[PATCH RESEND] userns: enable tmpfs support for user namespace

Eric W. Biederman ebiederm at xmission.com
Fri Jan 18 06:04:48 UTC 2013


Glauber Costa <glommer at parallels.com> writes:

> On 01/17/2013 09:29 PM, Eric W. Biederman wrote:
>> Serge Hallyn <serge.hallyn at canonical.com> writes:
>> 
>>> Quoting Eric W. Biederman (ebiederm at xmission.com):
>>>> Serge Hallyn <serge.hallyn at canonical.com> writes:
>>>>
>>>>> I actually was waiting for Eric to do it, but I'll happily send it
>>>>> to linux-fsdevel and lkml (in a bit).
>>>>
>>>> I might just.
>>>>
>>>> I will take a look at this in a week or so.  I want to get through the
>>>> core userspace bits first so I can just cross those off my list of
>>>> things that need to be done.
>>>>
>>>> Eric
>>>
>>> Ok, I'll wait on sending it then - thanks.
>> 
>> Next up is my patch to shadow-utils and then taking a good hard stare at
>> what is left kernel side.
>> 
>> One of the questions I need to answer is:  Do cgroups actually work
>> for what needs to be limited?  Or does the the focus of cgroups on
>> processes without other ownership in objects fundamentally limit what
>> can be expressed with cgroups in a problematic way.  In which case would
>> some hierarchical limits based on user namespaces and rlimits be easier
>> to implement and make more sense.
>> 
>> I think the answer will be that cgroups are good enough but that
>> question certainly needs looking at.
>> 
>> Anyway.  shadow-utils, minimal tmpfs, minimal devpts, and then the rest.
>> 
> First easy question:
>
> cgroups are not necessarily configured.
>
> IIUC, the aim of this patch is to allow unprivileged mounts of tmpfs
> relying on the fact that cgroups will stop memory abuse (correct me if I
> am wrong).
>
> But what if the user is not using cgroups?

The requirement for tmpfs to be safe is that there should be a control
that root can use to prevent DOS attacks.  If you don't choose to use
what is available then shrug.

Eric



More information about the Containers mailing list