From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Van Hensbergen <ericvh@gmail.com>
Subject: Re: [PATCH] private mounts
Date: Thu, 28 Apr 2005 08:28:43 -0500
Message-ID: <a4e6962a050428062821838bcb@mail.gmail.com>
References: <E1DPnOn-0000T0-00@localhost> <E1DPo3I-0000V0-00@localhost>
	 <20050424205422.GK13052@parcelfarce.linux.theplanet.co.uk>
	 <E1DPoCg-0000W0-00@localhost>
	 <20050424210616.GM13052@parcelfarce.linux.theplanet.co.uk>
	 <20050424213822.GB9304@mail.shareable.org>
	 <20050425152049.GB2508@elf.ucw.cz>
	 <20050425190734.GB28294@mail.shareable.org>
	 <20050426092924.GA4175@elf.ucw.cz>
	 <20050426140715.GA10833@mail.shareable.org>
Reply-To: Eric Van Hensbergen <ericvh@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7BIT
Cc: Pavel Machek <pavel@ucw.cz>,
	Al Viro <viro@parcelfarce.linux.theplanet.co.uk>,
	Miklos Szeredi <miklos@szeredi.hu>, hch@infradead.org,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	akpm@osdl.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from wproxy.gmail.com ([64.233.184.194]:52560 "EHLO wproxy.gmail.com")
	by vger.kernel.org with ESMTP id S262122AbVD1N2n convert rfc822-to-8bit
	(ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Thu, 28 Apr 2005 09:28:43 -0400
Received: by wproxy.gmail.com with SMTP id 68so638161wri
        for <linux-fsdevel@vger.kernel.org>; Thu, 28 Apr 2005 06:28:43 -0700 (PDT)
To: Jamie Lokier <jamie@shareable.org>
In-Reply-To: <20050426140715.GA10833@mail.shareable.org>
Content-Disposition: inline
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

> 
> Looking closer, I think we already have it.
> 
> It's called /proc/NNN/root.
> 
> Does chroot into /proc/NNN/root cause the chroot'ing process to adopt
> the namespace of NNN?  Looking at the code, I think it does.
> 
    ...
> 
> So no new system calls are needed.  A daemon to hand out per-user
> namespaces (or any other policy) can be written using existing
> kernels, and those namespaces can be joined using chroot.
> 
> That's the theory anyway.  It's always possible I misread the code (as
> I don't use namespaces and don't have tools handy to try them).
> 

I've been thinking about this a bit more...would you even need chroot?
(wouldn't exposing chroot functionality to a user incur additional
security risk?  I guess it would be okay as long as you were only
chrooting to one of your other process' roots?)

If you were organized about where the mounts in your private namespace
were done, you could just mount -bind them from
/proc/NNN/root/home/$USER/mnt (or something).  That requries a certain
amount of discipline in your mounts (or maybe not -- just diff
/proc/NNN/mounts to see what you are missing and bind the
differences).

         -eric