Re: [PATCH v2 10/10] Allow --userns when pasta spawns a command

On Sat, 10 Sep 2022 17:29:35 +1000 David Gibson wrote:

On Fri, Sep 09, 2022 at 04:34:25PM +0200, Stefano Brivio wrote:

...

On Thu, 8 Sep 2022 13:59:07 +1000 David Gibson wrote:

...

Currently --userns is only allowed when pasta is attaching to an existing netns or PID, and is prohibited when creating a new netns by spawning a command or shell.

With the new handling of userns, this check isn't neccessary. I'm not sure if there's any use case for --userns with a spawned command, but it's strictly more flexible and requires zero extra code, so we might as well.

I think it's helpful because one might not be able to join a network namespace without first joining a given user namespace.

Well.. this is strictly for the spawning command case, so we're creating the network ns rather than joining one.

Ah, you're right. Then I'm also not sure. But yes, it's negative lines of code, so why not. -- Stefano