[patch v3] Allow for unpriviledged nested containers
DJ Delorie
dj@redhat.com
Thu Nov 18 19:52:04 GMT 2021
Florian Weimer <fweimer@redhat.com> writes:
>> Well, for the pldd test, obviously we do ;-)
>
> Do we? /proc and the PIDs of the processes have to be consistent for
> sure, but do we really need them to be separate from the host?
It's the consistency that's the problem. If getpid() (which returns a
pid in the child namespace) returns a value that's useless in
/proc/<pid> (because those are pids in the parent namespace) then the
test fails.
One process can have different PIDs depending on how you look at it.
>> 1. No /proc
>> 2. /proc in wrong namespace
>> 3. /proc in correct namespace
>>
>> We'd prefer 3, then 1, but not 2?
>
> Yeah, 2 is quite bad for some tests at least. Some thread-exit tests
> will suffer as well, I think, because they read TIDs from
> /proc/self/task.
3-then-1 returns us to my original patch, which attempted to mount it in
the child namespace, or failed but let the test run anyway.
More information about the Libc-alpha
mailing list