On Tue, 2013-09-24 at 10:10 +0100, Andy Whitcroft wrote: > On Mon, Sep 23, 2013 at 05:08:26PM -0500, Serge Hallyn wrote: > > Hi, > > > > The final patches needed to resolve conflicts between XFS and user > > namespaces are in 3.12. I've backported them to saucy at > > > > http://kernel.ubuntu.com/git?p=serge/ubuntu-saucy.git;a=summary # > > m.sep23.xfs2 > > > > This has 7 patches cherrypicked from Linus' tree, one patch by > > myself to add a sysctl, default off, to enable unprivileged use > > of CLONE_NEWUSER, and a packaging patch to set CONFIG_USER_NS=y. > > These are pretty big patches to be bringing so late to the party. I am > particularly concerned that you have missed the beta deadline so we will > be shovelling this into the kernel after the majority of the testing has > been completed. > > I assume we need these XFS patches because you cannot enable USER_NS at > all without disabling XFS en-toto, an obvious no-no. What feature does > this new code enable which would be lost if we don't have them. > > On the unpriveleged setup, I presume we are saying upstream will allow > it by default, it is just us who are adding this possible cut off if > there are issues? [...]
I was planning to include the same sort of knob when USER_NS is enabled in Debian. I can probably just copy your patch now. Ben. -- Ben Hutchings Life is like a sewer: what you get out of it depends on what you put into it. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
