sf...@users.sourceforge.net: > Florian Klink: >> Just to test the kernel? You can get the location of the git tree and >> the default config from here: >> https://aur.archlinux.org/packages/linux-zen/?setlang=en > To find out who runs "remount,ro". > I don't understand why you focused FS_USERNS_MOUNT. > > > J. R. Okajima I think, it's the init system that did the remount-ro (a remount,ro of / is done when you shutdown). I now updated to a newer version, (of systemd) and the problem went magically away - seems like systemd now properly detects when it's inside a container and doesn't remount,ro anymore ;-)
About FS_USERNS_MOUNT: I thought that there is probably some /dev/root that's mounted inside the container to "/" by the "container root user" during startup, and by allowing a "user mount" inside the namespace, the remount would probably be only effective inside the container namespace. But that was a red herring... But I still think that enabling FS_USERNS_MOUNT is a good idea. I don't really see a reason why a user should not be able to create a union mount of two directories he's able to access on their own anyway. For sure, there are some use cases for this, like the following: user has a big, read only volume (blu ray?) of a lot of small files, and wants to change some of them, but still see the "result as a whole" without having to copy all whole files to a read-write directory. Florian ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
