RFC: erofs-utils:mkfs: add unprivileged container use-case support
Gao Xiang
hsiangkao at linux.alibaba.com
Wed Aug 10 04:47:15 AEST 2022
On Wed, Aug 10, 2022 at 03:37:59AM +0900, Naoto Yamaguchi wrote:
> Hi Gao
>
> Thank you for your response.
>
> > Could you give more details about this? EROFS already supports idmapped
> > mount for container use cases since 5.19, so I guess uid/gid offsets
> > can be set by this?
>
> It's good news for me. I investigated LTS version 5.10 and 5.15. I
> didn’t know this new feature.
>
> My work detail, it's easy to share experimental patch in my github.
> https://github.com/AGLExport/erofs-utils/commit/d9080b80152c2f9065d98a7a2ac36912c74657ac
The patch itself looks good to me (some minor, should we use signed
integers instead? I'm not sure if some use cases need to shift down
instead.. Also need to add some words to mkfs manpage).
Feel free to submit patch, thanks for contribution in advance!
Thanks,
Gao Xiang
>
> That will use combination with lxc idmap option.
>
> ex:
> Image creation
> mkafs.erofs --uid-offset=100000 --gid-offset=100000 .....
>
> Lxc config
> lxc.idmap = u 0 100000 65536
> lxc.idmap = g 0 100000 65536
>
>
> Thanks,
> Naoto Yamaguchi,
> a member of Automotive Grade Linux Instrument Cluster EG.
More information about the Linux-erofs
mailing list