From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id C968D3C9E; Fri, 12 Dec 2025 17:56:21 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 2D2853C90; Fri, 12 Dec 2025 17:56:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fhigh-a7-smtp.messagingengine.com (fhigh-a7-smtp.messagingengine.com [103.168.172.158]) by atuin.qyliss.net (Postfix) with ESMTPS id 618C73C8F for ; Fri, 12 Dec 2025 17:56:17 +0000 (UTC) Received: from phl-compute-01.internal (phl-compute-01.internal [10.202.2.41]) by mailfhigh.phl.internal (Postfix) with ESMTP id 2AF111400132; Fri, 12 Dec 2025 12:56:14 -0500 (EST) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Fri, 12 Dec 2025 12:56:14 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1765562174; x=1765648574; bh=6jthLOxnm6 bTiZ3ZvO4XVlLwdwz2fFi5mSESnhgP6yM=; b=heZrJ965dVUQKQdVm0TwkdNCDf uRk3SNNC25VngQWeWSYeGiNwljWqTT8SQGFeqcJc1fhKdTaZpxI4uhPgjvEh+URe 56C0DQVrreZVi/QMh6DF++hCE1ylHToDBITUONoZEqws39tCiFOedA9jtQyfVDDm jqiQLYsEaI5eQPtfkQ72F3zytI8b+IRhAbMt0xK7fU1cpgnNYnTBCpkGzpwLKh80 1SuM1br1diIuvEpjKHm2HRBbtb+ehAkH6JTpP/EmjQl2qsm4Hm9rgPb7E0bhA7M9 sj/FCJtWVDXFTOrWjm5CCGvH52zlNIePjYmUBSw5g9QW9fzENyYGhz9+fAWw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1765562174; x=1765648574; bh=6jthLOxnm6bTiZ3ZvO4XVlLwdwz2fFi5mSE SnhgP6yM=; b=bTb7/hcJATYa6UMTbRWXm9c3Qn4O0uM6iAf+fjqTSv3uMhb3Ink /sOD8VaephC5qKvBzrzY56lcKYm4zL8A13URUFDKGbA6uu7ir1+iCwo5VQn2EG76 KqRAd1ttGsV08fDLjCdyV7V1O/Hb+Oz/cg7PiEfeP3tquQyNUn+qDuNlDcpWgh5s QqrL52bxIKT6g7/sDwCd9+ui3YY6dAIWx6m13iz9rYJUTpVhl+IoY32n+T0rmKyN VZz8XFDgcKQuZNlTbzl9v+3yzj3Ty+ct8dm7CBxuIwlcyA/Jos+EcDUlrKvZvTps ad3W61QmNqyWonP+q0TghHOtFqJ9yybL4TQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgddvkeekfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefhvfevufgjfhffkfggtgesghdtreertddttdenucfhrhhomheptehlhihsshgrucft ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepveejieekhe ffueehjeevtdekleelhfehhfelgeffieeiuddvueeifeetkeelffdvnecuffhomhgrihhn pehsphgvtghtrhhumhdqohhsrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrg hrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhspdhnsggprhgtphhtthho pedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopeguvghmihhosggvnhhouhhrse hgmhgrihhlrdgtohhmpdhrtghpthhtohepuggvvhgvlhesshhpvggtthhruhhmqdhoshdr ohhrgh X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 12 Dec 2025 12:56:13 -0500 (EST) Received: by fw12.qyliss.net (Postfix, from userid 1000) id 2C7E975DB457; Fri, 12 Dec 2025 18:56:02 +0100 (CET) From: Alyssa Ross To: Demi Marie Obenour Subject: Re: [PATCH 5/8] host/rootfs: create a per-VM user namespace In-Reply-To: <44365171-eca6-4e81-b939-0d00f780f686@gmail.com> References: <20251210124757.1080443-1-hi@alyssa.is> <20251210124757.1080443-5-hi@alyssa.is> <87tsxx5gxe.fsf@alyssa.is> <44365171-eca6-4e81-b939-0d00f780f686@gmail.com> Date: Fri, 12 Dec 2025 18:56:00 +0100 Message-ID: <87a4znshxr.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: BWVDNGU6WNG27XCIXOTV2ZNUPEPGAFWV X-Message-ID-Hash: BWVDNGU6WNG27XCIXOTV2ZNUPEPGAFWV X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: devel@spectrum-os.org X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Demi Marie Obenour writes: > On 12/11/25 07:41, Alyssa Ross wrote: >> Demi Marie Obenour writes: >>=20 >>> On 12/10/25 07:47, Alyssa Ross wrote: >>>> The document portal has to be root to mount its fuse filesystem. This >>>> needs to be a shared namespace because virtiofsd needs to be in the >>>> same mount namespace as the document portal so that it sees the fuse >>>> filesystem, so we create a per-VM persistent user namespace. >>>> >>>> Signed-off-by: Alyssa Ross >>> >>> (snip) >>> >>>> diff --git a/host/rootfs/image/usr/bin/run-appimage b/host/rootfs/imag= e/usr/bin/run-appimage >>>> index 47cab4c5..5e8e29fa 100755 >>>> --- a/host/rootfs/image/usr/bin/run-appimage >>>> +++ b/host/rootfs/image/usr/bin/run-appimage >>>> @@ -44,4 +44,6 @@ if { s6-instance-delete /run/service/vm-services $id= } >>>>=20=20 >>>> if { umount ${dir}/mount } # mount namespace >>>> if { umount ${dir}/mount } # private bind mount >>>> +if { umount ${dir}/user } # user namespace >>>> +if { umount ${dir}/user } # private bind mount >>>> rm -r $dir /run/configs/${id} >>>> diff --git a/host/rootfs/image/usr/bin/run-flatpak b/host/rootfs/image= /usr/bin/run-flatpak >>>> index bb366735..86ccc12a 100755 >>>> --- a/host/rootfs/image/usr/bin/run-flatpak >>>> +++ b/host/rootfs/image/usr/bin/run-flatpak >>>> @@ -46,4 +46,6 @@ if { s6-instance-delete -- /run/service/vm-services = $id } >>>>=20=20 >>>> if { umount ${dir}/mount } # mount namespace >>>> if { umount ${dir}/mount } # private bind mount >>>> +if { umount ${dir}/user } # user namespace >>>> +if { umount ${dir}/user } # private bind mount >>>> rm -r $dir /run/configs/${id} >>> >>> Why is it necessary to unmount twice here? >>=20 >> Because we mount twice, just like the comments say. It is a bit >> counterintuitive though. Namespaces can only be mounted onto a >> mountpoint that itself has private propagation. This is why we create a >> private bind mount at the start of create-vm-dependencies before unshare >> bind mounts the namespaces. You can also see this in an example in >> unshare(1). >>=20 >> Perhaps it would be better and clearer to have /run/vm/by-id/${VM}/ns as >> a private mountpoint, with the nsfs files inside? That way, each of >> them only needs to be unmounted once, and then the ns directory also has >> to be unmounted once. > > I think it would be easier to understand. Then you will like v2! https://spectrum-os.org/lists/archives/spectrum-devel/20251211162145.124509= -10-hi@alyssa.is/ --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQQGoGac7QfI+H5ZtFCZddwkt31pFQUCaTxXMAAKCRCZddwkt31p FYxIAQDQd7pa5zXU78IpMichIcmfr8DCbmPA/GVw4MEee/bxKAD5ActjHVhTZW+H CYHsHg7nlwbgft5MecJQi5QPoCNw/QA= =fNxs -----END PGP SIGNATURE----- --=-=-=--