Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp689552pxj; Tue, 18 May 2021 11:54:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwLcwZ2zE7JWsIW02XpagbX2h3jsYrdGgirJWE42bes1oKCrOR07E6orMVGGeNCrTlazUh7 X-Received: by 2002:a17:907:2dab:: with SMTP id gt43mr7650133ejc.369.1621364070392; Tue, 18 May 2021 11:54:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621364070; cv=none; d=google.com; s=arc-20160816; b=gRuyc9WyOhoKeERSW/zKwjqbeW9byBondqY4K5BnM8j3Se7So3atK+YJjD0UTu0Ubw M425Y/xCS0e30QZIRFr32bSkm57tU8MLKsHnak+ZOVpRMy+hdTWpdeQT7TkZ4j4V02KN Xyes28sw1AypOYxFDAUuIk8LFgnULzOvCRJVA5u6FZ+uSK4QvkFeOaKy07pM1feQtP49 RGEskGnaDPJyr3x6O7MgTPNRoSGZVP4OP25Dqc3ze7kWoUvJKqiMyaNH/H3WB36xhD+U 3mM93bS1JurMibAFL6zENNfw5re1OmjXbSVgMFqBl2i4vfpaL66OSdHswfAw+rM8qKEj S/aQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=kLncn2tXrchucoGdukINKdt5e1tnZ2XuxF0vi5WpeGQ=; b=jICipjlvDscFKs/HLRYhiBObLtxG6jDBLejHVe000B18bGawSCY/jnPErpmaARZ+jX skril2tf8JfTpo2zRUp+YMuBICqxyESIAl2MgzXKfuMYgw0uGF9mr0qj2ASur9yMdxxj yyb/GQNNX9jurEz1zagGbbp9anNd3t3w6Uen+fsfNic7e8N0hEqZZ8Y0x5CAWO+6dinQ zCUDa0b4tEb1J4vPRBBntEXv3AKQIN37boi2wR95OO8b/d7yaxZg3kXbNgBnWVcx2JjX xlgv7SWTFDNqdCYU/jy533FbF4dNThdmIUxyNwgi++imc3kBUtFjkCt5MXdjNi1IcUfS k61g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k16si17932433ejd.368.2021.05.18.11.54.06; Tue, 18 May 2021 11:54:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344116AbhEQQR1 (ORCPT + 99 others); Mon, 17 May 2021 12:17:27 -0400 Received: from mail.hallyn.com ([178.63.66.53]:41466 "EHLO mail.hallyn.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346889AbhEQQKT (ORCPT ); Mon, 17 May 2021 12:10:19 -0400 Received: by mail.hallyn.com (Postfix, from userid 1001) id BDB195F6; Mon, 17 May 2021 11:08:59 -0500 (CDT) Date: Mon, 17 May 2021 11:08:59 -0500 From: "Serge E. Hallyn" To: Giuseppe Scrivano Cc: "Serge E. Hallyn" , linux-kernel@vger.kernel.org, dwalsh@redhat.com, christian.brauner@ubuntu.com, ebiederm@xmission.com Subject: Re: [RFC PATCH 1/3] setgroups: new mode 'shadow' for /proc/PID/setgroups Message-ID: <20210517160859.GA25644@mail.hallyn.com> References: <20210510130011.1441834-1-gscrivan@redhat.com> <20210510130011.1441834-2-gscrivan@redhat.com> <20210515015157.GB2845@mail.hallyn.com> <87y2cdqyhj.fsf@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87y2cdqyhj.fsf@redhat.com> User-Agent: Mutt/1.9.4 (2018-02-28) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 17, 2021 at 03:30:16PM +0200, Giuseppe Scrivano wrote: > Hi Serge, > > thanks for the review. > > "Serge E. Hallyn" writes: > >> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c > >> index 8d62863721b0..b1940b63f7ac 100644 > >> --- a/kernel/user_namespace.c > >> +++ b/kernel/user_namespace.c > >> @@ -123,6 +123,7 @@ int create_user_ns(struct cred *new) > >> ns->ucount_max[i] = INT_MAX; > >> } > >> ns->ucounts = ucounts; > >> + ns->shadow_group_info = get_current_groups(); > > > > If userns u1 unshares u2 with shadow set, then when u2 unshares > > u3, should u3 get the same shadowed set that u2 has, or should it > > get all of u2's groups as u3's initial shadow set? > > good question. Thinking more of it, I think a reasonable interface is > to expect a child userns to inherit the same shadow groups as its parent > userns. If "shadow" is written again to the /proc/PID/setgroups file > then it grows shadow groups set to include the ones the userns had at > creation time (which includes the parent shadow groups). What do you > think of it? I'll play more with this idea and see if it works. That's what I was thinking would make the most sense.