> > Notice that setups along the lines "mount /dev/sda5 read-only on
> > /home/jail/pub and read-write on /home/ftp/pub" are not that
> > unreasonable, so even for local filesystems it might make sense.
> >
> > IOW, I suspect that right solution would have two separate layers -
> > * does anyone get write access under that mountpoint? (VFS)
> > * is this fs asked to handle write access and had it agreed with that?
> > (filesystem)
>
> Then a mount point could be compared to the notion of view in a database,
> right ? Sounds nice.
Well, they _are_ views. We have two distinct objects - superblock (fs
tree itself) and vfsmount (view into it). Some of the flags obviously
belong to the latter (e.g. nosuid, nodev and noexec - in -ac they are
per-mountpoint and in effect you can turn them on and off on arbitrary
subtrees - e.g.
mount --bind /home/k1dd13 /home/k1dd13
mount -o remount,noexec /home/k1dd13
will have expected effect).
Read-only is more complex - in addition to mount side ("does anyone want
it to be r/w") there is a filesystem side ("does fs agree to be r/w")...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/