n2JV0lP27NOezaiWif0MrrT3go7OCRKukgzUWkYfzSU3wg5 DnmmOuwRBhnHq02VF/nuTBg7Flp2buLIoMC3RIRv+PqQQUiURj1l4ztYIKyiqejQ+OWo csBME7oi1r4s/FOaQlqDsSC73/1NSEtWGrS79kUFW1PEeSYZtARe7wSLvKYkDWOEAtEp ZB5w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=G2WBdU6b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t71si4923942pgd.550.2019.02.20.05.27.07; Wed, 20 Feb 2019 05:27:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=G2WBdU6b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728115AbfBTN0L (ORCPT + 99 others); Wed, 20 Feb 2019 08:26:11 -0500 Received: from mail-wm1-f68.google.com ([209.85.128.68]:36328 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726172AbfBTN0K (ORCPT ); Wed, 20 Feb 2019 08:26:10 -0500 Received: by mail-wm1-f68.google.com with SMTP id j125so6436647wmj.1 for ; Wed, 20 Feb 2019 05:26:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=1JQam90U+6VOjJbiYx8tejOxAiXSTEoSs7kyr8I+VFw=; b=G2WBdU6bGnmGuvbpVAav4fL6NRioQgwohfgDFrrieMWMGgiT+Jg2vi/v+wWiXYMufa 4C1z5B/kF1sYh8GGIpAUWVY3b1agcNyixvWIq+JhskHVIuW7yJ6fnSBNTMd7SACwp6c6 D5ym2SUwCzj3JGI1bT2y5ybho+t8WhjNiRbfPTmIkZDcaJJbNUnS8w20ABrrBda45vql bYYzTY2aqeCiQVx2yaPV4BAnsPqAzOIbmJ9/+lqUtx5liYzsWHjmXK9y7gyR6J3AaJW8 ujJ9vA/ycJlGuIWTk5meRwRknAxakE24vWEny5SsX+tUF8OK0w/eexPTrtZ9qv5UWABM hRww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=1JQam90U+6VOjJbiYx8tejOxAiXSTEoSs7kyr8I+VFw=; b=R1Tu3zpp0pYzQkSonKDiTSn0Xez+vJ2B4NF2gY+2YYAVgLABdptsH/wVV6dv9gFiSf jpbdwlg4XfbyqAEBIjJ7homNg9ezItA623SIfww6ZnfTv5ITAhGpqxrnFQUiSDU7eTwK PZfXueGZYJtG+k848ixXvRkNfQ4ah+xeVZYiQbX5rShBBoG67S00escjnMiNHbdTvs+R WqmakaGR1FpcgQi7sjsi4FawDYin2U8KnUSM8eXi/raF0INu5nyb9G3RRiE61BNRjZre Oz5+3rv5dI1EFfhFwSL3E3k6NE3ti96ZvKvTYgxKPoV4Yifjn6xeKMHe2xqWg1OfoAHN 62pQ== X-Gm-Message-State: AHQUAuZRr9sJ0BBGgj4mm09OS4KCiXn0nhfzEY7ryIQGd0Tv7c+Q/fL3 8kPe2CU2xXryo+CtW9G4bqQQgQ== X-Received: by 2002:a7b:c0c3:: with SMTP id s3mr6369747wmh.141.1550669167512; Wed, 20 Feb 2019 05:26:07 -0800 (PST) Received: from brauner.io ([81.92.17.155]) by smtp.gmail.com with ESMTPSA id j124sm5816696wmb.48.2019.02.20.05.26.04 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Wed, 20 Feb 2019 05:26:06 -0800 (PST) Date: Wed, 20 Feb 2019 14:26:02 +0100 From: Christian Brauner To: Ian Kent Cc: David Howells , keyrings@vger.kernel.org, trond.myklebust@hammerspace.com, sfrench@samba.org, James Bottomley , linux-cifs@vger.kernel.org, linux-nfs@vger.kernel.org, containers@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, cgroups@vger.kernel.org Subject: Re: [RFC PATCH 02/27] containers: Implement containers as kernel objects Message-ID: <20190220132600.c5ahsmnoihdrcqeq@brauner.io> References: <155024683432.21651.14153938339749694146.stgit@warthog.procyon.org.uk> <155024685321.21651.1504201877881622756.stgit@warthog.procyon.org.uk> <7923d4aa646fbe4bd71cfb4144f1c96f28cad972.camel@themaw.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <7923d4aa646fbe4bd71cfb4144f1c96f28cad972.camel@themaw.net> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 20, 2019 at 10:46:24AM +0800, Ian Kent wrote: > On Fri, 2019-02-15 at 16:07 +0000, David Howells wrote: > > Implement a kernel container object such that it contains the following > > things: > > > > (1) Namespaces. > > > > (2) A root directory. > > > > (3) A set of processes, including one designated as the 'init' process. > > Yeah, I think a name other than init needs to be used for this > process. > > The problem being that there is no requirement for container > process 1 to behave in any way like an "init" process is > expected to behave and that leads to confusion (at least > it certainly did for me). If you look at the documentation for pid namespaces(7) you can see that the pid 1 inside a pid namespace is expected to behave like an init process: - "The first process created in a new namespace [...] has the PID 1, and is the "init" process for the namespace (see init(1))." - "[...] child process that is orphaned within the namespace will be reparented to this process rather than init(1) [...]" - "If the "init" process of a PID namespace terminates, the kernel terminates all of the processes in the namespace via a SIGKILL signal. This behavior reflects the fact that the "init" process is essential for the cor‐ rect operation of a PID namespace." - "Only signals for which the "init" process has established a signal handler can be sent to the "init" process by other members of the PID namespace." - "[...] the reboot(2) system call causes a signal to be sent to the namespace "init" process." This is one of the reasons why all major current container runtimes finally after years of failing to realize this run a stub init process that mimicks a dumb init. Sure, you get away with not having an init that behaves like an init but this is inherently broken or at least against the way pid namespaces were designed.