diff options
author | Serge E. Hallyn <serue@us.ibm.com> | 2008-12-08 16:52:21 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-12-08 17:25:53 -0500 |
commit | 94d6a5f7341ebaff53d4e41cc81fab37f0d9fbed (patch) | |
tree | 07b4a016a50f1cc42c6295ec387a26d1a4481381 /Documentation/scheduler | |
parent | 7657d90497f98426af17f0ac633a9b335bb7a8fb (diff) |
user namespaces: document CFS behavior
Documented the currently bogus state of support for CFS user groups with
user namespaces. In particular, all users in a user namespace should be
children of the user which created the user namespace. This is yet to
be implemented.
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: Dhaval Giani <dhaval@linux.vnet.ibm.com>
Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'Documentation/scheduler')
-rw-r--r-- | Documentation/scheduler/sched-design-CFS.txt | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/Documentation/scheduler/sched-design-CFS.txt b/Documentation/scheduler/sched-design-CFS.txt index eb471c7a905e..8398ca4ff4ed 100644 --- a/Documentation/scheduler/sched-design-CFS.txt +++ b/Documentation/scheduler/sched-design-CFS.txt | |||
@@ -273,3 +273,24 @@ task groups and modify their CPU share using the "cgroups" pseudo filesystem. | |||
273 | 273 | ||
274 | # #Launch gmplayer (or your favourite movie player) | 274 | # #Launch gmplayer (or your favourite movie player) |
275 | # echo <movie_player_pid> > multimedia/tasks | 275 | # echo <movie_player_pid> > multimedia/tasks |
276 | |||
277 | 8. Implementation note: user namespaces | ||
278 | |||
279 | User namespaces are intended to be hierarchical. But they are currently | ||
280 | only partially implemented. Each of those has ramifications for CFS. | ||
281 | |||
282 | First, since user namespaces are hierarchical, the /sys/kernel/uids | ||
283 | presentation is inadequate. Eventually we will likely want to use sysfs | ||
284 | tagging to provide private views of /sys/kernel/uids within each user | ||
285 | namespace. | ||
286 | |||
287 | Second, the hierarchical nature is intended to support completely | ||
288 | unprivileged use of user namespaces. So if using user groups, then | ||
289 | we want the users in a user namespace to be children of the user | ||
290 | who created it. | ||
291 | |||
292 | That is currently unimplemented. So instead, every user in a new | ||
293 | user namespace will receive 1024 shares just like any user in the | ||
294 | initial user namespace. Note that at the moment creation of a new | ||
295 | user namespace requires each of CAP_SYS_ADMIN, CAP_SETUID, and | ||
296 | CAP_SETGID. | ||