We had a discussion in the hackroom at LPC talking about use cases for a shiftfs style setup where there are different mappings of uids to disk. In the discussion we had a couple of ideas of kernel developments we should look at that address some of these. - Fix rlimits in user namespaces (This potentially allows multiple containers to run with the same userids simplifying the mapping problem). - Look at extending kuid_t to 64bits and using the highbits to implement uids that are private to user namespaces and don't map out. - Look at ways for allowing setgroups unprivileged. Together this has the potential that the existing uid & gid mappings will be able to function the same as the proposed fusid mappings. Fingers crossed. I had some problems with audio and a lot of people were talking quickly. So I did not manage to capture everyone's use cases. And I definitely was not able to see how everyone's use cases interacted with the changes we are looking at. I know for certain I missed Serge's usecase (apologies). Can people follow up to this and report their use cases? There are some real challenges and I would like to see if we can solve them, while avoiding scary problems like changing uids on write. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
