From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bedivere.hansenpartnership.com ([66.63.167.143]:60244 "EHLO bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932071AbcDSUB4 (ORCPT ); Tue, 19 Apr 2016 16:01:56 -0400 Message-ID: <1461096111.2435.9.camel@HansenPartnership.com> Subject: Re: [Patch resend v3 3/3] binfmt_misc: add F option description to documentation From: James Bottomley To: "Serge E. Hallyn" Cc: containers@lists.linux-foundation.org, linux-fsdevel , Jan Kara , Al Viro Date: Tue, 19 Apr 2016 16:01:51 -0400 In-Reply-To: <20160419195832.GA32382@mail.hallyn.com> References: <1461068670.2435.0.camel@HansenPartnership.com> <1461068980.2435.6.camel@HansenPartnership.com> <20160419195832.GA32382@mail.hallyn.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Tue, 2016-04-19 at 14:58 -0500, Serge E. Hallyn wrote: > Quoting James Bottomley (James.Bottomley@HansenPartnership.com): > > Signed-off-by: James Bottomley < > > James.Bottomley@HansenPartnership.com> > > Acked-by: Serge Hallyn > > Thanks, James. Which tree were you thinking this would go in > through? I'm happy to become binfmt_misc maintainer (on the grounds that last to touch it gets to keep it) and thus run my own tree, but I talked to Al at LSF/MM and he thinks it can go through the vfs tree. James > > --- > > Documentation/binfmt_misc.txt | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/Documentation/binfmt_misc.txt > > b/Documentation/binfmt_misc.txt > > index 6b1de70..ec83bbc 100644 > > --- a/Documentation/binfmt_misc.txt > > +++ b/Documentation/binfmt_misc.txt > > @@ -66,6 +66,13 @@ Here is what the fields mean: > > This feature should be used with care as the > > interpreter > > will run with root permissions when a setuid binary > > owned by root > > is run with binfmt_misc. > > + 'F' - fix binary. The usual behaviour of binfmt_misc is to > > spawn the > > + binary lazily when the misc format file is > > invoked. However, > > + this doesn't work very well in the face of mount > > namespaces and > > + changeroots, so the F mode opens the binary as soon as > > the > > + emulation is installed and uses the opened image to > > spawn the > > + emulator, meaning it is always available once > > installed, > > + regardless of how the environment changes. > > > > > > There are some restrictions: