Andy Lutomirski <luto@xxxxxxxxxxxxxx> writes: > On Nov 29, 2014 4:06 PM, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> wrote: >> >> >> Now that remount is properly enforcing the rule that you can't remove >> nodev at leastsandstorm.iois breaking when performing a remount. >> >> It turns out that there is an easy intuitive solution implicitly >> add nodev on remount when nodev was implicitly added on mount. > > Is this intended to be a permanent fix or are you planning on > replacing it with something closer to my version for 3.19? > > http://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=userns/fix_magic_nodev&id=bf8b198add82a249d6da4ecf280c30a0865637f6 > > I still think that the implicit nodev behavior is a bad idea in > general. I want to consider your change as part of the larger discussion about how we take the final step towards allowing fuse and other filesystems with backing store to be merged in the kernel. There are actually some other possibilities with s_user_ns in the mix. The cleanest solution is probably to declare dev_t as well as security labels values that are interpreted with respect to user namespaces. Then seeting s_user_ns != &init_user_ns will yield device nodes that simply don't have a meaning in the kernel. Which winds up being effectively the same as an implicit nodev, but without the compatibility hassle. But all of that is or should be development. And what my patch is, is about getting a simple bug fix that works. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
