Received: by 10.223.185.116 with SMTP id b49csp4189702wrg; Tue, 13 Feb 2018 14:29:03 -0800 (PST) X-Google-Smtp-Source: AH8x225F3w6ktdR3LRCHFzbIHCDUdkeMhSMPyYNHytWBenGPVYc2iB9GM2lMuKS7XL3UtTJ1wSze X-Received: by 2002:a17:902:9686:: with SMTP id n6-v6mr2387182plp.333.1518560943097; Tue, 13 Feb 2018 14:29:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518560943; cv=none; d=google.com; s=arc-20160816; b=F5pc+8kORiKfObacHd0t4LGso9UeSCcTu5SYj0g/IkoLju7WjIkLpbXhUJ3D8UbbI8 uTVkQdDZMaC3ZVsaIbo/xJv4JTEBjjCNBnr9+mNXJCaqyeU4jG++5iRveRxv3ez2Z2Fh hpPe2BJq04NESSmBuIKUs784uUkgDmgfI+E9FWtmaO95ciV9AAd2yOd/bnUZorlP3Jpi gWoly01d218TRu0b/rR5G4FkXJLCAMCXTASin7bZ2fP8m6UF/VKYQiTshmdeMY1P/VJH 3CeKse69Xmrq/T7bcUWFSpA5gLiw6aQnCYLtQFdxeGv01w2e/058Zd11zzL7+dFc3gDc UeEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=8HX4wWtp+SURVqkqh6ixvUqKjIP+RoV4JhifAH1ThxE=; b=xWv0igxlxjGGJ/FkhPheK0j40X9WcetiaoWTvayl/FgE/3wP9dkHWYG8bOCz7HBvQ1 slafTbWAZS6NCqjf+UsimlApHQpKiwEQBSY/e60id3gxYQ4kWp0PHBWU7AWTF2Jhf5fA 7WgR0om3QHFV5F2/BQk5hMnSO7LZl6a4+j5OBf5UOzUTEbV6gSzrAOAp/FexurZ3Vg5P pwnhu+gIrCqUcZdc748mpfqHmAxoOaN3YlQPJ4frDwWo8iY7r501mijV6MTkyMQmgVCV CjvUEiH8MvdsQCBFcx0D24hzz8tb1Qvy00h3/dQPlDCXx3lE/YcgslIMLhIzpRa2dlxI 1aTg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b2si556747pgc.37.2018.02.13.14.28.43; Tue, 13 Feb 2018 14:29:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966024AbeBMW17 (ORCPT + 99 others); Tue, 13 Feb 2018 17:27:59 -0500 Received: from mx2.suse.de ([195.135.220.15]:59826 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965900AbeBMW16 (ORCPT ); Tue, 13 Feb 2018 17:27:58 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id CAB00AF13; Tue, 13 Feb 2018 22:27:56 +0000 (UTC) Date: Wed, 14 Feb 2018 09:27:51 +1100 From: Aleksa Sarai To: Enrico Weigelt Cc: "linux-kernel@vger.kernel.org" , Linux Containers Subject: Re: plan9 semantics on Linux - mount namespaces Message-ID: <20180213222751.p3fyg7whg6jqlzz5@gordon> References: <0f058286-a432-379b-f559-f2fe713807ab@metux.net> <5633d335-3926-d98f-d6d7-948b1e2a0b2c@metux.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="a6hqz3juwskhopve" Content-Disposition: inline In-Reply-To: <5633d335-3926-d98f-d6d7-948b1e2a0b2c@metux.net> User-Agent: NeoMutt/20170912 (1.9.0) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --a6hqz3juwskhopve Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2018-02-13, Enrico Weigelt wrote: > On 13.02.2018 22:12, Enrico Weigelt wrote: > > I'm currently trying to implement plan9 semantics on Linux and > > yet sorting out how to do the mount namespace handling. > >=20 > > On plan9, any unprivileged process can create its own namespace > > and mount/bind at will, while on Linux this requires CAP_SYS_ADMIN. > >=20 > > What is the reason for not allowing arbitrary users to create their > > own private mount namespace ? What could go wrong here ? You can do this by creating a new user namespace (CLONE_NEWUSER), which then gives you the required permissions to create other namespaces (CLONE_NEWNS). This is how "rootless containers" or unprivileged containers operate. --=20 Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH --a6hqz3juwskhopve Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAlqDZmcACgkQnhiqJn3b jbQBiQ/+PPO9TOTnb9rSgeR/g5QRZEI4/mUBjlwDl/F6bBXb/23FMBBX2DnaZ5uk XgeRYDQcw5kh62Zq6QSXNMOmodfoI3WhEMUh/p3xVHCOTwfs8UR7kaE1YjXg0sld wtTFePg75WF+A9ct1SWCm0vMKn2u2+iLcb0l3XqIl/xGplSbfRXWMIBAMxLgwOG/ /FNR4vTuxuDcsRXOo7TdfvY+vMf1yQJrb0DamZx+hshzh+a4l4Q5MjOb2pffhNrj eBymq06aFn69KETJFnujIPXOm87zPieH/bF98xMdn64xuX8Z1JZ0+Ei9ISnxK2Uf Be8FQlrkuJ7t3LU8YUX0Sg9tgxVO8jHeTlWduo02NCUEntBxc5nZAe1IwbQmieoC 604OKkAA6Qv5xi2/cKKUgXpcyZAvvn7oKPJlmyYkwUXmL1TafB1MISXIVhx1MQWa fPsKtSOYvHzOCmFmS/LBuQEBJOQvk4x3qt4YT59pcnuR00Tn6Hv2cIl7q7zFTr5C Twz3zDlcR5iV5mS+PUhKvwiS5trMB3+SJzz9fUP/AhSe39ojfnWDVRoNo5WjZkeO dwuFm6PEN3cqN4ljj2NAoT3VbiMomcpjl4W1HJuoeDR8q6yCfYe4xNmfpLQnP6jP sV/mUbvdCs7eiRUoPYwticI6NYYFzMuhHEIZ2kJ1EpYQzbYMkG8= =EiJn -----END PGP SIGNATURE----- --a6hqz3juwskhopve--