search for: ms_mgc_val

...-M '0 0 1' -G '0 0 1' bash This program simply calls clone with CLONE_NEWUSER flag and set proper uid_map and gid_map. The test commands are as follows: mkdir /test mount debugfs /test -t debugfs and strace shows: mount("debugfs", "/test", "debugfs", MS_MGC_VAL, NULL) = -1 EPERM (Operation not permitted) Now the question is: Is it a kernel bug or expected behavior ie. inside user namespace we have always limited permissions even if uid=0 inside container is mapped to uid=0 outside? # cat /proc/$$/uid_map 0 0 1 # cat /pr...

...ATIME' redefined /usr/include/sys/mount.h:59: warning: this is the location of the previous definition /usr/include/linux/fs.h:105: warning: `MS_RMT_MASK' redefined /usr/include/sys/mount.h:63: warning: this is the location of the previous definition /usr/include/linux/fs.h:110: warning: `MS_MGC_VAL' redefined /usr/include/sys/mount.h:68: warning: this is the location of the previous definition /usr/include/linux/fs.h:145: warning: `BLKROSET' redefined /usr/include/sys/mount.h:76: warning: this is the location of the previous definition /usr/include/linux/fs.h:146: warning: `BLKROGET...

Hi there! I am trying to turn on user namespace by adding following lines to the config: <idmap> <uid start='0' target='0' count='100000'/> <gid start='0' target='0' count='100000'/> </idmap> As you can see the root in container is mapped to the root outside. I was expected to see no difference