user namespace delta over 3.7
serge.hallyn at canonical.com
Thu Nov 15 20:37:22 UTC 2012
Quoting Tim Gardner (tim.gardner at canonical.com):
> On 11/14/2012 01:55 PM, Serge Hallyn wrote:
> > Quoting Tim Gardner (tim.gardner at canonical.com):
> >> On 11/06/2012 09:36 AM, Serge Hallyn wrote:
> >>> Hi,
> >>> the core of user namespace code has landed upstream, however some more
> >>> is needed to run full ubuntu containers in a user namespace. Some of
> >>> this will land in 3.8, but probably not all. Eric's development tree
> >>> is at http://git.kernel.org/?p=linux/kernel/git/ebiederm/user-namespace.git;a=summary
> >>> I have pushed that tree on top of a recent raring tree at
> >>> git://kernel.ubuntu.com/serge/quantal-userns.git in branch
> >>> master.oct25.userns-v70. It consists of 84 patches (including 5 just
> >>> updating under debian/, one by me fix to account for ubuntu delta, and
> >>> one not (yet) in Eric's tree to allow tmpfs mounts in a container),
> >>> which I can git-email if desired. The built kernel is in
> >>> ppa:serge-hallyn/userns-natty and does allow me to boot a full ubuntu
> >>> container in a user namespace - meaning every root owned process and
> >>> file is actually owned by userid 100000 on the host and contained.
> >>> I'm sending this now in the hopes that whatever bits don't land in
> >>> 3.8 can be pushed onto the raring kernel. Our goal this cycle is to
> >>> support user namespaces, and next cycle to support completely
> >>> unprivileged creation and starting of containers.
> >>> -serge
> >> Serge - how about a pull request for a branch that has been rebased
> >> on Raring master-next ? I took a quick stab at it and quickly ran
> >> into uapi transition conflicts (I think).
> > A successfully built kernel is at
> > git://kernel.ubuntu.com/serge/quantal-userns.git (branch
> > master-next.nov14.userns which should be the default).
> > -serge
> Serge - Of course I drug my feet on this until after Andy reinstated
> overlayfs and aufs. Could you take a stab at resolving the issues with
> your patch set on top of Ubuntu-3.7.0-2.8 ? There are a number of
> function prototype changes in your patch set that require kuid_t/kgid_t,
> etc, and aufs is coded against mainline 3.7. overlayfs is likely to have
> the same issues.
Will do. Want to spend about one more day with syslog ns prototype to
send out, should have the port by end of tomorrow or sometime monday.
More information about the kernel-team