[$] Container IDs for the audit subsystem

By jake

Linux containers are something of an amorphous beast, at least with
respect to the kernel. There are lots of facilities that the kernel
provides (namespaces, control groups, seccomp, and so on) that can be
composed by user-space tools into containers of various shapes and
colors; the kernel is blissfully unaware of how user space views that
composition. But there is interest in having the kernel be more aware of
containers and for it to be able to distinguish what user space considers
to be a single container. One particular use case for the kernel managing
container identifiers is the audit
subsystem
, which needs unforgeable IDs for containers that can be
associated with
audit trails.

From: LWN

Share