Re: [RFC] FUSE permission modell (Was: fuse review bits)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/12/05, Miklos Szeredi <[email protected]> wrote:
> > I think that would be _much_ nicer implemented as a mount which is
> > invisible to other users, rather than one which causes the admin's
> > scripts to spew error messages.
>> 
> > Is the namespace mechanism at all suitable for that?
> 
> It is certainly the right tool for this.  However currently private
> namespaces are quite limited.  The only sane usage I can think of is
> that before mounting the user starts a shell with CLONE_NS, and does
> the mount in this.  However all the other programs he already has
> running (editor, browser, desktop environment) won't be able to access
> the mount.
> 

I'd like to second that I think private-namespaces are the right way
to solve this sort of problem.  It also helps not cluttering the
global namespace with user-local mounts

>
> Shared subtrees and more support in userspace tools is needed before
> private namespaces can become really useful.
> 

I'd like to talk about this a bit more and start driving to a solution
here.  I've been looking at the namespace code quite a bit and was
just about to dive in and start checking into adding/fixing certain
aspects such as stackable namespaces, optional inheritence (changes in
a parent namespace are reflected in the child but not vice-versa),
etc.

One aspect I was thinking about here was a mount flag that would give
you a new private namespace (if you didn't already have one) for the
mount (and I guess that would impact any subsequent mounts from the
user in that shell).  Another option would be a 'newns' style
system-call, but I'm generally against adding new system calls.

Shared subtrees are a tricky one.  I know how we would handle it in
V9FS, but not sure how well that would translate to others
(essentially we'd re-export the subtree so other user's could mount it
individually -- but that's a very Plan 9 solution and may not be what
more UNIX-minded folks would want -- we also need to improve our own
server infrastructure to more efficiently support such a re-export).

So, to sum up I think private namespaces is the right solution, and
I'd rather put effort into making it more useful than work-around the
fact that its not practical right now.

       -eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux