Eric, thanks for the response. On 27/05/14 11:39, Eric W. Biederman wrote: >> Do I understand this correctly as a problem, or does it work as >> > intended? If latter, do you have any insights on how to achieve running >> > containers in this scenario? > If the permission check is made on the kernel with user namespaces we > can reasonablly make it work. Otherwise we can not. That is a danger > of using remote filesystems they can sometimes have weird arbitrary > rules you were not expected. > I'm using diod as the 9p server, and it seems that it receives the calling UID as -2 from the 9p kernel module on the client side, which has user namespaces enabled. Cheers, Alin. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
