394
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + − + Line 103:
Line 103: − + +
→The solution
= The problem =
= Problem =
A mount namespace is a tree of mount points. In addition, mounts have another type of dependencies which is called groups. Each mount can be a member of two groups, it can be a slave in one group and a member of another group. Currently groups can’t be set, it can be only inherited from a source mount. It is always a problem when more than one type of properties have to restored for one call. This means that we have to find a sequence of steps to get a required state.
A mount namespace is a tree of mount points. In addition, mounts have another type of dependencies which is called groups. Each mount can be a member of two groups, it can be a slave in one group and a member of another group. Currently groups can’t be set, it can be only inherited from a source mount. It is always a problem when more than one type of properties have to restored for one call. This means that we have to find a sequence of steps to get a required state.
In case of mount namespaces, one more problem is over-mounts. A few mounts may be over-mounted or processes can have file descriptors which are linked with over-mounted files.
In case of mount namespaces, one more problem is over-mounts. A few mounts may be over-mounted or processes can have file descriptors which are linked with over-mounted files.
Another difficulty is that we are not able to create bind-mounts between namespaces, but each file system have to be mounted from a specified user namespace.
Another difficulty is that we are not able to create bind-mounts between namespaces, but each file system have to be mounted from a specified user namespace.
= The solution =
= Solution =
When we see all variation of commands to build a mount tree, we can understand that the final picture may be very complicated to be repeated, so we suggest to add [https://patchwork.kernel.org/patch/9703885/ a new flag] to the mount() syscall, which allows us to add a mount into an existing group.
When we see all variation of commands to build a mount tree, we can understand that the final picture may be very complicated to be repeated, so we suggest to add [https://patchwork.kernel.org/patch/9703885/ a new flag] to the mount() syscall, which allows us to add a mount into an existing group.
= Source code =
= Source code =
[https://github.com/avagin/criu/tree/mntns-2.0 github.com/avagin/criu/tree/mntns-2.0]
* [https://github.com/avagin/criu/tree/mntns-2.0 github.com/avagin/criu/tree/mntns-2.0]
* [https://lkml.org/lkml/2017/5/9/634 [PATCH] fs: add an ioctl to get an owning userns for a superblock]
[[Category: Under the hood]]
[[Category: Under the hood]]