user namespace delta over 3.7
Serge Hallyn
serge.hallyn at canonical.com
Tue Nov 6 16:36:38 UTC 2012
Hi,
the core of user namespace code has landed upstream, however some more
is needed to run full ubuntu containers in a user namespace. Some of
this will land in 3.8, but probably not all. Eric's development tree
is at http://git.kernel.org/?p=linux/kernel/git/ebiederm/user-namespace.git;a=summary
I have pushed that tree on top of a recent raring tree at
git://kernel.ubuntu.com/serge/quantal-userns.git in branch
master.oct25.userns-v70. It consists of 84 patches (including 5 just
updating under debian/, one by me fix to account for ubuntu delta, and
one not (yet) in Eric's tree to allow tmpfs mounts in a container),
which I can git-email if desired. The built kernel is in
ppa:serge-hallyn/userns-natty and does allow me to boot a full ubuntu
container in a user namespace - meaning every root owned process and
file is actually owned by userid 100000 on the host and contained.
I'm sending this now in the hopes that whatever bits don't land in
3.8 can be pushed onto the raring kernel. Our goal this cycle is to
support user namespaces, and next cycle to support completely
unprivileged creation and starting of containers.
-serge
More information about the kernel-team
mailing list