| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Apr 2015 22:08:56 +0200 From: Richard Weinberger <richard@....at> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org> CC: Richard Weinberger <richard.weinberger@...il.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Arnd Bergmann <arnd@...db.de>, One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>, Tom Gundersen <teg@...m.no>, Jiri Kosina <jkosina@...e.cz>, Andy Lutomirski <luto@...capital.net>, LKML <linux-kernel@...r.kernel.org>, daniel@...que.org, David Herrmann <dh.herrmann@...il.com>, Djalal Harouni <tixxdz@...ndz.org> Subject: Re: [GIT PULL] kdbus for 4.1-rc1 Am 13.04.2015 um 22:03 schrieb Greg Kroah-Hartman: > On Mon, Apr 13, 2015 at 09:57:24PM +0200, Richard Weinberger wrote: >> >> Am 13.04.2015 um 21:54 schrieb Greg Kroah-Hartman: >>> On Mon, Apr 13, 2015 at 09:49:27PM +0200, Richard Weinberger wrote: >>>> On Mon, Apr 13, 2015 at 9:42 PM, Greg Kroah-Hartman >>>> <gregkh@...uxfoundation.org> wrote: >>>>>> I remain opposed to this half thought out trash of an ABI for the >>>>>> meta-data. >>>>> >>>>> You don't have to enable the metadata if you don't want to use it, it's >>>>> an option :) >>>> >>>> Wasn't this also an argument for CONFIG_CGROUPS? >>>> Now we're forced to enable it by default to boot a recent distro >>>> and CONFIG_CGROUPS is still not fixed. >>> >>> CONFIG_CGROUPS is "not fixed"? I think Tejun would like to have some >>> words with you :) >> >> Tejun is working on it and does a *very* good job. But as long the unified >> hirarchy is not complete/stable we're facing issues. >> Ever tried to run systemd a linux container? ;) > > Works just fine for me, I do it daily. Here's how I spin up a debian > image on my local filesystem, running systemd within it just swimmingly: > sudo systemd-nspawn -D debian/ /sbin/init > > Also works just fine with gentoo and arch images, both of which I use on > a weekly basis in this manner. > > Perhaps you are doing something odd that prevents this from working for > you? systemd-nspawn does not support user namespaces. But the real issue is that cgroup notification does not work within namespaces. I.e. systemd within the namespaces does not get a notify when all processes within a cgroup are gone. You'll notice that by running a container a long time, systemd will get slower and slower as a lot of sessions (mostly crond) will stay. It is known by systemd folks and I have been told that they need the new unified cgroup hirarchy to deal with that. I consult a lot in the linux container hosting area and had a lot of "fun" with issues like that... Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists