user namespace delta over 3.7

Serge Hallyn serge.hallyn at canonical.com
Thu Nov 15 20:37:22 UTC 2012


Quoting Tim Gardner (tim.gardner at canonical.com):
> On 11/14/2012 01:55 PM, Serge Hallyn wrote:
> > Quoting Tim Gardner (tim.gardner at canonical.com):
> >> On 11/06/2012 09:36 AM, Serge Hallyn wrote:
> >>> Hi,
> >>>
> >>> the core of user namespace code has landed upstream, however some more
> >>> is needed to run full ubuntu containers in a user namespace.  Some of
> >>> this will land in 3.8, but probably not all.  Eric's development tree
> >>> is at http://git.kernel.org/?p=linux/kernel/git/ebiederm/user-namespace.git;a=summary
> >>>
> >>> I have pushed that tree on top of a recent raring tree at
> >>> git://kernel.ubuntu.com/serge/quantal-userns.git in branch
> >>> master.oct25.userns-v70.  It consists of 84 patches (including 5 just
> >>> updating under debian/, one by me fix to account for ubuntu delta, and
> >>> one not (yet) in Eric's tree to allow tmpfs mounts in a container),
> >>> which I can git-email if desired.  The built kernel is in
> >>> ppa:serge-hallyn/userns-natty and does allow me to boot a full ubuntu
> >>> container in a user namespace - meaning every root owned process and
> >>> file is actually owned by userid 100000 on the host and contained.
> >>>
> >>> I'm sending this now in the hopes that whatever bits don't land in
> >>> 3.8 can be pushed onto the raring kernel.  Our goal this cycle is to
> >>> support user namespaces, and next cycle to support completely
> >>> unprivileged creation and starting of containers.
> >>>
> >>> -serge
> >>>
> >>
> >> Serge - how about a pull request for a branch that has been rebased
> >> on Raring master-next ? I took a quick stab at it and quickly ran
> >> into uapi transition conflicts (I think).
> > 
> > A successfully built kernel is at
> > git://kernel.ubuntu.com/serge/quantal-userns.git (branch
> > master-next.nov14.userns which should be the default).
> > 
> > -serge
> > 
> 
> Serge - Of course I drug my feet on this until after Andy reinstated
> overlayfs and aufs. Could you take a stab at resolving the issues with
> your patch set on top of Ubuntu-3.7.0-2.8 ? There are a number of
> function prototype changes in your patch set that require kuid_t/kgid_t,
> etc, and aufs is coded against mainline 3.7. overlayfs is likely to have
> the same issues.

Will do.  Want to spend about one more day with syslog ns prototype to
send out, should have the port by end of tomorrow or sometime monday.

-serge




More information about the kernel-team mailing list