[Devel] Re: [PATCH 0/3] keys: play nicely with user namespaces
Serge E. Hallyn
serue at us.ibm.com
Thu Dec 18 09:46:13 PST 2008
Quoting David Howells (dhowells at redhat.com):
>
> Try:
>
> http://people.redhat.com/~dhowells/keys/keyutils/keyutils-tests.tar.bz2
>
> There were three updates required:
>
> (1) chown is now supported.
>
> (2) keyctl unlink does old keyring pointer block destruction lazily, and so a
> wait is required for the key being unlinked to be destroyed.
>
> (3) Anonymous session keyrings are now called "_ses" rather than "_ses.<pid>".
>
> I've also made the following changes:
>
> (4) The name of the output file for each test is printed:
>
> === /mnt/testarea/tmp.y9MVa88S ===
>
> (5) If a failure occurs, 'keyctl show' is dumped into the output file.
Cool, thanks. I needed the following change to toolbox.inc.sh.orig in
order to be able to run with >1 user namespaces:
36c36
< maxsquota=`grep '^ *0': /proc/key-users | sed s at .*/@@`
---
> maxsquota=`grep '^ *0': /proc/key-users | sed s at .*/@@ | head -1`
since /proc/key-users then lists multiple entries. Otherwise,
all tests pass when running the testsuite in a child-user-ns.
So I'll just sit on these patches waiting for an acked-by (or nack),
then ask for these three patches in linux-next.
thanks,
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list