I've been in communication with the upstream namespace maintainer, and the intention was certainly that what you're doing should fail. However there was an oversight that missed the O_CREAT case. Due to some differences in 4.4 the backport did cover that case.
As I mentioned above, you can still do what your trying to do, you just need to make sure your process's fsuid/fsgid are mapped into the containers user namespace before creating the file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1659087 Title: open(2) returns EOVERFLOW within tmpfs+userns To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1659087/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
