Dear Aufs maintainers, Linux kernel 3.8 has added support for user namespace which allows unprivileged users to create different namespaces for sandboxing within the user namespace. The filesystem developers need to explicitly allow mounting their filesystem types within a user namespace. This explicit permission is required because an overall unprivileged user of the system can be mapped to a root user within a user namespace. Most of the Linux filesystems already support user namespaces. This use namespace support can be added by a small change in the file fs/aufs/super.c to add
flag FS_USERNS_MOUNT to aufs_fs_type (shown in bold below). Please let me know if you would like me to send a patch including this change. fs/aufs/super.c: struct file_system_type aufs_fs_type = { .name = AUFS_FSTYPE, /* a race between rename and others */ .fs_flags = FS_RENAME_DOES_D_MOVE | FS_USERNS_MOUNT, .mount = aufs_mount, .kill_sb = aufs_kill_sb, /* no need to __module_get() and module_put(). */ .owner = THIS_MODULE, }; Thanks, Bhushan Jain CS PhD candidate, Stony Brook University
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk