Details
-
Type:
Feature Request
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Fix Version/s: Vz7.0-Update-next
-
Component/s: Containers::Kernel
-
Security Level: Public
Description
Historically it was disabled because of the shared fs between Containers and inconvenience on Container destroy operation: if someone set a file immutable inside a CT, vzctl/prctl needs to remove the attr first and only after that remove data.
Now we store CT data inside a ploop => no problem on destroy => it seems to be safe to allow setting immutable inside a CT, but we still have simfs - shared fs case, so we need to distinguish these 2 cases, allow immutable for ploop and disable for shared fs (simfs) (new flag on superblock?).
Now we store CT data inside a ploop => no problem on destroy => it seems to be safe to allow setting immutable inside a CT, but we still have simfs - shared fs case, so we need to distinguish these 2 cases, allow immutable for ploop and disable for shared fs (simfs) (new flag on superblock?).