Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-20264

Support ID mapped mounts

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Medium
    • None
    • None
    • None
    • 3
    • 9223372036854775807

    Description

      Container systems (like podman, LXC, crun) and modern package managers (snap) want the capability to map container users to real users on the host system. This is typically done via ID mapped mounts [1]. For Lustre to support this, we must account for the mnt_idmap that VFS passes to the various filesystem operations. Additionally, we must adjust Lustre's server-side re-validation of capabilities to account for user namespace root.

       

      [1] https://lwn.net/Articles/896255/

      Attachments

        Activity

          People

            timday Tim Day
            timday Tim Day
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: