The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at
https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit 64c293d648aac1f7b08a7a7dfd5a67e0c059d5b4
Author: Vasily Averin <v...@virtuozzo.com>
Date: Fri Oct 1 18:40:17 2021 +0300
ve/sunrpc: Enable rpc_pipefs mounts in Container root user namespace
This patch enables rpc_pipefs mounts inside Containers,
required for nfsd in SLES11-based Containers.
https://jira.sw.ru/browse/PSBM-86395
Signed-off-by: Vasily Averin <v...@virtuozzo.com>
eshatokhin@:
Used FS_VE_MOUNT as suggested by Pavel Tikhomirov (ptikhomirov@) instead
of FS_USERNS_MOUNT: it is better to allow mounts only from the init
userns of a container rather than from just any userns.
Done in the scope of https://jira.sw.ru/browse/PSBM-127830.
Cherry-picked from vz7 commit 38505601d0b7 ("ve/sunrpc: enable
rpc_pipefs mounts inside non-init user namespaces")
Signed-off-by: Evgenii Shatokhin <eshatok...@virtuozzo.com>
(cherry-picked from vz8 commit 2e319b6173a1 ("ve/sunrpc: Enable rpc_pipefs
mounts in Container root user namespace"))
Signed-off-by: Nikita Yushchenko <nikita.yushche...@virtuozzo.com>
---
net/sunrpc/rpc_pipe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index c6f227b8fb8d..d9a0c5705121 100644
--- a/net/sunrpc/rpc_pipe.c
+++ b/net/sunrpc/rpc_pipe.c
@@ -1474,7 +1474,7 @@ static struct file_system_type rpc_pipe_fs_type = {
.name = "rpc_pipefs",
.init_fs_context = rpc_init_fs_context,
.kill_sb = rpc_kill_sb,
- .fs_flags = FS_VIRTUALIZED,
+ .fs_flags = FS_VIRTUALIZED | FS_VE_MOUNT,
};
MODULE_ALIAS_FS("rpc_pipefs");
MODULE_ALIAS("rpc_pipefs");
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
