[PATCH RESEND] userns: enable tmpfs support for user namespace
Eric W. Biederman
ebiederm at xmission.com
Fri Jan 18 06:04:48 UTC 2013
Glauber Costa <glommer at parallels.com> writes:
> On 01/17/2013 09:29 PM, Eric W. Biederman wrote:
>> Serge Hallyn <serge.hallyn at canonical.com> writes:
>>
>>> Quoting Eric W. Biederman (ebiederm at xmission.com):
>>>> Serge Hallyn <serge.hallyn at canonical.com> writes:
>>>>
>>>>> I actually was waiting for Eric to do it, but I'll happily send it
>>>>> to linux-fsdevel and lkml (in a bit).
>>>>
>>>> I might just.
>>>>
>>>> I will take a look at this in a week or so. I want to get through the
>>>> core userspace bits first so I can just cross those off my list of
>>>> things that need to be done.
>>>>
>>>> Eric
>>>
>>> Ok, I'll wait on sending it then - thanks.
>>
>> Next up is my patch to shadow-utils and then taking a good hard stare at
>> what is left kernel side.
>>
>> One of the questions I need to answer is: Do cgroups actually work
>> for what needs to be limited? Or does the the focus of cgroups on
>> processes without other ownership in objects fundamentally limit what
>> can be expressed with cgroups in a problematic way. In which case would
>> some hierarchical limits based on user namespaces and rlimits be easier
>> to implement and make more sense.
>>
>> I think the answer will be that cgroups are good enough but that
>> question certainly needs looking at.
>>
>> Anyway. shadow-utils, minimal tmpfs, minimal devpts, and then the rest.
>>
> First easy question:
>
> cgroups are not necessarily configured.
>
> IIUC, the aim of this patch is to allow unprivileged mounts of tmpfs
> relying on the fact that cgroups will stop memory abuse (correct me if I
> am wrong).
>
> But what if the user is not using cgroups?
The requirement for tmpfs to be safe is that there should be a control
that root can use to prevent DOS attacks. If you don't choose to use
what is available then shrug.
Eric
More information about the Containers
mailing list