UBUNTU: SAUCE: shiftfs: uid/gid shifting bind mount
BugLink: https://bugs.launchpad.net/bugs/1823186
This allows any subtree to be uid/gid shifted and bound elsewhere. It
does this by operating simlarly to overlayfs. Its primary use is for
shifting the underlying uids of filesystems used to support
unpriviliged (uid shifted) containers. The usual use case here is
that the container is operating with an uid shifted unprivileged root
but sometimes needs to make use of or work with a filesystem image
that has root at real uid 0.
The mechanism is to allow any subordinate mount namespace to mount a
shiftfs filesystem (by marking it FS_USERNS_MOUNT) but only allowing
it to mount marked subtrees (using the -o mark option as root). Once
mounted, the subtree is mapped via the super block user namespace so
that the interior ids of the mounting user namespace are the ids
written to the filesystem.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
[ saf: use designated initializers for path declarations to fix errors
with struct randomization ]
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
[update: port to 5.0]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Acked-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
projects / mirror_ubuntu-focal-kernel.git / commit