From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yb0-f196.google.com ([209.85.213.196]:34273 "EHLO mail-yb0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934860AbeE2Pkv (ORCPT ); Tue, 29 May 2018 11:40:51 -0400 Received: by mail-yb0-f196.google.com with SMTP id i1-v6so5237777ybe.1 for ; Tue, 29 May 2018 08:40:51 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <87o9h6554f.fsf@xmission.com> References: <87o9h6554f.fsf@xmission.com> From: Dongsu Park Date: Tue, 29 May 2018 17:40:50 +0200 Message-ID: Subject: Re: [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts To: "Eric W. Biederman" Cc: Linux Containers , linux-fsdevel@vger.kernel.org, Seth Forshee , LKML , Christian Brauner Content-Type: text/plain; charset="UTF-8" Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Hi, On Thu, May 24, 2018 at 1:22 AM, Eric W. Biederman wrote: > > Very slowly the work has been progressing to ensure the vfs has the > necessary support for mounting filesystems without privilege. > > This patchset contains one more core piece of that work, ensuring a few > more operations that would write back an inode and confuse an exisiting > filesystem are denied. > > The rest of the changes actually enable userns root to do things with > filesystems that the userns root has mounted. Most of these have been > waiting in the wings a long time, held back because I wanted the core > of the patchset to be solid before I started allowing additional > behavor. > > It is definitely time for these changes so the effect of s_user_ns > becomes less theoretical. > > The change to allow mknod is new, but consistent with everything else > and harmless as device nodes on filesystems mounted without privilege > are ignored. > > Unless problems show up in the during review I plan to merge these changes. Thank you for the great work. I have been looking forward to seeing it. I have just gathered available relevant patches in my branch: https://github.com/kinvolk/linux/tree/dongsu/fuse-userns-for-4.18 With this branch, I tested sshfs/fuse from non-init user namespace. It works fine as expected. So you can add: Tested-by: Dongsu Park Thanks! Dongsu > These changes are also available at: > git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-test > > Eric W. Biederman (5): > vfs: Don't allow changing the link count of an inode with an invalid uid or gid > vfs: Allow userns root to call mknod on owned filesystems. > fs: Allow superblock owner to replace invalid owners of inodes > fs: Allow superblock owner to access do_remount_sb() > capabilities: Allow privileged user in s_user_ns to set security.* xattrs > > Seth Forshee (1): > fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems > > fs/attr.c | 36 ++++++++++++++++++++++++++++-------- > fs/ioctl.c | 4 ++-- > fs/namei.c | 16 ++++++++++++---- > fs/namespace.c | 4 ++-- > security/commoncap.c | 8 ++++++-- > 5 files changed, 50 insertions(+), 18 deletions(-) > > Eric > _______________________________________________ > Containers mailing list > Containers@lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/containers