From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Serge E. Hallyn" Subject: Re: [lxc-devel] CGroup Namespaces (v10) Date: Fri, 12 Feb 2016 17:22:21 -0600 Message-ID: <20160212232221.GA31062__760.956834028725$1455319360$gmane$org@mail.hallyn.com> References: <1454057651-23959-1-git-send-email-serge.hallyn@ubuntu.com> <20160212160906.GG3741@mtj.duckdns.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <20160212160906.GG3741-qYNAdHglDFBN0TnZuCh8vA@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Tejun Heo Cc: gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org, Linux API , Linux Containers , "linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , Alban Crequy , LXC development mailing-list , Johannes Weiner , cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Andrew Morton List-Id: containers.vger.kernel.org On Fri, Feb 12, 2016 at 11:09:06AM -0500, Tejun Heo wrote: > Hello, > > On Fri, Feb 12, 2016 at 12:18:28AM +0100, Alban Crequy wrote: > > I just noticed commit c38c4597e4bf ("netfilter: implement xt_cgroup > > cgroup2 path match") which, as far as I understand, introduces a new > > userland facing API containing the full cgroup path. Does it mean that > > the cgroupns patchset should include cgroup path translation in > > xt_cgroup? > > I don't think so. None of netfilter configuration is namespaced in > any way. They're system-global by nature. I assume at some point you'll want the set ported onto for-4.6 or linux-next? My 2016-02-03/cgns set still cherrypick cleanly onto for-4.6 at the moment, but I haven't tried linux-next, and I haven't done build+test since 4.5-rc1 came out. thanks, -serge