* [9fans] 1/2 OT: per-process mounts/namespace @ Linux
@ 2007-09-07 20:09 Enrico Weigelt
2007-09-07 20:15 ` Eric Van Hensbergen
0 siblings, 1 reply; 8+ messages in thread
From: Enrico Weigelt @ 2007-09-07 20:09 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
Hi folks,
I was just reading some older mails on this list and thinking
about how to mimic the plan9 behaviour of local namespaces on
Linux. My idea is:
* each namespace is just some directory, ie. living somewhere
under /.NAMESPACES/, maybe /.NAMESPACES/<pid>/
* these namespaces are maintained by either some daemon or
an special synthetic filesystem
* processes with private namespaces are chroot()'ed to their
own namespace directory.
What do you think about this ?
cu
--
---------------------------------------------------------------------
Enrico Weigelt == metux IT service - http://www.metux.de/
---------------------------------------------------------------------
Please visit the OpenSource QM Taskforce:
http://wiki.metux.de/public/OpenSource_QM_Taskforce
Patches / Fixes for a lot dozens of packages in dozens of versions:
http://patches.metux.de/
---------------------------------------------------------------------
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 20:09 [9fans] 1/2 OT: per-process mounts/namespace @ Linux Enrico Weigelt
@ 2007-09-07 20:15 ` Eric Van Hensbergen
2007-09-07 21:26 ` David Leimbach
0 siblings, 1 reply; 8+ messages in thread
From: Eric Van Hensbergen @ 2007-09-07 20:15 UTC (permalink / raw)
To: weigelt, Fans of the OS Plan 9 from Bell Labs
Linux actually has private namespaces, its just off by default. There
is a flag to clone which can be used to establish new processes in
private namespaces (CLONENS or some such thng).
Primary downside is that its superuser only -- but you could get
around it with setuid or custom kernel.
-eric
On 9/7/07, Enrico Weigelt <weigelt@metux.de> wrote:
>
> Hi folks,
>
>
> I was just reading some older mails on this list and thinking
> about how to mimic the plan9 behaviour of local namespaces on
> Linux. My idea is:
>
> * each namespace is just some directory, ie. living somewhere
> under /.NAMESPACES/, maybe /.NAMESPACES/<pid>/
> * these namespaces are maintained by either some daemon or
> an special synthetic filesystem
> * processes with private namespaces are chroot()'ed to their
> own namespace directory.
>
>
> What do you think about this ?
>
>
> cu
> --
> ---------------------------------------------------------------------
> Enrico Weigelt == metux IT service - http://www.metux.de/
> ---------------------------------------------------------------------
> Please visit the OpenSource QM Taskforce:
> http://wiki.metux.de/public/OpenSource_QM_Taskforce
> Patches / Fixes for a lot dozens of packages in dozens of versions:
> http://patches.metux.de/
> ---------------------------------------------------------------------
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 20:15 ` Eric Van Hensbergen
@ 2007-09-07 21:26 ` David Leimbach
2007-09-07 21:38 ` Charles Forsyth
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: David Leimbach @ 2007-09-07 21:26 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
[-- Attachment #1: Type: text/plain, Size: 501 bytes --]
On 9/7/07, Eric Van Hensbergen <ericvh@gmail.com> wrote:
>
> Linux actually has private namespaces, its just off by default. There
> is a flag to clone which can be used to establish new processes in
> private namespaces (CLONENS or some such thng).
>
> Primary downside is that its superuser only -- but you could get
> around it with setuid or custom kernel.
>
> -eric
>
>
Then you have to worry about what happens when people do things like binding
over /etc/passwd :-)
[-- Attachment #2: Type: text/html, Size: 934 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 21:26 ` David Leimbach
@ 2007-09-07 21:38 ` Charles Forsyth
2007-09-07 22:21 ` Latchesar Ionkov
2007-09-07 22:45 ` ron minnich
2 siblings, 0 replies; 8+ messages in thread
From: Charles Forsyth @ 2007-09-07 21:38 UTC (permalink / raw)
To: 9fans
> Then you have to worry about what happens when people do things like binding
> over /etc/passwd :-)
no, you need to worry why that is still there.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 21:26 ` David Leimbach
2007-09-07 21:38 ` Charles Forsyth
@ 2007-09-07 22:21 ` Latchesar Ionkov
2007-09-07 22:27 ` Eric Van Hensbergen
2007-09-07 22:45 ` ron minnich
2007-09-07 22:45 ` ron minnich
2 siblings, 2 replies; 8+ messages in thread
From: Latchesar Ionkov @ 2007-09-07 22:21 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
The simple solution would be to disable setuid/setgid flags for
private namespaces of users other than root. And then (not so simple)
fix programs
that don't work :)
Lucho
On 9/7/07, David Leimbach <leimy2k@gmail.com> wrote:
>
>
> On 9/7/07, Eric Van Hensbergen <ericvh@gmail.com> wrote:
> > Linux actually has private namespaces, its just off by default. There
> > is a flag to clone which can be used to establish new processes in
> > private namespaces (CLONENS or some such thng).
> >
> > Primary downside is that its superuser only -- but you could get
> > around it with setuid or custom kernel.
> >
> > -eric
> >
> >
>
> Then you have to worry about what happens when people do things like binding
> over /etc/passwd :-)
>
>
>
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 22:21 ` Latchesar Ionkov
@ 2007-09-07 22:27 ` Eric Van Hensbergen
2007-09-07 22:45 ` ron minnich
1 sibling, 0 replies; 8+ messages in thread
From: Eric Van Hensbergen @ 2007-09-07 22:27 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
There has been extensive discussion of multiple options here -- the
least of which is the paper I presented at OLS a few years back (Glen
or Glenda: http://citeseer.ist.psu.edu/vanhensbergen05glen.html).
There's an approachable list of safeguards. Of course, if its your
desktop, you probably don't care to implement any of them...
-eric
On 9/7/07, Latchesar Ionkov <lucho@gmx.net> wrote:
> The simple solution would be to disable setuid/setgid flags for
> private namespaces of users other than root. And then (not so simple)
> fix programs
> that don't work :)
>
> Lucho
>
>
> On 9/7/07, David Leimbach <leimy2k@gmail.com> wrote:
> >
> >
> > On 9/7/07, Eric Van Hensbergen <ericvh@gmail.com> wrote:
> > > Linux actually has private namespaces, its just off by default. There
> > > is a flag to clone which can be used to establish new processes in
> > > private namespaces (CLONENS or some such thng).
> > >
> > > Primary downside is that its superuser only -- but you could get
> > > around it with setuid or custom kernel.
> > >
> > > -eric
> > >
> > >
> >
> > Then you have to worry about what happens when people do things like binding
> > over /etc/passwd :-)
> >
> >
> >
> >
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 21:26 ` David Leimbach
2007-09-07 21:38 ` Charles Forsyth
2007-09-07 22:21 ` Latchesar Ionkov
@ 2007-09-07 22:45 ` ron minnich
2 siblings, 0 replies; 8+ messages in thread
From: ron minnich @ 2007-09-07 22:45 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On 9/7/07, David Leimbach <leimy2k@gmail.com> wrote:
> Then you have to worry about what happens when people do things like binding
> over /etc/passwd :-)
See all my old stuff from 2.0.36
rules: you can only make a private name space in /private
and, by definition, no special inode bits -- which was a feature to
me, I was ambivalent on the .u extensions.
I think that made it impossible to fake out the usual stuff.
ron
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9fans] 1/2 OT: per-process mounts/namespace @ Linux
2007-09-07 22:21 ` Latchesar Ionkov
2007-09-07 22:27 ` Eric Van Hensbergen
@ 2007-09-07 22:45 ` ron minnich
1 sibling, 0 replies; 8+ messages in thread
From: ron minnich @ 2007-09-07 22:45 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On 9/7/07, Latchesar Ionkov <lucho@gmx.net> wrote:
> The simple solution would be to disable setuid/setgid flags for
> private namespaces of users other than root. And then (not so simple)
> fix programs
> that don't work :)
There's the other usual nonsense, such as device inodes etc. It's not
just setuid. But it's all pretty easy to fix.
ron
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2007-09-07 22:45 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-09-07 20:09 [9fans] 1/2 OT: per-process mounts/namespace @ Linux Enrico Weigelt
2007-09-07 20:15 ` Eric Van Hensbergen
2007-09-07 21:26 ` David Leimbach
2007-09-07 21:38 ` Charles Forsyth
2007-09-07 22:21 ` Latchesar Ionkov
2007-09-07 22:27 ` Eric Van Hensbergen
2007-09-07 22:45 ` ron minnich
2007-09-07 22:45 ` ron minnich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).