On Mon, 2017-01-16 at 13:02 -0500, Oleg Drokin wrote: > On Jan 16, 2017, at 12:32 PM, James Bottomley wrote: > > > On Sun, 2017-01-15 at 18:38 -0500, Oleg Drokin wrote: > > > A container support from filesystems is also very relevant to > > > us > > > since Lustre is used more and more in such settings. > > > > I've added the containers ML to the cc just in case. Can you add > > more > > colour to this, please? What container support for filesystems do > > you > > think we need beyond the user namespace in the superblock? > > Namespace access is necessary, we might need it before the superblock > is there too (say during mount we might need kerberos credentials > fetched to properly authenticate this mount instance to the server). The superblock namespace is mostly for uid/gid changes across the kernel <-> filesystem boundary. The actual container namespaces will already be set up by the time the mount is done (assuming mount within a container), so you have them all present. Usually you get the information for credentials from a combination of the UTS namespace (host/domain name) and the mount namespace (credentials provisioned to container filesystem). Perhaps if you described the actual problem you're seeing rather than try to relate it to what I said about superblock namespace (which is probably irrelevant), we could figure out what the issue is. James -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
