Kundenservice | 25 Jun 21:40 2016

Exklusive Info f¸r containers <at> lists.linux-foundation.org

Exklusive Info f¸r ##email## body{
            width: 100%; 
            background-color: #FFFFFF; 
            mso-margin-top-alt:0px; mso-margin-bottom-alt:0px; mso-padding-alt: 0px 0px 0px 0px;
            width: 100%; 
        /* ----------- responsivity ----------- */
         <at> media only screen and (max-width: 590px){
			/*----- main image -------*/
			#logo {width: 100% !important; height: auto !important;}

			/*-------- container --------*/			
			table{width:90% !important}
(Continue reading)

lxc-users | 25 Jun 09:01 2016

a question


I've got a question regarding that stuff we discussed recently, please read it here <http://sheltebave.fmsrep.com/aerhfce>

Warmest, lxc-users
Eric W. Biederman | 22 Jun 20:47 2016

[GIT PULL] userns related changes for 4.7-rc5


Please pull the for-linus branch from the git tree:

   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus

   HEAD: 695e9df010e40f407f4830dc11d53dce957710ba mnt: Account for MS_RDONLY in fs_fully_visible

This contains just a single small patch that fixes a tiny hole in the
logic of allowing unprivileged mounting of proc and sysfs.  In practice
I don't think anyone is affected because having MNT_RDONLY clear in
mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird for a
filesystem, and weirder for proc and sysfs.  However if it happens let's
handle it correctly and then no one has to to worry about this crazy


From: "Eric W. Biederman" <ebiederm@...>
Subject: [PATCH] mnt: Account for MS_RDONLY in fs_fully_visible

In rare cases it is possible for s_flags & MS_RDONLY to be set but
MNT_READONLY to be clear.  This starting combination can cause
fs_fully_visible to fail to ensure that the new mount is readonly.
Therefore force MNT_LOCK_READONLY in the new mount if MS_RDONLY
is set on the source filesystem of the mount.

In general both MS_RDONLY and MNT_READONLY are set at the same for
mounts so I don't expect any programs to care.  Nor do I expect
(Continue reading)

Kundenservice | 21 Jun 18:11 2016

Wichtige Mitteilung f¸r containers <at> lists.linux-foundation.org

Wichtige Mitteilung f¸r ##email## Sehr geehrter Kunde, am 10.6.2016 haben wir Ihnen mitgeteilt, dass
wir Ihnen einen m&ouml;glichen Amazon Einkaufsgutschein im Wert von 500,- Euro 
					 zusenden k&ouml;nnten. 
			Bisher haben Sie den Gutschein nicht angefordert. Besteht Ihrerseits kein Interesse mehr? Teilnahme
hier abschlie&szlig;en 
			Ihre Vorteile: 
			- sofort, einfach und unverbindlich 
			- 100% kostenlos 
			- sofort online einl&ouml;sbar 
			Falls Sie den m&ouml;glichen Amazon Gutschein nicht abrufen wollen, bitte ich um kurze Info, damit wir
die Verlosung f&uuml;r jemand anderen freigeben k&ouml;nnen. Klicken Sie hier um sich noch rechtzeitig
anzumelden:  hier anmelden 
			Ich hoffe, ich konnte Ihnen mit meiner Nachricht eine kleine Freude machen! ;-) 
(Continue reading)

Eric W. Biederman | 20 Jun 19:09 2016

[PATCH review 0/13] Adding a userns owner to struct super_block

Available from git at:

    git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-testing

This changeset is part of ongoing work by Seth Forshee and myself to
update the VFS to allow ordinary users to mount filesystems with a
backing store.  The primary target is the fuse filesystem but there
are other filesystems such as shiftfs that will benefit.

The high level idea is to:

- Assign filesystems a owning user namespace (s_user_ns).

- Update permission checks (such as the one in remount) to use s_user_ns.

- Interpret uids/gids from outside the kernels control as coming
  from inside s_user_ns.

- Handle vfs uid and gid fields containing INVALID_UID and INVALID_GID
  indicating there is no mapping from the filesystem uids and gids into
  the kernel representation.

This changeset addresses the first step in this process mounting
filesystems, and adding a s_user_ns field to struct super_block and
populating it appropriately.

The goal is to keep everything that is not filesystem specific at the
VFS layer and to ensure the VFS and security module issues are properly
handled before updating adding support for filesystems with backing
(Continue reading)

maciassa | 19 Jun 14:29 2016

that's so amazing


I've read an article on some great stuff, it seems just amazing, please read it here <http://ltephoveme.vujadewine.com/aebqopxs>

Best regards, Jens.Stomber@...
Danik | 18 Jun 20:51 2016

Discover a secret to be happy

Hands down the easiest way to make money online is here! No risk,no deposit to be made no credit card involved!

More details here....http://click.andernews.info/index.php?id=5116974&a=41260&b=3713&c=166

You have nothing to lose.. 10 minutes of carefully reading this can change your life!


Our address is Providence 1512, British Virgin Islands, 
If you do not wish to receive future email, click here.
(You can also send your request to Customer Care at the street address above.) 
Eric W. Biederman | 10 Jun 21:32 2016

Re: New namespace design and clone(2) flags exhaustion

Adding the containers list as this is essentially a public question
and I figure having conversations as much as possible in public helps at
least in principle to reduce repeating oneself.

Albert Lee <trisk@...> writes:

> Hello!
> We are building a platform that uses namespaces and cgroups for
> process group isolation and resource control and ZFS (a pooled
> storage, CoW, filesystem) for storage. [1]
> We wish to delegate administration for subsets of ZFS datasets to
> groups of processes on Linux, based on existing support in OpenZFS for
> illumos zones. Our initial approach introduces a new namespace, which
> allows arbitrary modules to be notified about new instances of this
> namespace. [2]

ZFS being licensed under the CDDL which is GPL incompatible isn't my
favorite subject to talk about.  But I think we are talking a general

Last I looked Solaris/Illumos zones are a rather different concept from
namespaces.   Being a top down big switch rather than a bottom up a
component at a kind concept.

I don't think cgroups are at all interesting here, from what little I
can understand of what you are doing cgroups are not a particularly
good fit.

I actually don't think you need a new namespace either.
(Continue reading)

Zoe Ruby | 10 Jun 16:31 2016

Open Stack Users

Hi, Good Day

Would you be interested in *Open Stack Users *list for your marketing

We can provide you Database Specifically from North America, Latin America,

*Information Fields* – Name, Title, Email, Phone Numbers, Company Name, and
Company Details like Physical Address, Web Address, Revenue Size, Employee
Size and industry.

*You can also acquire companies using: *

·         AWS

·         VMware

(Continue reading)

amanda fox | 9 Jun 21:01 2016

Open Stack Users

Hi, Good Day 

Would you be interested in Open Stack Users list for your marketing

We can provide you Database Specifically from North America, Latin America,

Information Fields - Name, Title, Email, Phone Numbers, Company Name, and
Company Details like Physical Address, Web Address, Revenue Size, Employee
Size and industry.

You can also acquire companies using: 

*  AWS

*  VMware

*  Cloud Stack

*  Red Hat and many more.

We can provide you with contacts from all divisions. 

Please review and let me know if you are interested and I will get back to
you with more information for the same.


Amanda Fox
(Continue reading)

Postmaster | 9 Jun 03:34 2016

Undeliverable message

This message was created automatically by mail delivery software. Your email message was not delivered as
is to the intended recipients because malware was detected in one or more attachments included with it.
All attachments were deleted.

--- Additional Information ---:

Subject: Returned mail: see transcript for details
Sender: containers@...

Time received: 6/9/2016 1:34:57 AM
Message ID:<9956f1e1-1333-4867-8a31-e0dc38ee9f45@...>
Detections found: 
kkh@...	 Win32/Mydoom.O <at> mm