Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 8, 2016 at 1:16 AM, Alexander Larsson wrote: > On mån, 2016-03-07 at 20:59 -0800, Andy Lutomirski wrote: >> On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman >> wrote: >> > Andy Lutomirski writes: >> > >> Apparently

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 8, 2016 at 1:16 AM, Alexander Larsson wrote: > On mån, 2016-03-07 at 20:59 -0800, Andy Lutomirski wrote: >> On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman >> wrote: >> > Andy Lutomirski writes: >> > >> Apparently alexl is encountering some annoyances related to the >> current

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On mån, 2016-03-07 at 20:59 -0800, Andy Lutomirski wrote: > On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman > wrote: > > Andy Lutomirski writes: > >  > Apparently alexl is encountering some annoyances related to the > current workaround, and the

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On mån, 2016-03-07 at 20:59 -0800, Andy Lutomirski wrote: > On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman > wrote: > > Andy Lutomirski writes: > >  > Apparently alexl is encountering some annoyances related to the > current workaround, and the workaround is certainly ugly. It works, but

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman wrote: > Andy Lutomirski writes: > >> On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson wrote: >>> On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 12:42 PM, Eric W. Biederman wrote: > Andy Lutomirski writes: > >> On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson wrote: >>> On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski writes: > On Thu, Apr 2, 2015 at 11:27 AM, Eric W.

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Kenton Varda writes: > On Thu, May 28, 2015 at 1:06 PM, Alexander Larsson wrote: >> On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: >>> >>> > Where does the second namespace enter into this? >>> >>> Step a. Create create a user namespace where uid 0 is mapped to your >>> real uid,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 1:06 PM, Alexander Larsson wrote: > On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: >> >> > Where does the second namespace enter into this? >> >> Step a. Create create a user namespace where uid 0 is mapped to your >> real uid, and set up your sandbox (aka

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: > > > Where does the second namespace enter into this? > > Step a. Create create a user namespace where uid 0 is mapped to your > real uid, and set up your sandbox (aka mount /dev/pts and everything > else). > > Step b. Create a

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski writes: > On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson wrote: >> On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: >>> Andy Lutomirski writes: >>> >>> > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman >>> > wrote: >>> > > Andy Lutomirski writes: >>> > >

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: > Alexander Larsson writes: > > > On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: > > > Andy Lutomirski writes: > > > > > > > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman > > > > wrote: > > > > > Andy Lutomirski

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson wrote: > On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: >> Andy Lutomirski writes: >> >> > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman >> > wrote: >> > > Andy Lutomirski writes: >> > > >> > > > On Thu, Apr 2, 2015 at 7:29

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Alexander Larsson writes: > On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: >> Andy Lutomirski writes: >> >> > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman >> > wrote: >> > > Andy Lutomirski writes: >> > > >> > > > On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson < >> > >

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: > Andy Lutomirski writes: > > > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman > > wrote: > > > Andy Lutomirski writes: > > > > > > > On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson < > > > > al...@redhat.com> wrote: > > > > >

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski writes: > On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman > wrote: >> Andy Lutomirski writes: >> >>> On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: > On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 1:06 PM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: Where does the second namespace enter into this? Step a. Create create a user namespace where uid 0 is mapped to your real uid, and set up your sandbox

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: Where does the second namespace enter into this? Step a. Create create a user namespace where uid 0 is mapped to your real uid, and set up your sandbox (aka mount /dev/pts and everything else). Step b. Create a nested user

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Kenton Varda ken...@sandstorm.io writes: On Thu, May 28, 2015 at 1:06 PM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: Where does the second namespace enter into this? Step a. Create create a user namespace where uid 0 is mapped to

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote: Alexander Larsson al...@redhat.com writes: On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski l...@amacapital.net writes: On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Alexander Larsson al...@redhat.com writes: On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman ebied...@xmission.com wrote: Andy Lutomirski l...@amacapital.net writes: On Thu,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, May 28, 2015 at 10:01 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman ebied...@xmission.com wrote: Andy Lutomirski

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman ebied...@xmission.com wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-05-28 at 11:44 -0500, Eric W. Biederman wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman ebied...@xmission.com wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman wrote: > Andy Lutomirski writes: > >> On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson wrote: >>> On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley wrote: > On Tue,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 11:27 AM, Eric W. Biederman ebied...@xmission.com wrote: Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tor, 2015-03-26 at 12:29 -0700, Andy Lutomirski wrote: > Ping? It's been over a month. Ping again. I've tested this with https://github.com/alexlarsson/xdg-app/tree/wip/userns and this is the final kernel change needed to allow desktop sandboxing without any raised priviledges (setuid etc).

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tor, 2015-03-26 at 12:29 -0700, Andy Lutomirski wrote: Ping? It's been over a month. Ping again. I've tested this with https://github.com/alexlarsson/xdg-app/tree/wip/userns and this is the final kernel change needed to allow desktop sandboxing without any raised priviledges (setuid etc).

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski writes: > On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson wrote: >> On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: >>> On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley >>> wrote: >>> > On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: >>> >> On tis,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Quoting Andy Lutomirski (l...@amacapital.net): > On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson wrote: > > On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: > >> On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley > >> wrote: > >> > On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson wrote: > On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: >> On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley >> wrote: >> > On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: >> >> On tis, 2015-03-31 at 17:08 +0300, James

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: > On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley > wrote: > > On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: > >> On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: > >> > On Tue, 2015-03-31 at 06:59 -0700, Andy

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley wrote: > On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: >> On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: >> > On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: >> > > >> > > I don't think that this is correct. That

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: > On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: > > On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: > > > > > > I don't think that this is correct. That user can already create a > > > nested userns and map

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: I don't think that this is correct. That user can already create a nested userns and map themselves as 0

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: On Tue, 2015-03-31

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Quoting Andy Lutomirski (l...@amacapital.net): On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: I don't think that

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 16:17 +0200, Alexander Larsson wrote: On

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Andy Lutomirski l...@amacapital.net writes: On Thu, Apr 2, 2015 at 7:29 AM, Alexander Larsson al...@redhat.com wrote: On Thu, 2015-04-02 at 07:06 -0700, Andy Lutomirski wrote: On Thu, Apr 2, 2015 at 3:12 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: > On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: > > > > I don't think that this is correct. That user can already create a > > nested userns and map themselves as 0 inside it. Then they can mount > > devpts. > > I don't mind

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: > On Tue, Mar 31, 2015 at 6:55 AM, James Bottomley > wrote: > > On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: > >> On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley > >> wrote: > >> > On Tue, 2015-03-31 at 06:12 -0700, Andy

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:55 AM, James Bottomley wrote: > On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: >> On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley >> wrote: >> > On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: >> >> On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: > On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley > wrote: > > On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: > >> On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley > >> wrote: > >> > On Tue, 2015-03-31 at 09:57 +0200,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley wrote: > On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: >> On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley >> wrote: >> > On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: >> >> On fre, 2015-03-27 at 10:03 +0100, James

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: > On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley > wrote: > > On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: > >> On fre, 2015-03-27 at 10:03 +0100, James Bottomley > >> > > >> > > On Fri, Feb 20, 2015 at 5:04 PM, Andy

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley wrote: > On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: >> On fre, 2015-03-27 at 10:03 +0100, James Bottomley >> > >> > > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski >> > > wrote: >> > > > It's currently impossible to mount

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tis, 2015-03-31 at 16:07 +0300, James Bottomley wrote: > On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: > > On fre, 2015-03-27 at 10:03 +0100, James Bottomley > > > > > > > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski > > > > wrote: > > > > > It's currently impossible to

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 12:57 AM, Alexander Larsson wrote: > On fre, 2015-03-27 at 10:03 +0100, James Bottomley >> >> > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski >> > wrote: >> > > It's currently impossible to mount devpts in a user namespace that >> > > has no root user, since ptmx

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: > On fre, 2015-03-27 at 10:03 +0100, James Bottomley > > > > > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski > > > wrote: > > > > It's currently impossible to mount devpts in a user namespace that > > > > has no root user, since

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On fre, 2015-03-27 at 10:03 +0100, James Bottomley > > > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski > > wrote: > > > It's currently impossible to mount devpts in a user namespace that > > > has no root user, since ptmx can't be created. > > This is where I stopped reading because it's

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote: It's currently impossible to mount devpts in a user namespace that has no root user, since ptmx can't be created. This is where I stopped reading because

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 12:57 AM, Alexander Larsson al...@redhat.com wrote: On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote: It's currently impossible to mount devpts in a user namespace that has no root

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote: It's currently impossible to mount devpts in a user namespace that has no root user, since

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tis, 2015-03-31 at 16:07 +0300, James Bottomley wrote: On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote: It's currently impossible to

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote:

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 09:57 +0200, Alexander

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, Mar 31, 2015 at 6:55 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 06:12 -0700, Andy

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On tis, 2015-03-31 at 17:08 +0300, James Bottomley wrote: On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: I don't think that this is correct. That user can already create a nested userns and map themselves as 0 inside it. Then they can mount devpts. I don't mind if they

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:59 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:55 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 06:44 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:23 AM, James Bottomley

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Tue, 2015-03-31 at 06:12 -0700, Andy Lutomirski wrote: On Tue, Mar 31, 2015 at 6:07 AM, James Bottomley james.bottom...@hansenpartnership.com wrote: On Tue, 2015-03-31 at 09:57 +0200, Alexander Larsson wrote: On fre, 2015-03-27 at 10:03 +0100, James Bottomley On Fri, Feb 20, 2015

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-03-26 at 12:29 -0700, Andy Lutomirski wrote: > Ping? It's been over a month. I think we all looked at this and thought "that's not a problem". The reason is that we all bring up full OS containers with devpts already mounted by the host. Even when you run from init in the

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

On Thu, 2015-03-26 at 12:29 -0700, Andy Lutomirski wrote: Ping? It's been over a month. I think we all looked at this and thought that's not a problem. The reason is that we all bring up full OS containers with devpts already mounted by the host. Even when you run from init in the Container,

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Ping? It's been over a month. On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski wrote: > It's currently impossible to mount devpts in a user namespace that > has no root user, since ptmx can't be created. This adds options > ptmx_uid and ptmx_gid that override the default uid and gid of 0. > >

Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

Ping? It's been over a month. On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski l...@amacapital.net wrote: It's currently impossible to mount devpts in a user namespace that has no root user, since ptmx can't be created. This adds options ptmx_uid and ptmx_gid that override the default uid

[PATCH] devpts: Add ptmx_uid and ptmx_gid options

It's currently impossible to mount devpts in a user namespace that has no root user, since ptmx can't be created. This adds options ptmx_uid and ptmx_gid that override the default uid and gid of 0. These options are not shown in mountinfo because they have no effect other than changing the

[PATCH] devpts: Add ptmx_uid and ptmx_gid options

It's currently impossible to mount devpts in a user namespace that has no root user, since ptmx can't be created. This adds options ptmx_uid and ptmx_gid that override the default uid and gid of 0. These options are not shown in mountinfo because they have no effect other than changing the