From 4ed5e25074ffec266df38556d9b3a928c5e0dee9 Mon Sep 17 00:00:00 2001 From: Will Andrews Date: Sun, 21 Feb 2021 10:19:43 -0600 Subject: Add Linux namespace delegation support This allows ZFS datasets to be delegated to a user/mount namespace Within that namespace, only the delegated datasets are visible Works very similarly to Zones/Jailes on other ZFS OSes As a user: ``` $ unshare -Um $ zfs list no datasets available $ echo $$ 1234 ``` As root: ``` # zfs list NAME ZONED MOUNTPOINT containers off /containers containers/host off /containers/host containers/host/child off /containers/host/child containers/host/child/gchild off /containers/host/child/gchild containers/unpriv on /unpriv containers/unpriv/child on /unpriv/child containers/unpriv/child/gchild on /unpriv/child/gchild # zfs zone /proc/1234/ns/user containers/unpriv ``` Back to the user namespace: ``` $ zfs list NAME USED AVAIL REFER MOUNTPOINT containers 129M 47.8G 24K /containers containers/unpriv 128M 47.8G 24K /unpriv containers/unpriv/child 128M 47.8G 128M /unpriv/child ``` Reviewed-by: Brian Behlendorf Signed-off-by: Will Andrews Signed-off-by: Allan Jude Signed-off-by: Mateusz Piotrowski Co-authored-by: Allan Jude Co-authored-by: Mateusz Piotrowski Sponsored-by: Buddy Closes #12263 --- lib/libspl/include/sys/types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/libspl/include/sys') diff --git a/lib/libspl/include/sys/types.h b/lib/libspl/include/sys/types.h index f32c2188a..8dc38ae33 100644 --- a/lib/libspl/include/sys/types.h +++ b/lib/libspl/include/sys/types.h @@ -44,7 +44,7 @@ #include #endif /* HAVE_INTTYPES */ -typedef int zoneid_t; +typedef uint_t zoneid_t; typedef int projid_t; /* -- cgit v1.2.3