From: ebiederm@xmission.com (Eric W. Biederman)
To: Stanislav Kinsbursky <skinsbursky@parallels.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
"mingo\@elte.hu" <mingo@elte.hu>,
"a.p.zijlstra\@chello.nl" <a.p.zijlstra@chello.nl>,
Pavel Emelianov <xemul@parallels.com>,
"drosenberg\@vsecurity.com" <drosenberg@vsecurity.com>,
"linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"eparis\@redhat.com" <eparis@redhat.com>,
"bfields\@fieldses.org" <bfields@fieldses.org>,
James Bottomley <jbottomley@parallels.com>,
"devel\@openvz.org" <devel@openvz.org>
Subject: Re: [PATCH 1/2] SYSCTL: root unregister routine introduced
Date: Sat, 17 Dec 2011 14:30:55 -0800 [thread overview]
Message-ID: <m162herfts.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <4EE714BC.5040408@parallels.com> (Stanislav Kinsbursky's message of "Tue, 13 Dec 2011 13:02:52 +0400")
Stanislav Kinsbursky <skinsbursky@parallels.com> writes:
> 13.12.2011 02:52, Andrew Morton пишет:
>> On Mon, 12 Dec 2011 21:50:00 +0300
>> Stanislav Kinsbursky<skinsbursky@parallels.com> wrote:
>>
>>> This routine is required for SUNRPC sysctl's, which are going to be allocated,
>>> processed and destroyed per network namespace context.
>>> IOW, new sysctl root will be registered on network namespace creation and
>>> thus have to unregistered before network namespace destruction.
>>>
>>
>> It's a bit suspicious that such a mature subsystem as sysctl newly
>> needs its internals exported like this. Either a) the net namespaces
>> work is doing something which hasn't been done before or b) it is doing
>> something wrong.
>>
>> So, please explain further so we can confirm that it is a) and not b).
>>
>
> Hello, Andrew.
> The goal is to provide an ability to control and modify data by sysctl's in
> network namespace context. This is done by "net" sysctl's.
> But there are two more issues to solve:
> 1) Sysctl's have to be in /proc/sys/sunrpc
The sysctl root has nothing to with what directory the files show up in,
so this should not be an issue.
> 2) Sysctl's content should be accessible from creator's network context (not
> current user ones's).
Making the sunrpc sysctls per network namespace would seem to address
this. I don't see why you would need a new root to handle this case.
Eric
next prev parent reply other threads:[~2011-12-17 22:29 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-12 18:49 [PATCH 0/2] SYSCTL: export root handling routines Stanislav Kinsbursky
2011-12-12 18:50 ` [PATCH 1/2] SYSCTL: root unregister routine introduced Stanislav Kinsbursky
2011-12-12 22:52 ` Andrew Morton
2011-12-13 9:02 ` Stanislav Kinsbursky
2011-12-17 22:30 ` Eric W. Biederman [this message]
2011-12-12 18:50 ` [PATCH 2/2] SYSCTL: export root register and unregister routines Stanislav Kinsbursky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m162herfts.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=devel@openvz.org \
--cc=drosenberg@vsecurity.com \
--cc=eparis@redhat.com \
--cc=jbottomley@parallels.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=skinsbursky@parallels.com \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.