Received: by 10.223.185.116 with SMTP id b49csp562520wrg; Wed, 14 Feb 2018 03:32:48 -0800 (PST) X-Google-Smtp-Source: AH8x227m0BgCm+N6/xUlPuIp45cKSwbVpq9ZfHXBmspHubjnz2eVWiEIgEWXzOBwvYk3rtqtB+x0 X-Received: by 10.99.96.77 with SMTP id u74mr3726489pgb.453.1518607968238; Wed, 14 Feb 2018 03:32:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518607968; cv=none; d=google.com; s=arc-20160816; b=AI2xfc6dYx1TxmQZMwMv91Nwybi+zS1EpxDFfsS5OZ2FzlBQg9OsRdXd/vAqCKmoHR 5IU3Zk3eS3uo2zeEyn8OTdBXab/HqbJY9qa3hIWRqUrh+M9asmGYu9iDKy6Xyh4bNNgE e26aN1pSupjhhIWobtd8ZaTaOSYYeev8GsQTIHIhf51dMLf+gqXdCAgeqvWj0RQvCKBc 2/oQMjVU6KkFGhtKy5IHzpopNEt6cWaaxvywnmJLji5P6uDNyQ2fr24qU1YJAIc2OBnn l1m45Sdl5kf4wTXBEyvkBqxAEBf0SGNz5ILTLa7UEqO23YEEAhqF7ndnmPbHHuTp5t9U 8d7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=7IpuJ3yzUOQtCEB3dH5zjtOnI/1n6nEc+RJkwjLDWt8=; b=aPeVWihTbfz8v09l5XDHjNcieca6Qm0CLyxn32XiKBSsQEiAW4WD91Tz5DmxthvV4P J2qIbcDPPOw3xYh77uFTDJ25aHTZSZ1UAwn676HhLz/tMTqwYZryNyky5o0cCvNLawdg IPsJl8YMw1n38QuzbNxaaxP2In5RrBy4ETZJoDCH+WM3n8U9PwmEAejjsPfyzd1txCXM +Lvb5MceifQsAAnsZ+C1R/IvcE9eCkJ+ifTTX+yB6HuTAgU7+aeRKrN+epMMlukIFqr2 U438IXAO1mJJ3cTSAUyRJTydUF+li6QDRcM2VvG10ZHPRixZwR+28rXtFYUc6/OKVhUS Kv/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=VlDKprG7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o13si187136pgf.441.2018.02.14.03.32.33; Wed, 14 Feb 2018 03:32:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=VlDKprG7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S967462AbeBNLaV (ORCPT + 99 others); Wed, 14 Feb 2018 06:30:21 -0500 Received: from mail-wr0-f193.google.com ([209.85.128.193]:43355 "EHLO mail-wr0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S967342AbeBNLaU (ORCPT ); Wed, 14 Feb 2018 06:30:20 -0500 Received: by mail-wr0-f193.google.com with SMTP id b52so21767168wrd.10 for ; Wed, 14 Feb 2018 03:30:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=7IpuJ3yzUOQtCEB3dH5zjtOnI/1n6nEc+RJkwjLDWt8=; b=VlDKprG7Ax05rmH8f+XesR8wn7e5jGUO3+aFuSNpsCgh93TFcvtG6PGlLD4n3vRW5P qdlsKsaLsKJrQ/iPBPZjaqO3VW3IL1Mh3BPJMY+LimgB06bWyitVjfWgebo0nSmwSxvd T/LdzmLrzH5ux9QDM1z8Pccq4UwkShFe/w/IMBZjoI+dQH6kJuBrEwlWOc6TbhX+78GJ R0zumNeK6m936McqwCRbVKtrRcYyb0u3MX4gDHdMoWOPn1cOtvp/j/9fUoOeOFP9flGU gpQ5p2cCr2M4U+W34iyaEEAazJfv3nE2hDW0grQkbGehb8ulycf+0e/zbAZB2FcM9q0r qGFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=7IpuJ3yzUOQtCEB3dH5zjtOnI/1n6nEc+RJkwjLDWt8=; b=cHmNbjkq7Q7RbQFJR//wYxs2a5AYAvUJE9hSewbWvyf+yxPdF/FIBNVm0K2YhY5AQM eCi9zleq2Ys6hjbefezaL7MBq0ICnCKK7Ur6S2KARcrXmWaM/HRb7S6XeSzuz5xAVmOo NzJLVbtpDCkoQog1abKBGUBlMpIqu+LwF0llLj562DEKAZuc4OgrHwcbkqzGZT2HsWRu 5U7xmm+oaD54rl2wQBDmnQD47UqqepywicIgP66uq9EVqleA7X6LNVCY37jCBYUq6HTh kjlt441tMzvXZGaDltQQFOQ0R2OTVho6E+nHY0D9SS422J7/XT5wSc1NFXNv0U3KbGnx yk/Q== X-Gm-Message-State: APf1xPBvJuLxBSP2PkGdq+CXMFXhTVxWdMGlg6Weg9LvebO+d+z2D6Gs 9pRF6iixrxtinLVO6CSnM3hrx4DLjhj1PK0meKVmEw== X-Received: by 10.223.172.168 with SMTP id o37mr4024664wrc.268.1518607819444; Wed, 14 Feb 2018 03:30:19 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.136.194 with HTTP; Wed, 14 Feb 2018 03:30:18 -0800 (PST) In-Reply-To: <24ddea73-5c84-e098-caae-8a4c14834cbd@metux.net> References: <0f058286-a432-379b-f559-f2fe713807ab@metux.net> <5633d335-3926-d98f-d6d7-948b1e2a0b2c@metux.net> <20180213222751.p3fyg7whg6jqlzz5@gordon> <39b08c53-3449-3164-c1b1-44ac587dd4ea@metux.net> <20180214045442.jyv6zpbwz5glzi4z@gordon> <9c097fd9-3035-d5be-a829-fc18e7734f18@metux.net> <20180214102410.dxgbayb4i76h5exo@gordon> <24ddea73-5c84-e098-caae-8a4c14834cbd@metux.net> From: Richard Weinberger Date: Wed, 14 Feb 2018 12:30:18 +0100 Message-ID: Subject: Re: plan9 semantics on Linux - mount namespaces To: Enrico Weigelt Cc: Aleksa Sarai , Linux Containers , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 14, 2018 at 12:27 PM, Enrico Weigelt wrote: > On 14.02.2018 11:24, Aleksa Sarai wrote: > >> What distribution are you using and which release? > > > On a self-compiled system. > > Forgot to enable namespaces in the kernel. Now it seems to work > as root, but not as an unprivileged user: > > > daemon@alphabox:~ unshare -r -U > unshare: can't open '/proc/self/setgroups': Permission denied > daemon@alphabox:~ unshare -f -r -U > unshare: can't open '/proc/self/setgroups': Permission denied > Please read http://man7.org/linux/man-pages/man7/user_namespaces.7.html setgroups is a corner case and needs special care. -- Thanks, //richard