folkslinux
/
zfs
mirror of https://github.com/openzfs/zfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,356 Commits 43 Branches 135 Tags 257 MiB
C 70.4%
Shell 19.5%
Assembly 5.1%
M4 2%
Python 1.8%
Other 1.2%
Go to file
Wolfgang Bumiller 0e85048f53 Take user namespaces into account in policy checks 
Change file related checks to use user namespaces and make
sure involved uids/gids are mappable in the current
namespace.

Note that checks without file ownership information will
still not take user namespaces into account, as some of
these should be handled via 'zfs allow' (otherwise root in a
user namespace could issue commands such as `zpool export`).

This also adds an initial user namespace regression test
for the setgid bit loss, with a user_ns_exec helper usable
in further tests.

Additionally, configure checks for the required user
namespace related features are added for:
  * ns_capable
  * kuid/kgid_has_mapping()
  * user_ns in cred_t

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Closes #6800 
Closes #7270
 		2018-03-07 15:40:42 -08:00
.github Reduce codecov PR comments 2018-01-09 11:15:55 -08:00
cmd Allow to limit zed's syslog chattiness 2018-03-06 15:41:52 -08:00
config Take user namespaces into account in policy checks 2018-03-07 15:40:42 -08:00
contrib Fix some typos 2018-02-28 08:57:10 -08:00
etc Allow modprobe to fail when called within systemd 2018-02-21 14:45:35 -08:00
include Record skipped MMP writes in multihost_history 2018-03-06 15:15:15 -08:00
lib Misc fixes and cleanup for project quota 2018-03-05 12:56:27 -08:00
man Change checksum & IO delay ratelimit values 2018-03-04 17:34:51 -08:00
module Take user namespaces into account in policy checks 2018-03-07 15:40:42 -08:00
rpm Fix systemd_ RPM macros usage on Debian-based distributions 2018-02-02 13:50:42 -08:00
scripts Fix free memory calculation on v3.14+ 2018-02-23 08:50:06 -08:00
tests Take user namespaces into account in policy checks 2018-03-07 15:40:42 -08:00
udev Fix spelling 2017-01-03 11:31:18 -06:00
.gitignore Add configure option to enable gcov analysis 2017-09-15 10:24:13 -07:00
.gitmodules Add zimport.sh compatibility test script 2014-02-21 12:10:31 -08:00
.travis.yml Add .travis.yml 2017-11-13 09:18:18 -08:00
AUTHORS Add a missing > to AUTHORS 2014-09-02 14:18:53 -07:00
COPYRIGHT Encryption patch follow-up 2017-10-11 16:54:48 -04:00
DISCLAIMER Fix minor typos and update marketing copy. 2013-03-21 12:51:06 -07:00
META Tag zfs-0.7.0 2017-07-26 10:13:25 -07:00
Makefile.am Allow make checkstyle and paxscript in build dir 2018-02-21 12:35:59 -08:00
OPENSOLARIS.LICENSE Add CDDL license file 2008-12-01 14:49:34 -08:00
README.markdown Add scan.coverity.com badge to README 2017-10-30 16:21:24 -07:00
TEST Refresh TEST file to include new variables 2017-11-08 11:09:30 -08:00
autogen.sh build: do not call boilerplate ourself 2013-04-02 10:55:20 -07:00
configure.ac Take user namespaces into account in policy checks 2018-03-07 15:40:42 -08:00
copy-builtin Fix copy-builtin to work with ASAN patch 2018-01-12 09:39:36 -08:00
zfs.release.in Move zfs.release generation to configure step 2012-07-12 12:22:51 -07:00

README.markdown

img

ZFS on Linux is an advanced file system and volume manager which was originally developed for Solaris and is now maintained by the OpenZFS community.

codecov coverity

Official Resources

Installation

Full documentation for installing ZoL on your favorite Linux distribution can be found at our site.

Contribute & Develop

We have a separate document with contribution guidelines.