[lxc-devel] usernsselfmap
Eric W. Biederman
ebiederm at xmission.com
Thu Mar 7 04:27:58 UTC 2013
Serge Hallyn <serge.hallyn at ubuntu.com> writes:
> Quoting Eric W. Biederman (ebiederm at xmission.com):
> ...
>> For what it's worth. If you are going to do a combined binary, and you
>> are just going to worry about yourself. You don't have to fork to
>> write /proc/self/uid_map with 0 $old_uid 1.
>
> Well, shoot! I figured since we'd already unshared, our uid was 65534 /
> -1, and there was no sensible value to insert. Just tried with the orig
> uid and it works. Neato.
Yes.
My shell example has to jump through hoops because exec drops the caps,
and because as an example it implements the general case.
>> I had originally hoped to do an upcall to validate other writes to
>> /proc/self/uid_map but code was never solid and I went with what works
>> now.
>
> Right, I remember that. This isn't so bad in the end
No.
Eric
More information about the lxc-devel
mailing list