Quoting Eric W. Biederman (ebied...@xmission.com):
Serge E. Hallyn se...@hallyn.com writes:
Quoting Andy Lutomirski (l...@amacapital.net):
On Tue, Oct 1, 2013 at 7:19 AM, Janne Karhunen janne.karhu...@gmail.com
wrote:
On Thu, Sep 26, 2013 at 8:33 AM, Greg Kroah-Hartman
gre
Quoting Stanislav Kinsbursky (skinsbur...@parallels.com):
This is a cleanup patch. The assignment is redundant.
Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com
Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com
---
ipc/msg.c |5 +
1 files changed, 1 insertions(+), 4
key is
not used.
Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com
Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com
---
ipc/compat.c |6 ++
ipc/util.c | 51 ---
ipc/util.h |2 ++
3 files changed, 56 insertions
are originally created by replacing IPC_ part by
SEM_(MSG_, SHM_) part.
So, I'm hoping, that this change doesn't really matters for QLogic qlge NIC
Can't speak for the driver maintainer, but it does look sane.
Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com
HBA Driver developers, since it's just
is
returned.
Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com
Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com
(again, modulo requested /* fallthrough */ comment )
---
include/uapi/linux/sem.h |1 +
ipc/compat.c |1 +
ipc/sem.c | 10
is
returned.
Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com
Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com
---
include/uapi/linux/msg.h |1 +
ipc/compat.c |1 +
ipc/msg.c | 13 +++--
security/selinux/hooks.c |1
Quoting Stanislav Kinsbursky (skinsbur...@parallels.com):
This patch is required for checkpoint/restore in userspace.
IOW, c/r requires some way to get all pending IPC messages without deleting
them from the queue (checkpoint can fail and in this case tasks will be
resumed,
so queue have to
Quoting Jitendra Kalsaria (jitendra.kalsa...@qlogic.com):
From: Serge Hallyn [mailto:serge.hal...@canonical.com]
Sent: Tuesday, October 23, 2012 9:33 AM
To: Stanislav Kinsbursky
Cc: a...@linux-foundation.org; catalin.mari...@arm.com; will.dea...@arm.com;
dhowe...@redhat.com; manf
Quoting Stanislav Kinsbursky (skinsbur...@parallels.com):
This is a cleanup patch. The assignment is redundant.
Signed-off-by: Stanislav Kinsbursky skinsbur...@parallels.com
---
ipc/msg.c |1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/ipc/msg.c b/ipc/msg.c
Quoting Eric W. Biederman (ebied...@xmission.com):
Glauber Costa glom...@parallels.com writes:
I just came up with the following preliminary list of sessions:
http://wiki.linuxplumbersconf.org/2012:containers
Since people mostly said what they wanted to talk about, but without
allows you to
raise your own limits, worthless). The 'fake cgroup root' has been
mentioned before to address this. Definately worth discussing.
thanks,
-serge
___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel
Quoting Glauber Costa (glom...@parallels.com):
On 07/12/2012 01:41 AM, Kir Kolyshkin wrote:
Gentlemen,
We are organizing containers mini-summit during next Linux Plumbers (San
Diego, August 29-31).
The idea is to gather and discuss everything relevant to namespaces,
cgroups, resource
Quoting Kir Kolyshkin (k...@openvz.org):
On 07/12/2012 07:47 AM, Serge Hallyn wrote:
Quoting Kir Kolyshkin (k...@openvz.org):
Gentlemen,
We are organizing containers mini-summit during next Linux Plumbers
(San Diego, August 29-31).
The idea is to gather and discuss everything relevant
Quoting Kir Kolyshkin (k...@openvz.org):
Gentlemen,
We are organizing containers mini-summit during next Linux Plumbers
(San Diego, August 29-31).
The idea is to gather and discuss everything relevant to namespaces,
cgroups, resource management,
checkpoint-restore and so on.
We are
it.
-serge
___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel
the caps for the privileged ancestors as
described above.
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
___
Devel
over a file if needed.
I'm going to not consider the TPM at the moment :)
Possibly the trickiest problem with keys is how to upcall key construction to
/sbin/request-key when the keys may be of a different user namespace.
Hm, jinkeys, yes.
-serge
Quoting Eric W. Biederman (ebied...@xmission.com):
David Howells dhowe...@redhat.com writes:
Serge E. Hallyn se...@hallyn.com wrote:
I guess we need to look at how to mix keys and namespaces again.
From strictly kernel pov, at the moment, keys are strictly usable only
by the user
To do so we need to pass in the task_struct who'll get the utsname,
so we can get its user_ns.
Changelog:
Feb 23: As per Oleg's coment, just pass in tsk.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h |6 +++---
kernel/nsproxy.c|7
To do that, we have to pass in the task_struct of the task which
will own the ipc_ns, so we can assign its user_ns.
Changelog:
Feb 23: As per Oleg comment, just pass in tsk. To get the
ipc_ns from the nsproxy we need to include nsproxy.h
Signed-off-by: Serge E. Hallyn
-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/capability.h | 38 ++
include/linux/cred.h |4 +++-
kernel/capability.c| 20
kernel/cred.c |5 +
4 files changed, 46 insertions(+), 21
Quoting Andrew Morton (a...@linux-foundation.org):
On Thu, 17 Feb 2011 15:03:33 +
Serge E. Hallyn se...@hallyn.com wrote:
ptrace is allowed to tasks in the same user namespace according to
the usual rules (i.e. the same rules as for two tasks in the init
user namespace). ptrace
Quoting Andrew Morton (a...@linux-foundation.org):
On Thu, 17 Feb 2011 15:03:25 +
Serge E. Hallyn se...@hallyn.com wrote:
/*
+ * called with RCU read lock from check_kill_permission()
+ */
+static inline int kill_ok_by_cred(struct task_struct *t)
+{
+ const struct cred *cred
same_or_ancestore_user_ns() was not an appropriate check to
constrain cap_issubset. Rather, cap_issubset() only is
meaningful when both capsets are in the same user_ns.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/user_namespace.h |9 -
kernel
Quoting Andrew Morton (a...@linux-foundation.org):
On Thu, 24 Feb 2011 00:49:01 +
Serge E. Hallyn se...@hallyn.com wrote:
same_or_ancestore_user_ns() was not an appropriate check to
constrain cap_issubset. Rather, cap_issubset() only is
meaningful when both capsets are in the same
Quoting Oleg Nesterov (o...@redhat.com):
On 02/21, Daniel Lezcano wrote:
On 02/21/2011 05:01 AM, Serge E. Hallyn wrote:
To do so we need to pass in the task_struct who'll get the utsname,
so we can get its user_ns.
-extern struct uts_namespace *copy_utsname(unsigned long flags
.
Acked-by: Serge Hallyn serge.hal...@canonical.com
thanks,
-serge
---
kernel/fork.c | 123
+++---
1 file changed, 25 insertions(+), 98 deletions(-)
--- 2.6.37/kernel/fork.c~unshare-killcrap 2010-11-05 18:03:28.0
+0100
To do so we need to pass in the task_struct who'll get the utsname,
so we can get its user_ns.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h | 10 ++
kernel/nsproxy.c|7 +--
kernel/utsname.c| 12 +++-
3 files
To do that, we have to pass in the task_struct of the task which
will own the ipc_ns, so we can assign its user_ns.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/ipc_namespace.h |8 +---
ipc/namespace.c | 12 +++-
kernel/nsproxy.c
Fixes a compile failure.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
drivers/pci/pci-sysfs.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
index ea25e5b..90a6b04 100644
--- a/drivers/pci/pci-sysfs.c
As pointed out by Andrew Morton (and checkpatch), init/version.c
(and ipc/msgutil.c) should not have an extern declaration for
init_user_ns. Instead, move those to ipc_namespace.h and utsname.h.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/ipc_namespace.h |3
: David Howells dhowe...@redhat.com
Cc: Pavel Emelyanov xe...@parallels.com
Cc: Alexey Dobriyan adobri...@gmail.com
Cc: Serge E. Hallyn se...@hallyn.com
Acked-by: Serge E. Hallyn se...@hallyn.com
And might I say that the label 'out_unlock' in that function is
sadly named :)
Cc: contain
to get useful for some sandboxing.
I've run the 'runltplite.sh' with and without this patchset and
found no difference. So all in all, this is the first version
of this patchset for which I feel comfortable asking: please
consider applying.
thanks,
-serge
potential uid confusion issues left.
I still need to handle getting all caps after creation but otherwise I
think I have a good starter patch that achieves all of your goals.
Changelog:
11/05/2010: [serge] add apparmor
12/14/2010: [serge] fix capabilities to created user namespaces
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
fs/inode.c | 17 +
fs/namei.c | 20 +++-
include/linux/fs.h |9 +++--
3 files changed, 39 insertions(+), 7 deletions(-)
diff --git a/fs/inode.c b/fs/inode.c
index da85e56
Changelog:
Feb 15: Don't set new ipc-user_ns if we didn't create a new
ipc_ns.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/ipc_namespace.h |3 +++
ipc/msgutil.c |3 +++
ipc/namespace.c |9
it.
Changelog:
Feb 15: don't set uts_ns-user_ns if we didn't create
a new uts_ns.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h |3 +++
init/version.c |2 ++
kernel/nsproxy.c|5 +
kernel/user.c
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 18da702..7a1bbad 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1177,7 +1177,7 @@ SYSCALL_DEFINE2(sethostname
11: Fix logic errors in uid checks pointed out by Bastian.
Feb 15: allow prlimit to current (was regression in previous version)
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c | 74 -
1 files changed, 47
need cred/tcred in check_kill_permission.
Jan 1: use const cred struct.
Jan 11: Per Bastian Blank's advice, clean up kill_ok_by_cred().
Feb 16: kill_ok_by_cred: fix bad parentheses
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/signal.c | 30
of sched_capable().
Jan 11: Use nsown_capable() as suggested by Bastian Blank.
Jan 11: Clarify (hopefully) some logic in futex and sched.c
Feb 15: use ns_capable for ipc, not nsown_capable
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
ipc/shm.c |2
feedback by Eric:
. Correct ptrace uid check
. Rename may_ptrace_ns to ptrace_capable
. Also fix the cap_ptrace checks.
Jan 1: Use const cred struct
Jan 11: use task_ns_capable() in place of ptrace_capable().
Signed-off-by: Serge E. Hallyn
Quoting Andrew Morton (a...@linux-foundation.org):
On Thu, 17 Feb 2011 15:02:24 +
Serge E. Hallyn se...@hallyn.com wrote:
Here is a repost of my previous user namespace patch, ported onto
last night's git head.
It fixes several things I was doing wrong in the last (v4)
posting
Quoting Eric W. Biederman (ebied...@xmission.com):
Serge E. Hallyn se...@hallyn.com writes:
ptrace is allowed to tasks in the same user namespace according to
the usual rules (i.e. the same rules as for two tasks in the init
user namespace). ptrace is also allowed to a user namespace
-by: Eric W. Biederman ebied...@xmission.com
Signed-off-by: Daniel Lezcano daniel.lezc...@free.fr
Acked-by: Serge E. Hallyn se...@hallyn.com
---
include/linux/pid.h | 11 +++
init/main.c |9 -
kernel/fork.c |2 +-
3 files changed, 12 insertions(+), 10
daniel.lezc...@free.fr
Acked-by: Serge E. Hallyn se...@hallyn.com
---
fs/proc/root.c | 25 +++--
kernel/fork.c |6 --
kernel/pid_namespace.c | 11 +--
3 files changed, 16 insertions(+), 26 deletions(-)
diff --git a/fs/proc/root.c b/fs/proc
Signed-off-by: Daniel Lezcano daniel.lezc...@free.fr
Acked-by: Serge E. Hallyn se...@hallyn.com
---
fs/proc/inode.c|2 --
fs/proc/internal.h |1 -
fs/proc/root.c |7 ---
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
Signed-off-by: Serge Hallyn serge.hal...@canonical.com
---
clone_x86_64.c |2 +-
include/linux/checkpoint.h |4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/clone_x86_64.c b/clone_x86_64.c
index 5a22093..6750786 100644
--- a/clone_x86_64.c
+++ b
(for ckpt-v23-rc1-pids branch)
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
arch/x86/include/asm/unistd_64.h |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/unistd_64.h b/arch/x86/include/asm/unistd_64.h
index 706d90a..f5d1b9e
diff --git a/fs/sysv/dir.c b/fs/sysv/dir.c
index 5bff486..6261993 100644
--- a/fs/sysv/dir.c
+++ b/fs/sysv/dir.c
@@ -25,7 +25,6 @@ const struct file_operations sysv_dir_operations = {
.read = generic_read_dir,
.readdir= sysv_readdir,
.fsync =
. Otherwise, I'd like
to get serious soon about expanding upon, and pushing upstream, the
patches to make CLONE_NEWUSER more useful for sandboxing.
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org
Quoting Serge E. Hallyn (se...@hallyn.com):
Quoting Serge E. Hallyn (se...@hallyn.com):
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 2745dcd
).
A link which was referenced in one of those emails:
https://lists.linux-foundation.org/pipermail/containers/2008-April/010810.html
So while I'm pretty sure I have in the past seen discussions on what
the device namespace would look like, they must have been on irc or
in person.
-serge
to another device more completely than simply
fudging the nodes under /dev.
Comments? Designs? Plans?
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
Quoting Eric W. Biederman (ebied...@xmission.com):
Serge E. Hallyn serge.hal...@canonical.com writes:
Hi,
Now that we are allowing udev to run in containers, Daniel has
noticed that updates to sysfs uevent files will trigger a flurry
of activity in all containers on the host. While
to past/current discussions are
welcome :)
I'm hoping to get my archive disk out this weekend or monday
and search for these, if noone else finds them before that.
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https
Quoting Bastian Blank (bast...@waldi.eu.org):
On Sat, Jan 15, 2011 at 12:31:14AM +, Serge E. Hallyn wrote:
Quoting Bastian Blank (bast...@waldi.eu.org):
On Tue, Jan 11, 2011 at 01:31:52AM +, Serge E. Hallyn wrote:
Quoting Bastian Blank (bast...@waldi.eu.org):
What
Quoting Bastian Blank (bast...@waldi.eu.org):
On Tue, Jan 11, 2011 at 01:31:52AM +, Serge E. Hallyn wrote:
Quoting Bastian Blank (bast...@waldi.eu.org):
What is this flag used for anyway? I only see it used in the accounting
stuff, and if every user can get it, it is not longer useful
Quoting Serge E. Hallyn (se...@hallyn.com):
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 2745dcd..9b9b03b 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
Quoting Rob Landley (rland...@parallels.com):
On 01/07/2011 09:12 AM, Serge Hallyn wrote:
Changing ownership so a script can't open a file that it otherwise
could may cause scripts to fail when run in a container. Makes
the containers less transparent.
While my goal next week
be to re-introduce a part of a several year
old patchset which assigns a userns to a superblock (and hence
to inodes), and grants 'user other' permissions to any task
whose uid does not map to the target userns. (By default, this
will be all but the initial userns)
thanks,
-serge
it.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h |3 +++
init/version.c |2 ++
kernel/nsproxy.c|3 +++
kernel/user.c |8 ++--
kernel/utsname.c|4
5 files changed, 18 insertions(+), 2 deletions(-)
diff
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 2745dcd..9b9b03b 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1171,7 +1171,7 @@ SYSCALL_DEFINE2(sethostname
need cred/tcred in check_kill_permission.
Jan 1: use const cred struct.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
Reviewed-by: Eric W. Biederman ebied...@xmission.com
---
kernel/signal.c | 36
1 files changed, 28 insertions(+), 8
potential uid confusion issues left.
I still need to handle getting all caps after creation but otherwise I
think I have a good starter patch that achieves all of your goals.
Changelog:
11/05/2010: [serge] add apparmor
12/14/2010: [serge] fix capabilities to created user namespaces
feedback by Eric:
. Correct ptrace uid check
. Rename may_ptrace_ns to ptrace_capable
. Also fix the cap_ptrace checks.
Jan 1: Use const cred struct
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/capability.h |2
This allows setuid/setgid in containers. It also fixes some
corner cases where kernel logic foregoes capability checks when
uids are equivalent. The latter will need to be done throughout
the whole kernel.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c | 35
CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
because the resource comes from current's own ipc namespace.
setuid/setgid are to uids in own namespace, so again checks can be
against current_user_ns().
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
ipc
Quoting Bastian Blank (bast...@waldi.eu.org):
On Mon, Jan 10, 2011 at 09:13:34PM +, Serge E. Hallyn wrote:
+ const struct cred *cred = current_cred();
+ const struct cred *tcred = __task_cred(t);
+
+ if (cred-user-user_ns != tcred-user-user_ns) {
+ /* userids
Quoting Bastian Blank (bast...@waldi.eu.org):
On Mon, Jan 10, 2011 at 09:14:07PM +, Serge E. Hallyn wrote:
- if (pcred-uid != cred-euid
- pcred-euid != cred-euid !capable(CAP_SYS_NICE)) {
+ if (pcred-user-user_ns != cred-user-user_ns
+ pcred-uid != cred-euid
Quoting Bastian Blank (bast...@waldi.eu.org):
On Mon, Jan 10, 2011 at 04:51:51PM -0600, Serge Hallyn wrote:
Quoting Bastian Blank (bast...@waldi.eu.org):
Isn't that equal to this?
if (ns_capable(tcred-user-user_ns, CAP_KILL))
return 1;
if (cred-user-user_ns
we decide to nuke the flag)
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
___
Devel mailing list
Devel
Quoting Bastian Blank (bast...@waldi.eu.org):
On Mon, Jan 10, 2011 at 09:14:07PM +, Serge E. Hallyn wrote:
- if (pcred-uid != cred-euid
- pcred-euid != cred-euid !capable(CAP_SYS_NICE)) {
+ if (pcred-user-user_ns != cred-user-user_ns
+ pcred-uid != cred-euid
assigns a userns to a superblock (and hence
to inodes), and grants 'user other' permissions to any task
whose uid does not map to the target userns. (By default, this
will be all but the initial userns)
thanks,
-serge
___
Containers mailing list
contain
it.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h |3 +++
init/version.c |2 ++
kernel/nsproxy.c|3 +++
kernel/user.c |8 ++--
kernel/utsname.c|4
5 files changed, 18 insertions(+), 2 deletions(-)
diff
of sched_capable().
Jan 11: Use nsown_capable() as suggested by Bastian Blank.
Jan 11: Clarify (hopefully) some logic in futex and sched.c
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
ipc/shm.c |2 +-
ipc/util.c|5 +++--
kernel/futex.c
potential uid confusion issues left.
I still need to handle getting all caps after creation but otherwise I
think I have a good starter patch that achieves all of your goals.
Changelog:
11/05/2010: [serge] add apparmor
12/14/2010: [serge] fix capabilities to created user namespaces
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 2745dcd..9b9b03b 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1171,7 +1171,7 @@ SYSCALL_DEFINE2(sethostname
need cred/tcred in check_kill_permission.
Jan 1: use const cred struct.
Jan 11: Per Bastian Blank's advice, clean up kill_ok_by_cred().
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
Reviewed-by: Eric W. Biederman ebied...@xmission.com
---
kernel/signal.c | 30
feedback by Eric:
. Correct ptrace uid check
. Rename may_ptrace_ns to ptrace_capable
. Also fix the cap_ptrace checks.
Jan 1: Use const cred struct
Jan 11: use task_ns_capable() in place of ptrace_capable().
Signed-off-by: Serge E. Hallyn
11: Fix logic errors in uid checks pointed out by Bastian.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c | 67 +++--
1 files changed, 41 insertions(+), 26 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
Cheat for now and say all files belong to init_user_ns. Next
step will be to let superblocks belong to a user_ns, and derive
inode_userns(inode) from inode-i_sb-s_user_ns. Finally we'll
introduce more flexible arrangements.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
fs
Quoting Rob Landley (rland...@parallels.com):
On 01/06/2011 03:43 PM, Matt Helsley wrote:
On Wed, Jan 05, 2011 at 07:46:17PM +0530, Balbir Singh wrote:
On Wed, Jan 5, 2011 at 7:31 PM, Serge Hallyn serge.hal...@canonical.com
wrote:
Quoting Daniel Lezcano (daniel.lezc...@free.fr):
On 01
Debian Squeeze kernel, which is based on
2.6.32.27.
There is definitively a big work to do with /proc.
Some files should be not accessible (/proc/sys/vm/drop_caches,
/proc/sys/kernel/sysrq, ...) and some other should be virtualized
(/proc/meminfo, /proc/cpuinfo, ...).
Serge suggested
Quoting Mike Heffner (mi...@fesnel.com):
On 01/04/2011 11:44 AM, Cedric Le Goater wrote:
we use the following patch to get the pid of a task as seen from its
pid namespace. It can be useful to identify tasks writing pids in files.
Great, I'll try it out. Has there been any interest in
, will have that fix)
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
___
Devel mailing list
Devel@openvz.org
https
Quoting Eric W. Biederman (ebied...@xmission.com):
Serge E. Hallyn se...@hallyn.com writes:
Quoting Eric W. Biederman (ebied...@xmission.com):
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -659,11 +686,7 @@ static int check_kill_permission(int sig, struct
siginfo *info
Quoting Eric W. Biederman (ebied...@xmission.com):
Serge E. Hallyn se...@hallyn.com writes:
ptrace is allowed to tasks in the same user namespace according to
the usual rules (i.e. the same rules as for two tasks in the init
user namespace). ptrace is also allowed to a user namespace
hostnames, kill tasks, and do ptrace.
My near-term next goals will be to enable setuid and setgid,
and to provide a way for the filesystem to be usable in child
user namespaces. At the very least I'd like a fresh loopback
or LVM mount and proc mounts to be supported.
thanks,
-serge
it.
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
include/linux/utsname.h |3 +++
init/version.c |2 ++
kernel/nsproxy.c|3 +++
kernel/user.c |8 ++--
kernel/utsname.c|4
5 files changed, 18 insertions(+), 2 deletions(-)
diff
potential uid confusion issues left.
I still need to handle getting all caps after creation but otherwise I
think I have a good starter patch that achieves all of your goals.
Changelog:
11/05/2010: [serge] add apparmor
12/14/2010: [serge] fix capabilities to created user namespaces
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel/sys.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 2745dcd..9b9b03b 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1171,7 +1171,7 @@ SYSCALL_DEFINE2(sethostname
Changelog:
Dec 8: Fixed bug in my check_kill_permission pointed out by
Eric Biederman.
Dec 13: Apply Eric's suggestion to pass target task into
kill_ok_by_cred()
for clarity
Signed-off-by: Serge E. Hallyn serge.hal...@canonical.com
---
kernel
ptrace is allowed to tasks in the same user namespace according to
the usual rules (i.e. the same rules as for two tasks in the init
user namespace). ptrace is also allowed to a user namespace to
which the current task the has CAP_SYS_PTRACE capability.
Signed-off-by: Serge E. Hallyn serge.hal
Quoting Alexey Dobriyan (adobri...@gmail.com):
On Fri, Dec 17, 2010 at 5:24 PM, Serge E. Hallyn se...@hallyn.com wrote:
+/*
+ * userns count is 1 for root user, 1 for init_uts_ns,
+ * and 1 for... ?
+ */
struct user_namespace init_user_ns = {
.kref
Quoting Alexey Dobriyan (adobri...@gmail.com):
On Fri, Dec 17, 2010 at 5:56 PM, Alexey Dobriyan adobri...@gmail.com wrote:
On Fri, Dec 17, 2010 at 5:24 PM, Serge E. Hallyn se...@hallyn.com wrote:
+/*
+ * userns count is 1 for root user, 1 for init_uts_ns,
+ * and 1
.
thanks,
-serge
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman
Quoting Eric W. Biederman (ebied...@xmission.com):
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -659,11 +686,7 @@ static int check_kill_permission(int sig, struct
siginfo *info,
cred = current_cred();
tcred = __task_cred(t);
Nit pick you don't need to compute cred and
Thanks for reviewing, Eric.
Quoting Eric W. Biederman (ebied...@xmission.com):
+static inline int may_ptrace_ns(struct task_struct *t)
Can we name this ptrace_capable? Since you are only
wrapping the capability check? With a name like may_ptrace_ns
I imagine very different semantics.
calculation in that case, right?
I mean cred and tcred are only use in kill_ok_by_cred.
So we can eliminate those two variables from check_kill_permission.
D'oh. Should've looked at the original tree, not the context. Got it,
thanks.
-serge
1 - 100 of 2024 matches
Mail list logo