This patch enables a non-root user to map a set of UID/GID mappings from a namespace to another set outside the namespace. Since unshare is used on the main thread of the virtiofsd, once the thread goes inside a namespace it is not able to map a range of UID/GID other than the current user/group that is running the virtiofsd. This patch enables a non-root user with CAP_SETUID, CAP_SETGID capabilities to set multiple mappings and then drop those capabilities. The UID/GID ranges can be specified using virtiofsd command line parameters. --- https://gitlab.com/virtio-fs/virtiofsd/-/merge_requests/137
_______________________________________________ Virtio-fs mailing list Virtio-fs@redhat.com https://listman.redhat.com/mailman/listinfo/virtio-fs
