From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 31434 invoked from network); 28 Oct 2023 16:52:54 -0000
Received: from tb-ob0.topicbox.com (64.147.108.117)
  by inbox.vuxu.org with ESMTPUTF8; 28 Oct 2023 16:52:54 -0000
Received: from tb-mx0.topicbox.com (tb-mx0.nyi.icgroup.com [10.90.30.73])
	by tb-ob0.topicbox.com (Postfix) with ESMTP id 6941F3AFBC
	for <ml@inbox.vuxu.org>; Sat, 28 Oct 2023 12:52:52 -0400 (EDT)
	(envelope-from bounce.mMf8b4d705299aeeb3bc919867.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com)
Received: by tb-mx0.topicbox.com (Postfix, from userid 1132)
	id 6690E9F543; Sat, 28 Oct 2023 12:52:52 -0400 (EDT)
ARC-Authentication-Results: i=3; topicbox.com; arc=pass (as.1.zohomail.eu=pass,
 ams.1.zohomail.eu=pass) smtp.remote-ip=31.186.226.225; dkim=pass (2048-bit
 rsa key sha256) header.d=rdklein.fr header.i=edou@rdklein.fr
 header.b=kr6kZlWS header.a=rsa-sha256 header.s=zoho x-bits=2048; dmarc=none
 policy.published-domain-policy=none policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,d=none,d.eval=none)
 policy.policy-from=p header.from=rdklein.fr; spf=pass
 smtp.mailfrom=edou@rdklein.fr smtp.helo=sender11-op-o11.zoho.eu;
 x-internal-arc=fail (as.2.topicbox.com=pass, ams.2.topicbox.com=fail (message
 has been altered), as.1.zohomail.eu=pass, ams.1.zohomail.eu=fail (message has
 been altered)) (Message modified while forwarding at Topicbox)
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=
	topicbox.com; h=references:from:to:cc:subject:date:in-reply-to
	:message-id:mime-version:content-type:list-help:list-id
	:list-post:list-subscribe:reply-to:content-transfer-encoding
	:list-unsubscribe; s=sysmsg-1; t=1698511972; bh=XOU068pOmt6pnJrI
	cC13qHGZdSxM38H/uikOzt70T50=; b=jVykX6ppNzrTIwSx+Rkepe6/wMwYYWlq
	iustt03Am9E0RqGDH35BFkNBLwsHZE8w/qrzc4rAL1IqLU+5eS+UyAfdDkyRtofE
	0IOyLaB5dAEj8HaMJJOJPDpoOvO0eevabtHsD63hso9BEE7Q7lyERIzM3fOBdWeX
	Wl5ZU2zKEQw=
ARC-Seal: i=3; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t=
	1698511972; b=CUv1H4RC5ZADVNiHjow5uebyD7G44N0Kqh4e3qygIcPoiQ4klh
	qhP/eyvpQUk9SDA5Qwv9FcLKEfvcfG9xSuuAcnKadQMpB0XxVfvWHoa+RCFfBkqq
	D1Eywkevqr9qHrRvIyxfoEgI/JZVTiRov/6cESxWyK1y/iKD/sLOtra8w=
Authentication-Results: topicbox.com; arc=pass (as.1.zohomail.eu=pass,
 ams.1.zohomail.eu=pass) smtp.remote-ip=31.186.226.225; dkim=pass (2048-bit
 rsa key sha256) header.d=rdklein.fr header.i=edou@rdklein.fr
 header.b=kr6kZlWS header.a=rsa-sha256 header.s=zoho x-bits=2048; dmarc=none
 policy.published-domain-policy=none policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,d=none,d.eval=none)
 policy.policy-from=p header.from=rdklein.fr; spf=pass
 smtp.mailfrom=edou@rdklein.fr smtp.helo=sender11-op-o11.zoho.eu;
 x-internal-arc=fail (as.2.topicbox.com=pass, ams.2.topicbox.com=fail (message
 has been altered), as.1.zohomail.eu=pass, ams.1.zohomail.eu=fail (message has
 been altered)) (Message modified while forwarding at Topicbox)
X-Received-Authentication-Results: tb-mx1.topicbox.com; arc=pass
 (as.1.zohomail.eu=pass, ams.1.zohomail.eu=pass)
 smtp.remote-ip=31.186.226.225; bimi=skipped (DMARC did not pass); dkim=pass
 (2048-bit rsa key sha256) header.d=rdklein.fr header.i=edou@rdklein.fr
 header.b=kr6kZlWS header.a=rsa-sha256 header.s=zoho x-bits=2048; dmarc=none
 policy.published-domain-policy=none policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,d=none,d.eval=none)
 policy.policy-from=p header.from=rdklein.fr; iprev=pass
 smtp.remote-ip=31.186.226.225 (sender11-op-o11.zoho.eu); spf=pass
 smtp.mailfrom=edou@rdklein.fr smtp.helo=sender11-op-o11.zoho.eu;
 x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass
 smtp.helo=sender11-op-o11.zoho.eu policy.ptr=sender11-op-o11.zoho.eu;
 x-return-mx=pass header.domain=rdklein.fr policy.is_org=yes (MX Records
 found: mx3.zoho.eu,mx2.zoho.eu,mx.zoho.eu); x-return-mx=pass
 smtp.domain=rdklein.fr policy.is_org=yes (MX Records found:
 mx3.zoho.eu,mx2.zoho.eu,mx.zoho.eu); x-tls=pass smtp.version=TLSv1.2
 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0
 state=0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=references
	:from:to:cc:subject:date:in-reply-to:message-id:mime-version
	:content-type:list-help:list-id:list-post:list-subscribe
	:reply-to:content-transfer-encoding:list-unsubscribe; s=dkim-1;
	 t=1698511972; x=1698598372; bh=gBJRM3V7NaXZKdyWwRCPLBSTUgSrSuov
	EL7F47UxNro=; b=EE92BZ9PFsT1zSNSqearSjQ1g551u0O8WlPsl2Wi3Ev93W2C
	GHLlQbgUHlzC8TW8fWED7mJHUfBHKqZT191w6p5Dp0ahRNYl135Hj9V6L4PRtaEr
	xD430AKL1x66U0UVJVIUP68wuqUkrw1PjZbhSD6djdTRRKAtN3Grg1AsXDQ=
Received: from tb-mx1.topicbox.com (localhost.local [127.0.0.1])
	by tb-mx1.topicbox.com (Postfix) with ESMTP id 0F21818667D
	for <9fans@9fans.net>; Sat, 28 Oct 2023 12:52:41 -0400 (EDT)
	(envelope-from edou@rdklein.fr)
Received: from tb-mx1.topicbox.com (localhost [127.0.0.1])
    by tb-mx1.topicbox.com (Authentication Milter) with ESMTP
    id 319BCEBB6AD;
    Sat, 28 Oct 2023 12:52:41 -0400
ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=arcseal; t=
    1698511960; b=wBzaChQa5sgKKl8wj2br+b+MlrCRfms7MHr01sBmAWGeQXzWQA
    0zLi4VQp4XAuc/mQBnzquM7E0LRdNqYBk7NU5yN0AtgcvUM+nnoz5/zM7Ba32JNB
    z2zs6K8nGD9CWjk9LnJRDUc6L5/pmFI0/U+IHCXmnRd3syxrKwC9/e/5CaAQIu2x
    k28VdJyGkP04QkU0LcYoO3AKyUDnEp4LzGKtyEkbRcyjgaA/5UEqvJlzjT+cVB3a
    1Ng6Ek4hojBQUHoLENy9SYdajAZFqPoreeKsxTMfta6FOwGpELquhWsOV1Dd/CFu
    Wj0vk5pNGNaceO3NLPyM3WeHXskjLjKHEFFw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=
    topicbox.com; h=references:from:to:cc:subject:date:in-reply-to
    :message-id:mime-version:content-type; s=arcseal; t=1698511960;
    bh=QDzJ8+Ns1hvo6oooiKtLLpwEvBCp8FXc87n3hxU1p6c=; b=D6/PyK6Kny1C
    0zN38YKWeL2U9UdPkBtuR4loBucAktCtaFqTde0Yn+/SEewqsDp8UNAGaw5cRbcB
    U+gH6yuVJePDa+tSH7wSvWYhaWMwX00AMvY6WkHvr2+mVz1rClZC6bqOHm/3TnSS
    50mwlsUZ/uhydtomLD6kuZDMnRWLsdRjb/bXOhg7AA0/st80O736yvhh4adyqV96
    pAUC1QQVRiVBNem7F18EzvRkL/sUt+WA6WlYBrQsOdG9QKKbds/FS/PB+7KJEro6
    EBkjqbF2/XTFdR0+NVRAGF358o9iYFBbxDgT2kUHcQCy7bjkCJYJAeNrOhBHZNBJ
    TWMJpr/OyQ==
ARC-Authentication-Results: i=2; tb-mx1.topicbox.com;
    arc=pass (as.1.zohomail.eu=pass, ams.1.zohomail.eu=pass)
    smtp.remote-ip=31.186.226.225;
    bimi=skipped (DMARC did not pass);
    dkim=pass (2048-bit rsa key sha256) header.d=rdklein.fr
    header.i=edou@rdklein.fr header.b=kr6kZlWS header.a=rsa-sha256
    header.s=zoho x-bits=2048;
    dmarc=none policy.published-domain-policy=none
    policy.applied-disposition=none policy.evaluated-disposition=none
    (p=none,d=none,d.eval=none) policy.policy-from=p
    header.from=rdklein.fr;
    iprev=pass smtp.remote-ip=31.186.226.225 (sender11-op-o11.zoho.eu);
    spf=pass smtp.mailfrom=edou@rdklein.fr
    smtp.helo=sender11-op-o11.zoho.eu;
    x-aligned-from=pass (Address match);
    x-me-sender=none;
    x-ptr=pass smtp.helo=sender11-op-o11.zoho.eu
    policy.ptr=sender11-op-o11.zoho.eu;
    x-return-mx=pass header.domain=rdklein.fr policy.is_org=yes
    (MX Records found: mx3.zoho.eu,mx2.zoho.eu,mx.zoho.eu);
    x-return-mx=pass smtp.domain=rdklein.fr policy.is_org=yes
    (MX Records found: mx3.zoho.eu,mx2.zoho.eu,mx.zoho.eu);
    x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384
    smtp.bits=256/256;
    x-vs=clean score=0 state=0
X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedvkedrleeigdekvdcutefuodetggdotefrodftvf
    curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr
    tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepfhgfhffvve
    fuffgjkfggtgesthdtredttdertdenucfhrhhomhepgfguohhurghrugcumfhlvghinhcu
    oegvughouhesrhgukhhlvghinhdrfhhrqeenucggtffrrghtthgvrhhnpeeiheejueffud
    evieetvddtfeevteeigffhgedtfeelgeekjefhhfetgeefvdefleenucffohhmrghinhep
    lhhkmhhlrdhorhhgpdhkvghrnhgvlhdrohhrghdpthhophhitggsohigrdgtohhmnecukf
    hppeefuddrudekiedrvddviedrvddvhedpjeelrdelhedrkeeirdegkeenucevlhhushht
    vghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeefuddrudekiedrvddviedrvddvhe
    dphhgvlhhopehsvghnuggvrhduuddqohhpqdhouddurdiiohhhohdrvghupdhmrghilhhf
    rhhomhepoegvughouhesrhgukhhlvghinhdrfhhrqe
X-ME-VSScore: 0
X-ME-VSCategory: clean
Received-SPF: pass
    (rdklein.fr: Sender is authorized to use 'edou@rdklein.fr' in 'mfrom' identity (mechanism 'include:zoho.eu' matched))
    receiver=tb-mx1.topicbox.com;
    identity=mailfrom;
    envelope-from="edou@rdklein.fr";
    helo=sender11-op-o11.zoho.eu;
    client-ip=31.186.226.225
Received: from sender11-op-o11.zoho.eu (sender11-op-o11.zoho.eu [31.186.226.225])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by tb-mx1.topicbox.com (Postfix) with ESMTPS
	for <9fans@9fans.net>; Sat, 28 Oct 2023 12:52:39 -0400 (EDT)
	(envelope-from edou@rdklein.fr)
ARC-Seal: i=1; a=rsa-sha256; t=1698511957; cv=none; 
	d=zohomail.eu; s=zohoarc; 
	b=cXDF5qmww1Piu0lCidzo3Zl36sAo3r0ER+x3ZxzhgVFjML1l5SR+beqEOwzHZbcyGwHQ2/oG0Uxcp399C/WsaTjB8Uv+POcopgt1tkf/LQIIT0POrhJpWBB2hQxfWeORgib6uDuUOxYADZJHdkbGEA3vng4sS7WXhLfhox4cNXU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; 
	t=1698511957; h=Content-Type:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; 
	bh=QDzJ8+Ns1hvo6oooiKtLLpwEvBCp8FXc87n3hxU1p6c=; 
	b=TrDBvZHy8jj7BT7dxHVkQj0nqKcxIg2cQeZQooIqLILoo02/Qb+ZAYAvza8js+ettHCyH0lVObiVlkZXCvo0uG5OsijqcPtKtaM7V0ZQ6+wRcac28xIBVcup+PKwVzrksfTjMoNeZw0Qpzb/ND8YblE8rby7oeKkYppTnPvaNZs=
ARC-Authentication-Results: i=1; mx.zohomail.eu;
	dkim=pass  header.i=rdklein.fr;
	spf=pass  smtp.mailfrom=edou@rdklein.fr;
	dmarc=pass header.from=<edou@rdklein.fr>
Received: from venerable (48.86.95.79.rev.sfr.net [79.95.86.48]) by mx.zoho.eu
	with SMTPS id 1698511953715300.8312939887933; Sat, 28 Oct 2023 18:52:33 +0200 (CEST)
References: <87jzr8rqwh.fsf@rdklein.fr>
 <16984244950.678D8a2.80641@composer.9fans.topicbox.com>
 <87v8aqbx57.fsf@rdklein.fr>
User-agent: mu4e 1.8.9; emacs 28.2
From: Edouard Klein <edou@rdklein.fr>
To: 9fans <9fans@9fans.net>
Cc: moody@posixcafe.org
Subject: Re: [9fans] Re: Mounting a 9P filesystem under a Linux "user
 namespace"
Date: Sat, 28 Oct 2023 18:52:14 +0200
In-reply-to: <87v8aqbx57.fsf@rdklein.fr>
Message-ID: <87msw2bsfk.fsf@rdklein.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-ZohoMailClient: External
Topicbox-Policy-Reasoning: allow: sender is a member
Topicbox-Message-UUID: 6b0e8610-75b2-11ee-b3df-995880e157ac
Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?=
 =?UTF-8?B?ZmFucy9UYjVkMDM5ZjY3NWM1NDA0Ni1NZjhiNGQ3MDUyOTlhZWViM2JjOTE5?=
 =?UTF-8?B?ODY3Pg==?=
List-Help: <https://9fans.topicbox.com/groups/9fans>
List-Id: "9fans" <9fans.9fans.net>
List-Post: <mailto:9fans@9fans.net>
List-Software: Topicbox v0
List-Subscribe: <https://9fans.topicbox.com/groups/9fans>
Precedence: list
Reply-To: 9fans <9fans@9fans.net>
Content-Transfer-Encoding: quoted-printable
List-Unsubscribe: <https://9fans.topicbox.com/groups/9fans>,
 <mailto:9fans+unsubscribe@9fans.net?subject=x-tx-unsubscribe:2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mf8b4d705299aeeb3bc919867:1:wO_qQ-Ok5YMv7BShscXMWlNrc8dMYo7bH8Z3ooOAssk>
Topicbox-Delivery-ID:
 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mf8b4d705299aeeb3bc919867:1:IMZvBdVmw8yD5Gsu_PugbZU4jxveHFL767_zsL0ZUc0

For the record here is the lkml post
https://lkml.org/lkml/2023/10/28/155
Edouard Klein <edou@rdklein.fr> writes:

> Thanks Moody for the nudge in a direction I hadn't explored.
>
> It seems that Linux does not see 9p as been safe to mount without
> privilege. From what I understand, only FS with the FS_USERNS_MOUNT flag
> can be mounted in a user namespace. It seems that v9fs is not one of
> them:
>
> For example, tmpfs is a safe FS, and I can do:
> unshare --user --map-root-user --mount
> mount -t tmpfs tmpfs mnt/mnt1/
>
> and it works.
>
> However, if I do:
> unshare --user --map-root-user --mount
> mount -t 9p -o trans=3Dunix /run/9p/srv4 mnt/mnt1
>
> I get  mount: /home/edouard/mnt/mnt1: permission denied.
>
>
> I've sent an email to the linux kernel mailing list to see if somebody
> there has any up to date information.
>
> Somebody tried the same thing in 2018:
> https://lore.kernel.org/all/39b08c53-3449-3164-c1b1-44ac587dd4ea@metux.ne=
t/T/
> Seemingly without succeeding.
>
> The end of the above thread is a bit worrying:
>>  plan9fs would
>> also be a candidate for that kind of treatment if it had a maintainer.
>
> I did not know v9fs was unmaintained, I find that a bit surprising. It
> does work very reliably.
>
> I'll keep this list updated as I make progress.
>
> Cheers,
>
> Edouard
>
> moody@posixcafe.org writes:
>
>> Edouard,
>>
>> I am no Linux expert, but I think if you create a mount namespace as par=
t of
>> the user namespace you will be allowed to execute mounts without root. In
>> terms of clients, I am not aware
>> of any other then the one within the linux kernel.
>>
>> Regards,
>> Moody
>> 9fans / 9fans / see discussions + participants + delivery options Permal=
ink

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/Tb5d039f675c54046-Mf8b4d=
705299aeeb3bc919867
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription