Recent Features
| |||||||||||||
transclucent fs for shared root access?transclucent fs for shared root access?Posted May 12, 2005 14:12 UTC (Thu) by bkw1a (subscriber, #4101)Parent article: The mini_fo filesystem I was just thinking about translucent filesystems and userspace filesystems (the subject of another article in today's lwn kernel section). How about using a translucent filesystem to give unprivileged users "root" access? What I mean is, mount "/" as a read-only base filesystem for these users, but allow them to overlay changes (that would only be visible by them) through a mechanism like mini_fo. This would be one way to (safely?) let unprivileged users install new software, without requiring any changes in the way the software is packaged. The first problem that occurs to me is that the root filesystem isn't really static. Can mini_fo deal with changes in the underlying filesystem?
(Log in to post comments)
transclucent fs for shared root access? Posted May 12, 2005 18:31 UTC (Thu) by bronson (subscriber, #4806) [Link] RTFAQ: http://www.denx.de/twiki/bin/view/Know/MiniFOFAQ
I don't know how well it would handle move/renames.
transclucent fs for shared root access? Posted May 19, 2005 21:27 UTC (Thu) by klossner (subscriber, #30046) [Link] This would be one way to (safely?) let unprivileged users ... This isn't safe. Consider what happens if you let the unprivileged user overlay their own version of /etc/passwd. They won't stay unprivileged for long.
transclucent fs for shared root access? Posted May 22, 2005 10:49 UTC (Sun) by markus78 (guest, #30082) [Link] For now mini_fo can only deal to some extent with changes in the underlying file system, e.g. modifying existing files, even creating new files should be ok. What will definitely cause trouble is removing an file, what's like "pulling the carpet" you're standing on: the file system will expect to find a file that has gone.I've got advanced error recovery that will allow this on my Todo list though.
|
|||||||||||||