From: Mike Frysinger <vapier@gentoo.org>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: util-linux-ng@vger.kernel.org, akpm@linux-foundation.org,
hch@infradead.org, serue@us.ibm.com, viro@ftp.linux.org.uk,
kzak@redhat.com, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, containers@lists.osdl.org
Subject: Re: [patch] util-linux-ng: unprivileged mounts support
Date: Wed, 16 Jan 2008 08:17:10 -0500 [thread overview]
Message-ID: <200801160817.12812.vapier@gentoo.org> (raw)
In-Reply-To: <E1JF7Xh-0003q3-Qv@pomaz-ex.szeredi.hu>
[-- Attachment #1: Type: text/plain, Size: 1020 bytes --]
On Wednesday 16 January 2008, Miklos Szeredi wrote:
> This is an experimental patch for supporing unprivileged mounts and
> umounts. The following features are added:
same feedback as last time ... the cap stuff needs to be made optional and
proper header checks added to configure ...
> 1) If mount/umount are suid, first try without privileges.
>
> This is done by forking, dropping privileges in child, and redirecting
> stderr to /dev/null. If this succeeds, then parent exits with zero
> exit code. Otherwise parent continues normally (with privileges).
> This isn't perfect, because the wrong error message will be printed if
> mount/umount failed not because of insufficient privileges, but some
> other error (e.g. mountpoint busy).
this normalization of error information does kind of suck ... but i think the
way it's written, the end user will still get the real answer the second time
around when the mount is attempted with root privs and not stderr sent
to /dev/null ?
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 827 bytes --]
next prev parent reply other threads:[~2008-01-16 20:12 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-16 12:38 [patch] util-linux-ng: unprivileged mounts support Miklos Szeredi
2008-01-16 13:17 ` Mike Frysinger [this message]
2008-01-16 20:33 ` Miklos Szeredi
2008-01-19 16:05 ` Szabolcs Szakacsits
2008-01-19 20:32 ` Miklos Szeredi
2008-01-19 21:42 ` Szabolcs Szakacsits
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200801160817.12812.vapier@gentoo.org \
--to=vapier@gentoo.org \
--cc=akpm@linux-foundation.org \
--cc=containers@lists.osdl.org \
--cc=hch@infradead.org \
--cc=kzak@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=serue@us.ibm.com \
--cc=util-linux-ng@vger.kernel.org \
--cc=viro@ftp.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox