userns: Add per user namespace sysctls. Limit per userns sysctls to only be opened for write by a holder of CAP_SYS_RESOURCE. Add all of the necessary boilerplate for having per user namespace sysctls. Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

commit: dbec28460a89aa7c02c3301e9e108d98272549d2 [log] [tgz]
author: Eric W. Biederman <ebiederm@xmission.com> Sat Jul 30 13:58:49 2016 -0500
committer: Eric W. Biederman <ebiederm@xmission.com> Mon Aug 08 13:18:58 2016 -0500
tree: bf4b71c69e072bb6fdbe680674ab84bd79143e45
parent: b032132c3c218f4a09e9499b3674299a752581c6 [diff] [blame]
diff --git a/kernel/Makefile b/kernel/Makefile
index e2ec54e..eb26e12c 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile

@@ -9,7 +9,7 @@
 	    extable.o params.o \
 	    kthread.o sys_ni.o nsproxy.o \
 	    notifier.o ksysfs.o cred.o reboot.o \
-	    async.o range.o smpboot.o
+	    async.o range.o smpboot.o ucount.o
 
 obj-$(CONFIG_MULTIUSER) += groups.o
commit	dbec28460a89aa7c02c3301e9e108d98272549d2	[log] [tgz]
author	Eric W. Biederman <ebiederm@xmission.com>	Sat Jul 30 13:58:49 2016 -0500
committer	Eric W. Biederman <ebiederm@xmission.com>	Mon Aug 08 13:18:58 2016 -0500
tree	bf4b71c69e072bb6fdbe680674ab84bd79143e45
parent	b032132c3c218f4a09e9499b3674299a752581c6 [diff] [blame]