From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752921AbbCaH5o (ORCPT ); Tue, 31 Mar 2015 03:57:44 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41778 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751384AbbCaH5k (ORCPT ); Tue, 31 Mar 2015 03:57:40 -0400 Message-ID: <1427788642.4411.12.camel@redhat.com> Subject: Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options From: Alexander Larsson To: James Bottomley Cc: Andy Lutomirski , gnome-os-list@gnome.org, Linux Containers , "linux-kernel@vger.kernel.org" , mclasen@redhat.com, "Eric W. Biederman" , Linux FS Devel Date: Tue, 31 Mar 2015 09:57:22 +0200 In-Reply-To: <1427447013.2250.9.camel@HansenPartnership.com> References: <1427447013.2250.9.camel@HansenPartnership.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On fre, 2015-03-27 at 10:03 +0100, James Bottomley > > > On Fri, Feb 20, 2015 at 5:04 PM, Andy Lutomirski wrote: > > > It's currently impossible to mount devpts in a user namespace that > > > has no root user, since ptmx can't be created. > > This is where I stopped reading because it's not true ... because it is > possible, you just do it from the host as real root. The point is being able to set up a container as a user, not requiring the setup to be run as root at all. In my case container is a desktop application which will be started by the user, and will run as the user. There is no root involved in the call chain at all. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander Larsson Red Hat, Inc alexl@redhat.com alexander.larsson@gmail.com He's a war-weary Catholic boxer for the 21st century. She's a beautiful renegade magician's assistant looking for love in all the wrong places. They fight crime!