summaryrefslogtreecommitdiffstats
path: root/include/uapi
diff options
context:
space:
mode:
authorMichael Kerrisk (man-pages) <mtk.manpages@gmail.com>2017-01-25 14:04:15 +1300
committerEric W. Biederman <ebiederm@xmission.com>2017-02-03 14:35:43 +1300
commitd95fa3c76a66b6d76b1e109ea505c55e66360f3c (patch)
tree17b13fb4290e9e4af97b1557b35d57fbb8099103 /include/uapi
parente5ff5ce6e20ee22511398bb31fb912466cf82a36 (diff)
downloadlinux-d95fa3c76a66b6d76b1e109ea505c55e66360f3c.tar.gz
linux-d95fa3c76a66b6d76b1e109ea505c55e66360f3c.tar.bz2
linux-d95fa3c76a66b6d76b1e109ea505c55e66360f3c.zip
nsfs: Add an ioctl() to return owner UID of a userns
I'd like to write code that discovers the user namespace hierarchy on a running system, and also shows who owns the various user namespaces. Currently, there is no way of getting the owner UID of a user namespace. Therefore, this patch adds a new NS_GET_CREATOR_UID ioctl() that fetches the UID (as seen in the user namespace of the caller) of the creator of the user namespace referred to by the specified file descriptor. If the supplied file descriptor does not refer to a user namespace, the operation fails with the error EINVAL. If the owner UID does not have a mapping in the caller's user namespace return the overflow UID as that appears easier to deal with in practice in user-space applications. -- EWB Changed the handling of unmapped UIDs from -EOVERFLOW back to the overflow uid. Per conversation with Michael Kerrisk after examining his test code. Acked-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Michael Kerrisk <mtk-manpages@gmail.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'include/uapi')
-rw-r--r--include/uapi/linux/nsfs.h8
1 files changed, 5 insertions, 3 deletions
diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h
index 2b48df11056a..1a3ca79f466b 100644
--- a/include/uapi/linux/nsfs.h
+++ b/include/uapi/linux/nsfs.h
@@ -6,11 +6,13 @@
#define NSIO 0xb7
/* Returns a file descriptor that refers to an owning user namespace */
-#define NS_GET_USERNS _IO(NSIO, 0x1)
+#define NS_GET_USERNS _IO(NSIO, 0x1)
/* Returns a file descriptor that refers to a parent namespace */
-#define NS_GET_PARENT _IO(NSIO, 0x2)
+#define NS_GET_PARENT _IO(NSIO, 0x2)
/* Returns the type of namespace (CLONE_NEW* value) referred to by
file descriptor */
-#define NS_GET_NSTYPE _IO(NSIO, 0x3)
+#define NS_GET_NSTYPE _IO(NSIO, 0x3)
+/* Get owner UID (in the caller's user namespace) for a user namespace */
+#define NS_GET_OWNER_UID _IO(NSIO, 0x4)
#endif /* __LINUX_NSFS_H */