On Thu, 23 May 2013 14:32:51 -0700
ebied...@xmission.com (Eric W. Biederman) wrote:
> "J. Bruce Fields" writes:
>
> > On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
> >> On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
> >> > What might help most here is to lay out
On Thu, 23 May 2013 14:32:51 -0700
ebied...@xmission.com (Eric W. Biederman) wrote:
J. Bruce Fields bfie...@fieldses.org writes:
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
What might help most here is to
24.05.2013 01:32, Eric W. Biederman пишет:
"J. Bruce Fields" writes:
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
What might help most here is to lay out a particular scenario for how
you envision setting up
24.05.2013 01:32, Eric W. Biederman пишет:
J. Bruce Fields bfie...@fieldses.org writes:
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
What might help most here is to lay out a particular scenario for how
you
23.05.2013 23:55, J. Bruce Fields пишет:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
On Thu, 23 May 2013 15:25:20 +0300
I'm not familiar with nfsdcltrack but I would imagine it receives it's
information from
Kernel as a command line parameters.
Would it not be the simplest
"J. Bruce Fields" writes:
> On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
>> On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
>> > What might help most here is to lay out a particular scenario for how
>> > you envision setting up knfsd in a container so we can
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
> On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
> > What might help most here is to lay out a particular scenario for how
> > you envision setting up knfsd in a container so we can ensure that it's
> > addressed
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
> On Thu, 23 May 2013 15:25:20 +0300
> > I'm not familiar with nfsdcltrack but I would imagine it receives it's
> > information from
> > Kernel as a command line parameters.
> >
> > Would it not be the simplest approach to add a
On Wed, May 22, 2013 at 08:37:23PM -0700, Eric W. Biederman wrote:
> "J. Bruce Fields" writes:
>
> > On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
> >> ebied...@xmission.com (Eric W. Biederman) writes:
> >>
> >> > I am missing a lot of context here and capturing the context
On Thu, 23 May 2013 15:25:20 +0300
Boaz Harrosh wrote:
> On 23/05/13 14:58, Stanislav Kinsbursky wrote:
> > 23.05.2013 15:56, Jeff Layton пишет:
> >> On Thu, 23 May 2013 15:38:17 +0400
> >> Stanislav Kinsbursky wrote:
> >>
> >>> 23.05.2013 15:31, Jeff Layton пишет:
> On Thu, 23 May 2013
On 23/05/13 14:58, Stanislav Kinsbursky wrote:
> 23.05.2013 15:56, Jeff Layton пишет:
>> On Thu, 23 May 2013 15:38:17 +0400
>> Stanislav Kinsbursky wrote:
>>
>>> 23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky wrote:
> 23.05.2013
23.05.2013 15:56, Jeff Layton пишет:
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky wrote:
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky wrote:
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
22.05.2013
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky wrote:
> 23.05.2013 15:31, Jeff Layton пишет:
> > On Thu, 23 May 2013 14:35:53 +0400
> > Stanislav Kinsbursky wrote:
> >
> >> 23.05.2013 14:00, Eric W. Biederman пишет:
> >>> Stanislav Kinsbursky writes:
> >>>
> 22.05.2013 21:33,
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky wrote:
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
Usermode helper executes all binaries in
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky wrote:
> 23.05.2013 14:00, Eric W. Biederman пишет:
> > Stanislav Kinsbursky writes:
> >
> >> 22.05.2013 21:33, Eric W. Biederman пишет:
> >>> Stanislav Kinsbursky writes:
> >>>
> Usermode helper executes all binaries in global
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
Usermode helper executes all binaries in global "init" root context. This
doesn't allow to call a binary from other root context (for example in
Stanislav Kinsbursky writes:
> 22.05.2013 21:33, Eric W. Biederman пишет:
>> Stanislav Kinsbursky writes:
>>
>>> Usermode helper executes all binaries in global "init" root context. This
>>> doesn't allow to call a binary from other root context (for example in a
>>> container).
>>> Currently,
22.05.2013 22:35, Eric W. Biederman пишет:
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the context of a
process at time time we mount the filesystem and reconstituing it in
call user mode helper seems like something we could do.
If we
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky writes:
Usermode helper executes all binaries in global "init" root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
Usermode helper executes all binaries in global init root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS
22.05.2013 22:35, Eric W. Biederman пишет:
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the context of a
process at time time we mount the filesystem and reconstituing it in
call user mode helper seems like something we could do.
If we
Stanislav Kinsbursky skinsbur...@parallels.com writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
Usermode helper executes all binaries in global init root context. This
doesn't allow to call a binary from other root context (for example
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
Usermode helper executes all binaries in global init root context. This
doesn't allow to call a
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky skinsbur...@parallels.com writes:
22.05.2013 21:33, Eric W. Biederman пишет:
Stanislav Kinsbursky
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 14:00, Eric W. Biederman пишет:
Stanislav Kinsbursky
23.05.2013 15:56, Jeff Layton пишет:
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 14:00, Eric W. Biederman
On 23/05/13 14:58, Stanislav Kinsbursky wrote:
23.05.2013 15:56, Jeff Layton пишет:
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 15:31, Jeff Layton пишет:
On Thu, 23 May 2013 14:35:53 +0400
Stanislav Kinsbursky skinsbur...@parallels.com
On Thu, 23 May 2013 15:25:20 +0300
Boaz Harrosh bharr...@panasas.com wrote:
On 23/05/13 14:58, Stanislav Kinsbursky wrote:
23.05.2013 15:56, Jeff Layton пишет:
On Thu, 23 May 2013 15:38:17 +0400
Stanislav Kinsbursky skinsbur...@parallels.com wrote:
23.05.2013 15:31, Jeff Layton пишет:
On Wed, May 22, 2013 at 08:37:23PM -0700, Eric W. Biederman wrote:
J. Bruce Fields bfie...@fieldses.org writes:
On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
On Thu, 23 May 2013 15:25:20 +0300
I'm not familiar with nfsdcltrack but I would imagine it receives it's
information from
Kernel as a command line parameters.
Would it not be the simplest approach to add a
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
What might help most here is to lay out a particular scenario for how
you envision setting up knfsd in a container so we can ensure that it's
addressed properly by
J. Bruce Fields bfie...@fieldses.org writes:
On Thu, May 23, 2013 at 03:55:47PM -0400, J. Bruce Fields wrote:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
What might help most here is to lay out a particular scenario for how
you envision setting up knfsd in a container so we
23.05.2013 23:55, J. Bruce Fields пишет:
On Thu, May 23, 2013 at 09:05:26AM -0400, Jeff Layton wrote:
On Thu, 23 May 2013 15:25:20 +0300
I'm not familiar with nfsdcltrack but I would imagine it receives it's
information from
Kernel as a command line parameters.
Would it not be the simplest
"J. Bruce Fields" writes:
> On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
>> ebied...@xmission.com (Eric W. Biederman) writes:
>>
>> > I am missing a lot of context here and capturing the context of a
>> > process at time time we mount the filesystem and reconstituing it in
On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
> ebied...@xmission.com (Eric W. Biederman) writes:
>
> > I am missing a lot of context here and capturing the context of a
> > process at time time we mount the filesystem and reconstituing it in
> > call user mode helper seems
ebied...@xmission.com (Eric W. Biederman) writes:
> I am missing a lot of context here and capturing the context of a
> process at time time we mount the filesystem and reconstituing it in
> call user mode helper seems like something we could do.
If we want to do something like this the only
Stanislav Kinsbursky writes:
> Usermode helper executes all binaries in global "init" root context. This
> doesn't allow to call a binary from other root context (for example in a
> container).
> Currently, both containerized NFS client and NFS server requires an ability to
> execute a binary in
On 05/22, Stanislav Kinsbursky wrote:
>
> +static int umh_set_fs_root(struct subprocess_info *info, struct cred *new)
> +{
> + set_fs_root(current->fs, info->data);
> + return 0;
> +}
> +
> +/*
> + * Call a usermode helper with a specific fs root.
> + *
> + * The caller must hold extra
Usermode helper executes all binaries in global "init" root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server requires an ability to
execute a binary in a container's root context. Root swap
Usermode helper executes all binaries in global init root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server requires an ability to
execute a binary in a container's root context. Root swap can
On 05/22, Stanislav Kinsbursky wrote:
+static int umh_set_fs_root(struct subprocess_info *info, struct cred *new)
+{
+ set_fs_root(current-fs, info-data);
+ return 0;
+}
+
+/*
+ * Call a usermode helper with a specific fs root.
+ *
+ * The caller must hold extra reference to it
Stanislav Kinsbursky skinsbur...@parallels.com writes:
Usermode helper executes all binaries in global init root context. This
doesn't allow to call a binary from other root context (for example in a
container).
Currently, both containerized NFS client and NFS server requires an ability to
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the context of a
process at time time we mount the filesystem and reconstituing it in
call user mode helper seems like something we could do.
If we want to do something like this the only sane
On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the context of a
process at time time we mount the filesystem and reconstituing it in
call user mode helper seems like
J. Bruce Fields bfie...@fieldses.org writes:
On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
ebied...@xmission.com (Eric W. Biederman) writes:
I am missing a lot of context here and capturing the context of a
process at time time we mount the filesystem and
46 matches
Mail list logo
