2
 edits
Changes
m
 
→Hide container processes from host completely
It is possible to hide other CT's processes from [[CT0]]. For this just enable kernel.pid_ns_hide_child sysctl parameter:
<pre>
sysctl -w 'kernel.pid_ns_hide_child=1'
</pre>
and restart all containers. To make setting permanent put into /etc/sysctl.conf following line:
<pre>
kernel.pid_ns_hide_child=1
</pre>
After this ps or htop or top do not show anymore other container processes.
=== "Poor man's vzps in bash" ===