1 |
On Mon, May 12, 2014 at 1:22 PM, Rick "Zero_Chaos" Farina |
2 |
<zerochaos@g.o> wrote: |
3 |
> That would be nice, can we do the network namespaces so that I at least |
4 |
> don't have to bind to a random port? That alone would be a major |
5 |
> improvement in usability. |
6 |
|
7 |
From my very limited understanding of network namespaces, when you |
8 |
create one it doesn't contain any interfaces. You can then create |
9 |
virtual interfaces inside, and potentially bridge them to other |
10 |
interfaces outside. If you just don't bridge it, then you would get |
11 |
what amounts to a loopback interface inside the namespace. If you do |
12 |
bridge it, then that interface still gets its own IP. |
13 |
|
14 |
Nothing would be listening on a new virtual interface, so you could |
15 |
bind to any port you want to (though I think you'd still need to be |
16 |
root to bind to a low port/etc). |
17 |
|
18 |
> |
19 |
> Personally, I would love to be able to talk to localhost outside the |
20 |
> ebuild, but if everyone agrees that is too dangerous then I don't feel I |
21 |
> am qualified to disagree. |
22 |
|
23 |
I guess the question is, "why?" I suppose you could provide a way for |
24 |
ebuilds to disable the use of namespaces, but I'm not sure if that is |
25 |
worth building, or even is desirable. (And yes, I realize this would |
26 |
be PM-specific if we did it.) |
27 |
|
28 |
Rich |