Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760253AbXIXXCZ (ORCPT ); Mon, 24 Sep 2007 19:02:25 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753872AbXIXXCR (ORCPT ); Mon, 24 Sep 2007 19:02:17 -0400 Received: from smtp113.sbc.mail.re2.yahoo.com ([68.142.229.92]:20087 "HELO smtp113.sbc.mail.re2.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1753114AbXIXXCQ (ORCPT ); Mon, 24 Sep 2007 19:02:16 -0400 X-YMail-OSG: AZ1DLOwVM1ljLM8Qsu0zr.CXNkuHlH5C7LdooafQxmNk5PMP8Zmr4fRp1gnX07jbHwq0CebqckzFFWR_oF6xNhLKH6HXiMYO9SD.pbY_SFxhAXby0mJEks5OjgIfk8iuzmQZ1GWoC3LgsrM- Date: Mon, 24 Sep 2007 18:02:13 -0500 From: "Serge E. Hallyn" To: David Newall Cc: "Serge E. Hallyn" , Bill Davidsen , Philipp Marek , 7eggert@gmx.de, Alan Cox , majkls , bunk@fs.tum.de, linux-kernel@vger.kernel.org Subject: Re: sys_chroot+sys_fchdir Fix Message-ID: <20070924230213.GB3160@vino.hallyn.com> References: <952DN-83o-31@gated-at.bofh.it> <56705.193.171.152.61.1190289559.squirrel@webmail.marek.priv.at> <46F29A9A.4070806@davidnewall.com> <200709201817.17282@x5> <46F2B59F.8090709@davidnewall.com> <46F2DDD0.3030500@tmr.com> <46F380E4.4040606@davidnewall.com> <20070924213215.GA32716@vino.hallyn.com> <46F83474.5040503@davidnewall.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <46F83474.5040503@davidnewall.com> User-Agent: Mutt/1.5.16 (2007-06-09) Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1052 Lines: 28 Quoting David Newall (david@davidnewall.com): > Serge E. Hallyn wrote: >> No reason for any new parameters to pivot_root. Just clone your mounts >> namespace first. >> >> unshare(CLONE_NEWNS); >> chdir(new_dir); >> pivot_root(new_dir, oldroot); >> >> Since pivot_root actually fiddles with the vfsmnts, this is really the >> only way to go about having it "work with just one process". > > I think the point is that, whereas we'd like to be able to pivot the root > for a single process, in practice this causes startup issues to which the > easy solution is to pivot the whole system. At least that's my reading of > the man page. > > It might be tidy if pivot_root could be used (instead of a hack based on a > chroot bug), but it'd still be unportable. Oh. Yes, true, it is unportable. -serge - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/