Re: [RFC][2.6 patch] Allow creation of new namespaces during mount system call

[Ram <linuxram@us.ibm.com>]

On Wed, 2005-04-20 at 05:39, Al Viro wrote:
> On Wed, Apr 20, 2005 at 01:03:40PM +0100, Jamie Lokier wrote:
> > It shouldn't be literally per-user - it should be possible for a user
> > to have several environment _when_ they want that.  chroot-jail style
> > virtual server environments require that too.
> > 
> > But that shouldn't be the only option - because it would be horrible
> > to use.  If I login on multiple terminals, I normally want to mount
> > filesystems in /home/jamie/mnt on one terminal, and use them on another.
> 
> And when you log in on several terminals you usually want same $PATH.
> You don't do that by sharing VM between shell processes, do you?  Sure,
> that would work with sufficient kernel-side hacks for joining thread
> group and making e.g. bash multithreaded.  Nobody does it though - it
> doesn't buy you anything really useful.
>  
> > How can libpam join the user's existing namespace?
> > 
> > Having a separate usermount-namespace for each login of the same user
> > would not be nice to use.
> 
> I don't see why.  _IF_ you can change the set of mounts after you log in,
> there's no more need to do any kernel tricks for that stuff than you would
> need for environment, etc.  If you can't - well, the last point where you
> can get something set up is login with no changes afterwards.  In that case
> everything is just as trivial...
> -

Reading through the thread I assume the requirement is:

1) A User being able to create his own VFS-mount environment 
2) being able to use the same VFS-mount environment from 
    multiple login sessions.
3) Being able to switch some processes to some other
      VFS-mount environment.

How about making namespace's as first class objects with some associated
name or device in the device tree having owner/permissions etc.  any
process which forks off a namespace shall create the
device node for the namespace. If some other process wants to use
the same namespace, it can do so by attaching itself to the namespace
dynamically? Offcourse children processes inherit the same namespace.


If such a functionality existed, then a user can create his own
namespace if one does not exist, and if one exist he can attach to
that namespace?  Not thought through this idea entirely, but seems
to provide the desired functionality.

RP


> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html