[patch 5/9] unprivileged mounts: allow unprivileged bind mounts
Miklos Szeredi
miklos at szeredi.hu
Tue Jan 8 11:08:34 PST 2008
> On Tue, 2008-01-08 at 12:35 +0100, Miklos Szeredi wrote:
> > +static int reserve_user_mount(void)
> > +{
> > + int err = 0;
> > +
> > + spin_lock(&vfsmount_lock);
> > + if (nr_user_mounts >= max_user_mounts && !capable(CAP_SYS_ADMIN))
> > + err = -EPERM;
> > + else
> > + nr_user_mounts++;
> > + spin_unlock(&vfsmount_lock);
> > + return err;
> > +}
>
> Would -ENOSPC or -ENOMEM be a more descriptive error here?
The logic behind EPERM, is that this failure is only for unprivileged
callers. ENOMEM is too specifically about OOM. It could be changed
to ENOSPC, ENFILE, EMFILE, or it could remain EPERM. What do others
think?
Miklos
More information about the Containers
mailing list