[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1176716941.9488.57.camel@ram.us.ibm.com>
Date: Mon, 16 Apr 2007 02:49:01 -0700
From: Ram Pai <linuxram@...ibm.com>
To: Miklos Szeredi <miklos@...redi.hu>
Cc: devel@...nvz.org, serue@...ibm.com, linux-kernel@...r.kernel.org,
containers@...ts.osdl.org, viro@....linux.org.uk,
linux-fsdevel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: [Devel] Re: [patch 05/10] add "permit user mounts in new
namespace" clone flag
On Mon, 2007-04-16 at 11:32 +0200, Miklos Szeredi wrote:
> > > Given the existence of shared subtrees allowing/denying this at the
> > > mount
> > > namespace level is silly and wrong.
> > >
> > > If we need more than just the filesystem permission checks can we
> > > make it a mount flag settable with mount and remount that allows
> > > non-privileged users the ability to create mount points under it
> > > in directories they have full read/write access to.
> >
> > Also for bind-mount and remount operations the flag has to be propagated
> > down its propagation tree. Otherwise a unpriviledged mount in a shared
> > mount wont get reflected in its peers and slaves, leading to unidentical
> > shared-subtrees.
>
> That's an interesting question. Do we want shared mounts to be
> totally identical, including mnt_flags? It doesn't look as if
> do_remount() guarantees that currently.
Depends on the semantics of each of the flags. Some flags like of the
read/write flag, would not interfere with the propagation semantics
AFAICT. But this one certainly seems to interfere.
RP
> Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists