All of lore.kernel.org
 help / color / mirror / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Colin Walters <walters@verbum.org>,
	LKML <linux-kernel@vger.kernel.org>,
	alan@lxorguk.ukuu.org.uk, morgan@kernel.org, luto@mit.edu,
	kzak@redhat.com, Steve Grubb <sgrubb@redhat.com>
Subject: Re: chroot(2) and bind mounts as non-root
Date: Mon, 19 Dec 2011 01:22:31 -0800	[thread overview]
Message-ID: <m1r500j4q0.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <20111219040604.GA2205@hallyn.com> (Serge E. Hallyn's message of "Mon, 19 Dec 2011 04:06:04 +0000")

"Serge E. Hallyn" <serge@hallyn.com> writes:

> If I understand you both right, I think what Eric said here is not relevant
> to what Colin cares about.

As long as Colin only cares about being able to be the root user I
agree.  If Colin needs several uids during his build that is trickier.
But it sounds like Colin just needs to have a chroot build environment and
for that a single user sounds good enough.

Being able to use the other namespaces to get a good isolation from the
host environment is also nice and especially the pid namespace can
guarantee that processes won't escape his build environment.

> The mapping Eric is talking about here is new even to me, but I think it
> is an implementation detail referring to a proposal where each uid in the
> container maps to a real uid on the host.  The only thing about that mapping
> that matters is that none of the host uids conflict with existing host
> uids (or uids mapped for other containers).  Now if you want to do cool
> things like map uid 501 on the host to 1001 in the container as well as
> 502 on the host to 1010 in the container, that will be supported - and I
> think that's what Eric is referring to.
>
> But for the sake of fire-off-a-build, you can ignore that and use random
> uids on the host side of the mapping.

It is one of those worse is better implementation details but we can
discuss that more when I start posting patches in January. 

I am not an immediate fan of writing random uids to disk.  Uids being
persistent can be interesting to deal with if those uids are ever
reused.

Right now my implementation supports just 5 non-overlapping uid mapping
ranges.  Which is enough to cover a lot of uids but still fit within one
cacheline.  And I think to keep stat reasonable fast I want at to fit in
a cacheline at least for now.  Oy.  Hopefully it isn't too hard to find
some benchmarks to prove this out.  I expect the torture case is to
time ls -l in a huge directory with a lot of files, owned by a lot of
different users.

Eric

  reply	other threads:[~2011-12-19  9:21 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-07 17:54 chroot(2) and bind mounts as non-root Colin Walters
2011-12-07 19:36 ` John Stoffel
2011-12-08 16:10   ` Colin Walters
2011-12-08 18:14     ` John Stoffel
2011-12-08 18:26       ` Colin Walters
2011-12-09  0:49         ` Sven-Haegar Koch
2011-12-09 14:55         ` John Stoffel
2011-12-09 15:06           ` Colin Walters
2011-12-08 17:04   ` Arnd Bergmann
2011-12-08 17:15     ` Colin Walters
2011-12-07 19:40 ` Andy Lutomirski
2011-12-08 16:58   ` Colin Walters
2011-12-07 20:34 ` H. Peter Anvin
2011-12-07 20:54   ` Alan Cox
2011-12-15 18:55     ` Andrew G. Morgan
2011-12-16 15:44       ` Colin Walters
2011-12-18  1:22         ` Andrew G. Morgan
2011-12-18 15:19           ` Colin Walters
2011-12-10  5:29 ` Serge E. Hallyn
2011-12-12 16:41   ` Colin Walters
2011-12-12 23:11     ` Serge E. Hallyn
2011-12-15 20:56       ` Colin Walters
2011-12-16  6:14         ` Eric W. Biederman
2011-12-18 16:01           ` Colin Walters
2011-12-19  0:55             ` Eric W. Biederman
2011-12-19  4:06               ` Serge E. Hallyn
2011-12-19  9:22                 ` Eric W. Biederman [this message]
2011-12-20 16:49                   ` Colin Walters
2011-12-20 21:23               ` Colin Walters
2011-12-21 18:15           ` Steve Grubb
2012-01-03 23:13             ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m1r500j4q0.fsf@fess.ebiederm.org \
    --to=ebiederm@xmission.com \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=kzak@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@mit.edu \
    --cc=morgan@kernel.org \
    --cc=serge@hallyn.com \
    --cc=sgrubb@redhat.com \
    --cc=walters@verbum.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.