Tycho Andersen <tycho@tycho.pizza> writes: > Hi Eric, > > On Thu, Oct 29, 2020 at 10:47:49AM -0500, Eric W. Biederman wrote: >> Christian Brauner <christian.brau...@ubuntu.com> writes: >> >> > Hey everyone, >> > >> > I vanished for a little while to focus on this work here so sorry for >> > not being available by mail for a while. >> > >> > Since quite a long time we have issues with sharing mounts between >> > multiple unprivileged containers with different id mappings, sharing a >> > rootfs between multiple containers with different id mappings, and also >> > sharing regular directories and filesystems between users with different >> > uids and gids. The latter use-cases have become even more important with >> > the availability and adoption of systemd-homed (cf. [1]) to implement >> > portable home directories. >> >> Can you walk us through the motivating use case? >> >> As of this year's LPC I had the distinct impression that the primary use >> case for such a feature was due to the RLIMIT_NPROC problem where two >> containers with the same users still wanted different uid mappings to >> the disk because the users were conflicting with each other because of >> the per user rlimits. >> >> Fixing rlimits is straight forward to implement, and easier to manage >> for implementations and administrators. > > Our use case is to have the same directory exposed to several > different containers which each have disjoint ID mappings.
Why do the you have disjoint ID mappings for the users that are writing to disk with the same ID? >> Reading up on systemd-homed it appears to be a way to have encrypted >> home directories. Those home directories can either be encrypted at the >> fs or at the block level. Those home directories appear to have the >> goal of being luggable between systems. If the systems in question >> don't have common administration of uids and gids after lugging your >> encrypted home directory to another system chowning the files is >> required. >> >> Is that the use case you are looking at removing the need for >> systemd-homed to avoid chowning after lugging encrypted home directories >> from one system to another? Why would it be desirable to avoid the >> chown? > > Not just systemd-homed, but LXD has to do this, I asked why the same disk users are assigned different kuids and the only reason I have heard that LXD does this is the RLIMIT_NPROC problem. Perhaps there is another reason. In part this is why I am eager to hear peoples use case, and why I was trying very hard to make certain we get the requirements. I want the real requirements though and some thought, not just we did this and it hurts. Changning the uids on write is a very hard problem, and not just in implementating it but also in maintaining and understanding what is going on. Eric -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
