From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Whitcroft Subject: Re: [PATCH RFC] overlayfs,xattr: allow unprivileged users to whiteout Date: Fri, 28 Feb 2014 14:55:14 +0000 Message-ID: <20140228145514.GD4334@dm> References: <20140225173113.GA14257@sergelap> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Serge Hallyn , Linux-Fsdevel , kernel-team@lists.ubuntu.com, =?iso-8859-1?Q?St=E9phane?= Graber To: Miklos Szeredi Return-path: Received: from mail-wi0-f182.google.com ([209.85.212.182]:47401 "EHLO mail-wi0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752115AbaB1OzS (ORCPT ); Fri, 28 Feb 2014 09:55:18 -0500 Received: by mail-wi0-f182.google.com with SMTP id f8so693930wiw.9 for ; Fri, 28 Feb 2014 06:55:17 -0800 (PST) Content-Disposition: inline In-Reply-To: Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Fri, Feb 28, 2014 at 03:15:14PM +0100, Miklos Szeredi wrote: > On Tue, Feb 25, 2014 at 6:31 PM, Serge Hallyn wrote: > > To mark a file which exists in the lower layer as deleted, > > it creates a symbolic link to a file called "(overlay-whiteout)" > > in the writeable mount, and sets a "trusted.overlay" xattr > > on that link. > > > > 1. When the create the symbolic link as container root, not > > as the global root > > > > 2. Allow root in a container to edit "trusted.overlay*" > > xattrs. Generally only global root is allowed to edit > > "trusted.*" > > Shouldn't overlayfs just skip the permission checks and call > __vfs_setxattr_noperm() instead? It does seem we should be avoiding the permissions here, as we have let the thing be mounted we have done the permissions checks for that and for the file access itself already. This operation is something we definatly want to represent in the filesystem. -apw