> On Apr 13, 2023, at 23:51, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote: > > On Fri, Apr 14, 2023 at 03:28:45AM +0000, Trond Myklebust wrote: > >> We already have support for directory file descriptors when mounting with move_mount(). Why not add a umountat() with similar support for the unmount side? >> Then add a syscall to allow users with (e.g.) the CAP_DAC_OVERRIDE privilege to convert the mount-id into an O_PATH file descriptor. > > You can already do umount -l /proc/self/fd/69 if you have a descriptor. > Converting mount-id to O_PATH... might be an interesting idea. A dedicated umountat() might avoid the need for the lazy flag, if it were allowed to close the descriptor on success for the special case of an empty path. Looking more closely, it would seem that CAP_DAC_READ_SEARCH might be a sufficient privilege requirement for the mount-id -> O_PATH syscall. _________________________________ Trond Myklebust Linux NFS client maintainer, Hammerspace trond.myklebust@xxxxxxxxxxxxxxx