suggestion: decouple unshare from mounting in pam_namespace
Louis-Dominique Dubeau
ldd at lddubeau.com
Fri May 23 17:50:31 UTC 2008
On Fri, 2008-05-23 at 10:24 -0400, Louis-Dominique Dubeau wrote:
> It makes sense somewhat. But with the KISS principle in mind - when you
> want just the unshare, why not create a new module called pam_unshare,
> which would just call unshare and not do anything else? I think we could
> accept such module into Linux-PAM.
I have no problem with this approach. I just do not know pam well
enough to know whether this would have unforeseen consequences or not.
What needs to be done to ensure the presence of pam_unshare in a future
version of pam?
Thanks,
Louis
More information about the Pam-list
mailing list