From: Sean Anderson <seanga2@gmail.com>
To: util-linux@vger.kernel.org, Karel Zak <kzak@redhat.com>
Cc: Mikhail Gusarov <dottedmag@dottedmag.net>,
Matthew Harm Bekkema <id@mbekkema.name>,
James Peach <jpeach@apache.org>,
Sean Anderson <seanga2@gmail.com>
Subject: [PATCH v2 0/6] unshare: Add support for mapping ranges of user/group IDs
Date: Wed, 24 Nov 2021 13:26:12 -0500 [thread overview]
Message-ID: <20211124182618.1801447-1-seanga2@gmail.com> (raw)
This series adds support for mapping ranges of user/group IDs using the
newuidmap and newgidmap programs from shadow. The intent is to allow
for root-less bootstrapping of Linux root filesystems with correct
ownership. My primary inspiration is mmdebstrap [1], which uses
unshare(2) to create Debian root filesystems without needing root
access.
[1] https://gitlab.mister-muffin.de/josch/mmdebstrap
Changes in v2:
- Add "auto" option for --map-users and --map-groups
- Add UID_BUFSIZ macro to hold the maximum size of a uid represented as
a string
- Add some documentation for waitchild
- Add some helpers for forking and synchronizing
- Copy names from string_to_idarray into a buffer to add a
nul-terminator, instead of modifying them directly
- Document new "auto" value for --map-user and --map-group
- Fix most of read_subid_range using spaces instead of tabs
- Fix typo of --group instead of --user
- Update doc comments for uint_to_id() and get_map_range()
- Use more meaningful numbers in map_ids
- Use pathname macros for /etc/sub{u,g}id
- Use sync helpers for idmap
Sean Anderson (6):
include/c: Add abs_diff macro
unshare: Add waitchild helper
unshare: Add some helpers for forking and synchronizing
unshare: Add options to map blocks of user/group IDs
unshare: Add option to automatically create user and group maps
unshare: Document --map-{groups,users,auto}
include/c.h | 8 +
include/pathnames.h | 3 +
sys-utils/unshare.1.adoc | 32 +++
sys-utils/unshare.c | 477 ++++++++++++++++++++++++++++++++++-----
4 files changed, 465 insertions(+), 55 deletions(-)
--
2.33.0
next reply other threads:[~2021-11-24 18:26 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-24 18:26 Sean Anderson [this message]
2021-11-24 18:26 ` [PATCH v2 1/6] include/c: Add abs_diff macro Sean Anderson
2021-11-24 18:26 ` [PATCH v2 2/6] unshare: Add waitchild helper Sean Anderson
2021-11-24 18:26 ` [PATCH v2 3/6] unshare: Add some helpers for forking and synchronizing Sean Anderson
2021-11-24 18:26 ` [PATCH v2 4/6] unshare: Add options to map blocks of user/group IDs Sean Anderson
2021-11-24 18:26 ` [PATCH v2 5/6] unshare: Add option to automatically create user and group maps Sean Anderson
2021-11-24 18:26 ` [PATCH v2 6/6] unshare: Document --map-{groups,users,auto} Sean Anderson
2021-12-01 15:16 ` [PATCH v2 0/6] unshare: Add support for mapping ranges of user/group IDs Karel Zak
2022-01-14 10:29 ` Daniel Gerber
2022-01-14 14:42 ` Sean Anderson
2022-01-14 17:15 ` Daniel Gerber
2022-01-15 0:53 ` Sean Anderson
2022-01-18 11:50 ` Karel Zak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211124182618.1801447-1-seanga2@gmail.com \
--to=seanga2@gmail.com \
--cc=dottedmag@dottedmag.net \
--cc=id@mbekkema.name \
--cc=jpeach@apache.org \
--cc=kzak@redhat.com \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox