Add support for Linux ID-mapped mounts

nestybox / sysbox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.

Apache License 2.0

2.78k stars 152 forks source link

Add support for Linux ID-mapped mounts #535

Closed ctalledo closed 2 years ago

ctalledo commented 2 years ago

The Linux kernel 5.12 introduces a feature called "ID-mapped mounts", which is a kernel-native replacement to the shiftfs module currently used by Sysbox.

This Epic calls for adding support for ID-mapped mounts in Sysbox.

ctalledo commented 2 years ago

As of v0.5.0, Sysbox now supports ID-mapped mounts.

Note however that the Linux ID-mapped mount mechanism still has some limitations such as:

Can't be mounted on top of overlayfs, btrfs, or tmpfs.
Can't be mounted on top of /dev/null.
Overlayfs can't be mounted on top of an ID-mapped mount ext4.

We expect these to be resolved in future kernel releases and we will keep an eye on these.