From: "Serge E. Hallyn" <serue@us.ibm.com>
To: Li Zefan <lizf@cn.fujitsu.com>
Cc: Paul Menage <menage@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
LKML <linux-kernel@vger.kernel.org>,
Linux Containers <containers@lists.linux-foundation.org>
Subject: Re: [PATCH][BUGFIX] cgroups: fix pid namespace bug
Date: Thu, 2 Jul 2009 08:26:59 -0500 [thread overview]
Message-ID: <20090702132659.GA8051@us.ibm.com> (raw)
In-Reply-To: <4A4C1B33.2030002@cn.fujitsu.com>
Quoting Li Zefan (lizf@cn.fujitsu.com):
> Paul Menage wrote:
> > On Wed, Jul 1, 2009 at 7:17 PM, Li Zefan<lizf@cn.fujitsu.com> wrote:
> >> But I guess we are going to fix the bug for 2.6.31? So is it ok to
> >> merge a new feature 'cgroup.procs' together into 2.6.31?
> >>
> >
> > Does this bug really need to be fixed for 2.6.31? I didn't think that
> > the namespace support in mainline was robust enough yet for people to
> > use them for virtual servers in production environments.
I don't know where the bar is for 'production environments', but I'd
have to claim that pid namespaces are there...
> If so, it's ok for me. Unless someone else has objections. Serge?
Well, on the one hand it's not a horrible bug in that at least it
won't crash the kernel. But what bugs me is that there is no
workaround for userspace, no way for an admin to know that if he
does for t in `cat /cgroup/victim/tasks`; do kill $t; done he
won't kill his mysql server.
I think that's a bad enough risk to make it worth trying to push
Li's patch. Surely changing Ben's procs file should be pretty
trivial to rebase?
thanks,
-serge
next prev parent reply other threads:[~2009-07-02 13:27 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-02 1:24 [PATCH][BUGFIX] cgroups: fix pid namespace bug Li Zefan
2009-07-02 1:36 ` Paul Menage
2009-07-02 1:45 ` Li Zefan
2009-07-02 1:57 ` KAMEZAWA Hiroyuki
2009-07-02 11:40 ` Balbir Singh
2009-07-02 2:17 ` Li Zefan
2009-07-02 2:20 ` Paul Menage
2009-07-02 2:28 ` Li Zefan
2009-07-02 13:26 ` Serge E. Hallyn [this message]
2009-07-02 15:43 ` Paul Menage
2009-07-02 16:15 ` Serge E. Hallyn
2009-07-02 16:27 ` Paul Menage
2009-07-02 23:20 ` Andrew Morton
2009-07-02 23:29 ` Paul Menage
2009-07-04 9:13 ` Eric W. Biederman
2009-07-02 13:58 ` Serge E. Hallyn
2009-07-02 16:26 ` Paul Menage
2009-07-02 16:37 ` Serge E. Hallyn
2009-07-02 16:46 ` Paul Menage
2009-07-02 19:14 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090702132659.GA8051@us.ibm.com \
--to=serue@us.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=containers@lists.linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lizf@cn.fujitsu.com \
--cc=menage@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox