On Fri, 2 Jun 2000, Andries Brouwer wrote:
> In fact I think that the present implementation was a mistake.
> We do not want a bind without privileges and with global effect.
> We want the bind that one user does to affect only his own namespace.
Erm... Namespace == connected component of vfsmount forest. As soon as we
get GC on vfsmounts - that's it, we can have namespaces and all the stuff
(mount, umount, bind) will act as it does - on the namespace of your
process. There is no such thing as "global namespace", the only reason why
it looks that way now is the lack of CLONE_NAMESPACE. Per-user namespaces
are bogus, what you want is the ability to copy namespace upon clone()
instead of sharing the thing with parent. Yes, if login(1) always does it
you will, in effect, get per-user namespaces, but that's the userland
decision. All system calls act on the namespace of your process, indeed -
just as they do now. No changes in data structures needed.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:16 EST