[PATCH 3/4] userns/inotify: Initial implementation of inotify per-userns
Eric W. Biederman
ebiederm at xmission.com
Fri Jul 8 15:08:24 UTC 2016
Nikolay Borisov <kernel at kyup.com> writes:
> Having started writing the code I just realized it's possible that 2
> uids in different namespaces map to the same KUID, depending on how the
> UID map is setup, right? If that's the case then I guess it will make
> sense to actually hold kuid + userns pointer in nsuser_state to be able
> to distinguish between the state of kuid 1500 in userns1 and kuid1500 in
> userns2. Does that make sense?
Yes, very much so.
Especially in nested user namespaces this is not only possible but
required.
Eric
More information about the Containers
mailing list