"Michael Kerrisk" <mtk.manpages@xxxxxxxxxxxxxx> writes: > Hi Eric, > > On Wed, Nov 19, 2008 at 8:41 PM, Eric W. Biederman > <ebiederm@xxxxxxxxxxxx> wrote: >> "Michael Kerrisk" <mtk.manpages@xxxxxxxxxxxxxx> writes: >> >>> Hi Serge, >>> >>> What is the current status of CLONE_NEWUSER? I'm currently trying to >>> test this flag in preparation for documenting it in the clone(2) man >>> page, but am running into an ENOMEM error from the clone() call, which >>> seems to occur after a failure in kobject_init_and_add() in the >>> following call sequence: >>> >>> clone_user_ns() --> alloc_uid() --> uids_user_create() --> >>> kobject_init_and_add() >>> >>> Are there already some test programs somewhere? Is there any >>> documentation already available for this flag? >> >> This code is definitely still under development. >> >> When complete it should be able to create a new uid namespace, >> as an unprivileged user. Creating a new process with uid == gid == 0. >> Have a full set of caps. And have permission to do nothing on the system >> except read world readable files and write world writable files. > > Thanks for the info, > > So the error I described is expected? I don't think so. Serge? Eric -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
