Hello, I am Marko Petrović. I have been using User-Mode Linux (UML) for some time and I have noticed that in the documentation it is said that UML can boot from hostfs however, hostfs exposes file permissions of the host to the UML, and changing these permissions requires that the kernel has necessary privileges on the host. In addition to that, all files are created with the ownership of the kernel's user and group since the kernel is performing file creation.
This creates obvious problems when a multiuser system is running inside UML since applications cannot create files that they own and the UML kernel forbids further access to these files. This in particular can present problems when booting from hostfs that appears to otherwise be supported. One solution would be for the kernel to run with the necessary privileges to alter file permissions and yet still access them in order to service syscalls to UML processes and another (in my humble opinion, preferable) solution would be to store permissions used by the UML kernel separately from host's permissions so that the kernel can run with standard privileges. In hope that it will be useful, I have written a patch that adds a boot option for hostfs for enabling the usage of extended attributes for storing these permissions. Extended attributes seemed like the most reasonable choice for this purpose and most Linux filesystems support them. I have also added a try for doing regular chown(2) on file creation when extended attributes are disabled. If the kernel isn't running as root, it will fall back to the old behavior. In another patch, I provide documentation update for explaining the usage of the new flag when booting from hostfs. I have also changed the "find" command that was used there so that it now skips symlinks since some symlinks point to absolute paths and that was changing permissions on the host in unintended ways. I am looking forward to your feedback on this work. P.S. I apologize if there are any grammar errors in the mail as English is not my first language. As this is my first patch, I also apologize if I have missed any part of the patch submission procedure. For future patches I will correct all encountered mistakes. _______________________________________________ linux-um mailing list linux-um@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-um
