Re: [PATCH] private mounts

From: Eric Van Hensbergen
Date: Thu Apr 28 2005 - 08:49:06 EST

On 4/26/05, Jamie Lokier <jamie@xxxxxxxxxxxxx> wrote:
> It's called /proc/NNN/root.
> So no new system calls are needed. A daemon to hand out per-user
> namespaces (or any other policy) can be written using existing
> kernels, and those namespaces can be joined using chroot.
> That's the theory anyway. It's always possible I misread the code (as
> I don't use namespaces and don't have tools handy to try them).

Should have checked myself before posting my previous reply -- but
this doesn't seem to work. /proc/NNN/root is represented as a
symlink, but when you CLONE_NS and then try to look at another one of
your process' /proc/NNN/root the link doesn't seem to have a target
and you get permission denied on all accesses. I haven't looked at
the underlying procfs code, but adapting procfs for this sort of
purpose feels wrong.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at