Rodrigo Campos
Rodrigo Campos
@cyphar haha, sorry and thanks! :)
@cyphar Yes, IMHO we can close this. On one hand, with the overlayfs protection for `/proc/self/exe` this is faster and almost no test fail on moby CI (only one in...
@kolyshkin thanks for providing all the links, it _really_ makes a difference! I agree with you [here](https://github.com/opencontainers/runc/issues/4426#issuecomment-2398243463) about no adding more config options, and [here](https://github.com/opencontainers/runc/issues/4426#issuecomment-2394796876) about the answers. The short...
@thundergolfer a fourth option is to let runc create the userns and the netns. This way, runc makes sure to create them in the right order (so it has the...
> ### Steps to reproduce the issue > > 1. write a runc hook to return error, and config it into runtime of containerd How do you do that? Please...
@lifubang do you want to have a last review or shall I merge?
@lifubang Is @kolyshkin answer not enough. Wanna verify that or what do you propose?
@halaney right, I forgot that ubuntu blocked unprivileged userns creation by default. Not sure if any other popular distro is doing that still or not. But it's definitely something to...
> I also think we might be able to do something wacky with the ubuntu situation. I need to find some time to try it out, but we could do...