Dear Aufs maintainers,
   Linux  kernel  3.8  has  added support for user namespace which allows
   unprivileged users to create different namespaces for sandboxing within the
   user namespace. The filesystem developers need to explicitly allow mounting
   their filesystem types within a user namespace. This explicit permission is
   required because an overall unprivileged user of the system can be mapped to
   a root user within a user namespace. Most of the Linux filesystems already
   support user namespaces.
   This  use namespace support can be added by a small change in the file
   fs/aufs/super.c to add

   flag FS_USERNS_MOUNT to aufs_fs_type (shown in bold below). Please let me
   know if you would like me to send a patch including this change.


   struct file_system_type aufs_fs_type = {
           .name           = AUFS_FSTYPE,
           /* a race between rename and others */
           .fs_flags       = FS_RENAME_DOES_D_MOVE | FS_USERNS_MOUNT,
           .mount          = aufs_mount,
           .kill_sb        = aufs_kill_sb,
           /* no need to __module_get() and module_put(). */
           .owner          = THIS_MODULE,
   Bhushan Jain

   CS PhD candidate,

   Stony Brook University
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!

Reply via email to