ebied...@xmission.com (Eric W. Biederman) writes: > Olaf Dietsche <olaf--list.linux-ker...@olafdietsche.de> writes: > >> I am in the process of catching up with the last two years or so. >> Right now, I am at the changes involving user namespaces. >> >> I have two possible implementations, both working equally well in a >> shared environment. Since I am not familiar with namespaces in general >> and user namespaces in particular, I would like you to look over the >> patches and tell me, what you think. >> >> Are the patches good so far? Are there are any things I missed and must >> consider? Maybe, I am completely off track? Anything else? >> >> I included both patches inline below. The patches are also available as >> separate branches at github >> >> https://github.com/olafdietsche/linux-accessfs/tree/tmp-user-ns-1 >> https://github.com/olafdietsche/linux-accessfs/tree/tmp-user-ns-2 >> >> I am leaning toward the second patch. Although it is a little bit longer >> than the first one, it involves no user id conversions. > > Using kuid's and kgid's throughout as your second patch does is best. > Conversion is only needed on normal filesystems because they have a > backing store and reside on disk. As accessfs appears not to have > backing store, storing things with kuid's and kgid's is the preferred > method. > > Your first patch is buggy as it uses current_user_ns(). Something a > filesystem in general should not care about.
I have seen similar uses in other filesystems like ext3, jfs or debugfs. What would be the correct way to use make_kuid() or make_gid()? > I don't see anything wrong with your second patch. Thanks a lot for this fast response and your guidance. So, I will dump the first and continue with the second patch. > From what little I understand of accessfs, I expect you will want to > play with and come up to speed on namespaces, as namespaces change > the universe of objects you will be dealing with, in some subtle > but interesting ways. At least assuming anyone in who uses accessfs > is going to be using more than a single container. > > Eric Regards, Olaf -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
