Quoting Cedric Le Goater (clg at fr.ibm.com): > Cedric Le Goater wrote: > > Hi all, > > > > Here's a second version. It's very close from the first one and takes into > > account some discussions we had with kirill on the topic during OLS. 2 > > patches follow, the first introduces the user namespace core and the last > > enables to use it with unshare. > > > > Changes [try #2] > > > > - removed struct user_namespace* argument from find_user() > > - added a root_user per user namespace > > > > execns() syscall is back in the attic for the moment. I'm still maintaining > > it and we'll see if it's of any use when we address the user space API of > > the full conainer. soon, I hope ! > > > > This user namespace patchset does not try to address all the issues that > > were raised by the previous thread on the topic, like user mapping per > > namespace, per mount, etc. It tries to solve some simple issues with the > > current implementation of containers in mind. It should be especially > > useful the existing solutions and lay ground basic objects. > > > > thanks for your comments, > > I didn't get much comments on that one. is everybody happy with it ? can we > merge ask andrew to merge in -mm ? > > thanks, Ideally we could collect Acked-by: or Signed-off-by: from Eric, Kir or Kirill, and Herbert or Sam, to show we are all in agreement. Or a NACK :) -serge
