Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 3 Nov 2002 13:07:20 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 3 Nov 2002 13:07:19 -0500 Received: from neon-gw-l3.transmeta.com ([63.209.4.196]:3085 "EHLO neon-gw.transmeta.com") by vger.kernel.org with ESMTP id ; Sun, 3 Nov 2002 13:07:19 -0500 Date: Sun, 3 Nov 2002 10:13:37 -0800 (PST) From: Linus Torvalds To: yodaiken@fsmlabs.com cc: Alexander Viro , Alan Cox , Olaf Dietsche , "Theodore Ts'o" , Dax Kelson , Rusty Russell , Linux Kernel Mailing List , Subject: Re: Filesystem Capabilities in 2.6? In-Reply-To: <20021103095612.A436@hq.fsmlabs.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1239 Lines: 30 On Sun, 3 Nov 2002 yodaiken@fsmlabs.com wrote: > > Plan 9 ! Well, yes. But also Linux. The code is all there, and you can create a new namespace group with just a simple CLONE_NEWNS. Then you just do pivot_root() in that namespace, unmount the old root, and you're done. Yeah, yeah, I'm sure I forgot something, glossed over the details, and a real example is more involved. And I'm also sure it hasn't been used in practice all that much, but Al's point is that this is much more than "chroot()", and is actually safe from all the normal chroot problems. Because the namespace is not a part of the old tree - it's a completely new tree with no connections to the old one. We got it pretty much for free (*) with the vfsmount stuff - which in turn was needed for bind-mounts. Linus (*) Although, to be honest, it's hard to say how much of it was "for free", and how much of it was the normal "Al thinking ahead a year or so while doing incremental patches". Al is scary that way. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/