[PATCH 2/8] user_ns: Introduce user_nsmap_uid and user_ns_map_gid.

Eric W. Biederman ebiederm at xmission.com
Tue Jun 15 15:37:51 PDT 2010


Pavel Emelyanov <xemul at openvz.org> writes:

> On 06/13/2010 05:28 PM, Eric W. Biederman wrote:
>> 
>> Define what happens when a we view a uid from one user_namespace
>> in another user_namepece.
>> 
>> - If the user namespaces are the same no mapping is necessary.
>> 
>> - For most cases of difference use overflowuid and overflowgid,
>>   the uid and gid currently used for 16bit apis when we have a 32bit uid
>>   that does fit in 16bits.  Effectively the situation is the same,
>>   we want to return a uid or gid that is not assigned to any user.
>> 
>> - For the case when we happen to be mapping the uid or gid of the
>>   creator of the target user namespace use uid 0 and gid as confusing
>>   that user with root is not a problem.
>> 
>> Signed-off-by: Eric W. Biederman <ebiederm at xmission.com>
>
> I suppose this one should go via Andrew, not Dave.

If it was stand alone I would send it that way.

In this case I'm hope Dave will indulge me because this bit is
simple, the only user for now is the network stack, and the people
maintaining the code have already acked the patch.

Eric


More information about the Containers mailing list