]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 88252ca) | patch
nspawn: support foreign mappings also when nspawn doing the mapping itself
authorLennart Poettering <lennart@poettering.net>
Wed, 13 Nov 2024 11:13:30 +0000 (12:13 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 23 Jan 2025 20:48:02 +0000 (21:48 +0100)
commitca23deae0920d82bd8032477a4c12e9ae9c2c262
treeb5c1812fc3a440a80a8ca7c7cbd03c4d31859901tree | snapshot
parent88252ca88932b733ead989b6c5cece22ea37941bcommit | diff
nspawn: support foreign mappings also when nspawn doing the mapping itself

This adds a new "foreign" value to --private-users-ownership= which is a
lot like "map", but maps from the host's foreign UID range rather than from the
host's 0.

(This has nothing much to do with making unprivileged directory-based
containers work, it's just very handy that we can run privileged
contains with such a mapping too, with an easy switch)
src/nspawn/nspawn-settings.c diff | blob | blame | history
src/nspawn/nspawn-settings.h diff | blob | blame | history
src/nspawn/nspawn.c diff | blob | blame | history
src/shared/mount-util.c diff | blob | blame | history
src/shared/mount-util.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.