From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexander Larsson Subject: Re: [PATCH] devpts: Make ptmx be owned by the userns owner instead of userns-local 0 Date: Mon, 14 Mar 2016 16:42:55 +0100 Message-ID: <1457970175.30497.1.camel@redhat.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Andy Lutomirski , Linux FS Devel , linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, "Eric W. Biederman" Cc: Linux Containers , gnome-os-list-rDKQcyrBJuzYtjvyW6yDsg@public.gmane.org, mclasen-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org List-Id: containers.vger.kernel.org T24gc8O2biwgMjAxNi0wMy0xMyBhdCAyMjowNiAtMDcwMCwgQW5keSBMdXRvbWlyc2tpIHdyb3Rl Ogo+IFdlIHVzZWQgdG8gaGF2ZSBwdG14IGJlIG93bmVkIGJ5IHRoZSBpbm5lciB1aWQgYW5kIGdp ZCAwLsKgwqBDaGFuZ2UKPiB0aGlzOiBpZiB0aGUgb3duZXIgYW5kIGdyb3VwIGFyZSBib3RoIG1h cHBlZCBidXQgYXJlIG5vdCBib3RoIDAsCj4gdGhlbiB1c2UgdGhlIG93bmVyIGluc3RlYWQuCj4g Cj4gRm9yIGNvbnRhaW5lci1zdHlsZSBuYW1lc3BhY2VzIChMWEMsIGV0YyksIHRoaXMgc2hvdWxk IGhhdmUgbm8KPiBlZmZlY3QgLS0gVUlEIDAgaXMgd2lsbCBlaXRoZXIgYmUgdGhlIG93bmVyIG9y IHdpbGwgYmUgdW5tYXBwZWQuCj4gCj4gVGhlIGltcG9ydGFudCBiZWhhdmlvciBjaGFuZ2UgaXMg Zm9yIHNhbmRib3hlczogbWFueSBzYW5kYm94ZXMKPiBpbnRlbnRpb25hbGx5IGRvIG5vdCBjcmVh dGUgYW4gaW5uZXIgdWlkIDAuwqDCoFdpdGhvdXQgdGhpcyBwYXRjaCwKPiBtb3VudGluZyBkZXZw dHMgaW4gc3VjaCBhIHNhbmRib3ggaXMgYXdrd2FyZC7CoMKgV2l0aCB0aGlzIHBhdGNoLCBpdAo+ IHdpbGwganVzdCB3b3JrIGFuZCBwdG14IHdpbGwgYmUgb3duZWQgYnkgdGhlIG5hbWVzcGFjZSBv d25lci4KPiAKPiBDYzogQWxleGFuZGVyIExhcnNzb24gPGFsZXhsQHJlZGhhdC5jb20+Cj4gQ2M6 IG1jbGFzZW5AcmVkaGF0LmNvbQo+IENjOiAiRXJpYyBXLiBCaWVkZXJtYW4iIDxlYmllZGVybUB4 bWlzc2lvbi5jb20+Cj4gQ2M6IExpbnV4IENvbnRhaW5lcnMgPGNvbnRhaW5lcnNAbGlzdHMubGlu dXgtZm91bmRhdGlvbi5vcmc+Cj4gU2lnbmVkLW9mZi1ieTogQW5keSBMdXRvbWlyc2tpIDxsdXRv QGtlcm5lbC5vcmc+CgpUZXN0ZWQtYnk6IEFsZXhhbmRlciBMYXJzc29uIDxhbGV4bEByZWRoYXQu Y29tPgoKU2VlbXMgdG8gd29yayBmaW5lIGZvciBtZSEgVGhhbmtzIQoKLS0gCj0tPS09LT0tPS09 LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0tPS09LT0t PS09LT0tPQogQWxleGFuZGVyIExhcnNzb24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIFJlZCBIYXQsIEluYyAKICAgICAgIGFsZXhsQHJlZGhhdC5jb20gICAgICAg ICAgICBhbGV4YW5kZXIubGFyc3NvbkBnbWFpbC5jb20gCkhlJ3MgYW4gdW5jb250cm9sbGFibGUg dm9vZG9vIGxpYnJhcmlhbiB3aXRoIGEgcm9ib3QgYnVkZHkgbmFtZWQgU3Bhcmt5LiAKU2hlJ3Mg YSBjeW5pY2FsIHdpbmdlZCBqb3VybmFsaXN0IGZyb20gdGhlIHdyb25nIHNpZGUgb2YgdGhlIHRy YWNrcy4gVGhleSAKZmlnaHQgY3JpbWUhIAoKCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fCkNvbnRhaW5lcnMgbWFpbGluZyBsaXN0CkNvbnRhaW5lcnNAbGlz dHMubGludXgtZm91bmRhdGlvbi5vcmcKaHR0cHM6Ly9saXN0cy5saW51eGZvdW5kYXRpb24ub3Jn L21haWxtYW4vbGlzdGluZm8vY29udGFpbmVycw== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Message-ID: <1457970175.30497.1.camel@redhat.com> Subject: Re: [PATCH] devpts: Make ptmx be owned by the userns owner instead of userns-local 0 From: Alexander Larsson To: Andy Lutomirski , Linux FS Devel , linux-kernel@vger.kernel.org, "Eric W. Biederman" Cc: gnome-os-list@gnome.org, James Bottomley , mclasen@redhat.com, Linux Containers Date: Mon, 14 Mar 2016 16:42:55 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: On sön, 2016-03-13 at 22:06 -0700, Andy Lutomirski wrote: > We used to have ptmx be owned by the inner uid and gid 0.  Change > this: if the owner and group are both mapped but are not both 0, > then use the owner instead. > > For container-style namespaces (LXC, etc), this should have no > effect -- UID 0 is will either be the owner or will be unmapped. > > The important behavior change is for sandboxes: many sandboxes > intentionally do not create an inner uid 0.  Without this patch, > mounting devpts in such a sandbox is awkward.  With this patch, it > will just work and ptmx will be owned by the namespace owner. > > Cc: Alexander Larsson > Cc: mclasen@redhat.com > Cc: "Eric W. Biederman" > Cc: Linux Containers > Signed-off-by: Andy Lutomirski Tested-by: Alexander Larsson Seems to work fine for me! Thanks! -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander Larsson Red Hat, Inc alexl@redhat.com alexander.larsson@gmail.com He's an uncontrollable voodoo librarian with a robot buddy named Sparky. She's a cynical winged journalist from the wrong side of the tracks. They fight crime!