[PATCH RFC] audit: provide namespace information in user originated records
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Mar 21 02:21:16 UTC 2013
Quoting Eric Paris (eparis at redhat.com):
> So the kernel socket(s) would be per network namespace, but we divide
> messages per user namespace? Which socket do I send them on,
> considering the possible crazy many<->many mappings between user and
> network namespaces. It all makes me cry a little.
not many-many - each netns is owned by exactly one userns. The userns
from which the netns was created.
-serge
More information about the Linux-audit
mailing list