From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman) Subject: Re: [GIT PULL] namespaces related fixes for v4.11-rc1 Date: Thu, 23 Feb 2017 14:29:45 +1300 Message-ID: <8737f54rue.fsf@xmission.com> References: <8760k29cku.fsf@xmission.com> <84361910-ba16-79ff-09cd-c76b3f66cc85@suse.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <84361910-ba16-79ff-09cd-c76b3f66cc85-l3A5Bk7waGM@public.gmane.org> (Aleksa Sarai's message of "Thu, 23 Feb 2017 08:15:46 +1100") List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Aleksa Sarai Cc: linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Linux Containers , Linus Torvalds , linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: linux-api@vger.kernel.org Aleksa Sarai writes: >> The only known user of this prctl systemd >> forks all children after the prctl. So no userspace regressions will >> occur. > > Note that runC and containerd (and thus Docker) as well as cri-o use the prctl > as well -- to be able to collect exit codes from a non-child process (namely to > collect the exit code from PID 1 in the container). Are any of those affected by the change? I would not expect so. As it would require having children or grand children whose exit codes you don't want to collect. Eric