git.ipfire.org Git - thirdparty/systemd.git/commit

]> git.ipfire.org Git - thirdparty/systemd.git/commit

projects / thirdparty / systemd.git / commit

author	Lennart Poettering <lennart@poettering.net>
	Wed, 27 Nov 2024 13:50:01 +0000 (14:50 +0100)
committer	Mike Yuan <me@yhndnzj.com>
	Wed, 11 Dec 2024 18:23:03 +0000 (19:23 +0100)
commit	7f0a615ef8bec6d7e56ffbae566b3029e17817bd
tree	41a9b75af82f6fef67d7376a8cc6e651e3f08669	tree \| snapshot
parent	3ca09aa4dd57327989eceb1298754601046ac041	commit \| diff

virt: dont check for cgroupns anymore

Now that we have a reliable pidns check I don't think we really should
look for cgroupns anymore, it's too weak a check. I mean, if I myself
would implement a desktop app sandbox (like flatpak) I'd always enable
cgroupns, simply to hide the host cgroup hierarchy.

Hence drop the check.

I suggested adding this 4 years ago here:

https://github.com/systemd/systemd/pull/17902#issuecomment-745548306

src/basic/virt.c

diff | blob | blame | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom