Cedric Le Goater [clg at fr.ibm.com] wrote: | This patch adds the user namespace. | | Basically, it allows a process to unshare its user_struct table, | resetting at the same time its own user_struct and all the associated | accounting. | | A new root user (uid == 0) is added to the user namespace upon | creation. Such root users have full privileges and it seems that | theses privileges should be controlled through some means (process | capabilities ?) | | Changes [try #2] | | - removed struct user_namespace* argument from find_user() | - added a root_user per user namespace | | Signed-off-by: Cedric Le Goater <clg at fr.ibm.com> | Cc: Andrew Morton <akpm at osdl.org> | Cc: Kirill Korotaev <dev at openvz.org> | Cc: Eric W. Biederman <ebiederm at xmission.com> | Cc: Herbert Poetzl <herbert at 13thfloor.at> | Cc: Serge E. Hallyn <serue at us.ibm.com> | Cc: Dave Hansen <haveblue at us.ibm.com> | | --- | include/linux/init_task.h | 2 | include/linux/nsproxy.h | 2 | include/linux/sched.h | 4 + | include/linux/user.h | 46 +++++++++++++++ | init/Kconfig | 8 ++ | kernel/fork.c | 2 | kernel/nsproxy.c | 15 ++++- | kernel/sys.c | 5 + | kernel/user.c | 133 | ++++++++++++++++++++++++++++++++++++++++++---- | 9 files changed, 203 insertions(+), 14 deletions(-) The changes look fine to me :-) It may help though to put the changes to header files first. Also is there a way to force diffstat to list files in same order as in the patch ?
