[Bug 925513] Re: plymouth should not run in container
Serge Hallyn
925513 at bugs.launchpad.net
Thu Feb 16 14:25:36 UTC 2012
@Steve,
regarding whether disabling plymouth is the right fix: I don't know the
mechanisms plymouth uses.
1. for system log entries, the right fix will be a syslog namespace,
which doesn't yet exist.
2. if it uses proc files, we may be able to use apparmor to protect from
plymouth, though that may make plymouth fail and cause the container to
not boot right. The right fix would be a mix of user namespaces and
proc file access filtering.
3. if it uses devices (ioctls or writes), we may be able to use apparmor
and/or the devices namespace to protect from plymouth, but a device
namespace will be the right fix.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/925513
Title:
plymouth should not run in container
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/925513/+subscriptions
More information about the Ubuntu-server-bugs
mailing list