From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id GCX6LF5iBGeyygAAqHPOHw:P1 (envelope-from ) for ; Mon, 07 Oct 2024 22:36:14 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id GCX6LF5iBGeyygAAqHPOHw (envelope-from ) for ; Tue, 08 Oct 2024 00:36:14 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=RuxsEylE; dkim=fail ("headers rsa verify failed") header.d=autistici.org header.s=stigmate header.b="qJ/SJ2M6"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1728340574; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=o9QpG5UsQDAnbeYRFKl4/LTchDNWxdtZDopInmlJWvU=; b=tJTH3zJBY/OiQ2YYNqPUhXgO+fN0LwAImvN8wkxmJ26pkhsjuMRkh9M/ghBWU5QxdVc/aE w+ncSVNRTmS4KIUYjE8xa7Km8naob99a5pPWli7+B4FXVwN/MVw+VQzF1gMiBIvFWRdGdg 4+Z5pD8y8LTOl9MNiZ8Rnb8Qp/azrpyXPBhmpc1e6bQfDbqL6lLlh2sQUeNmnCiTPVnhW9 mHvzIOh8+Epa6MEvn569mHeEvS3AupCvle6WBI8t4Ig0lGZ7n8DwDS5HllLos1GPL9opbQ jkPL/Vs5G5zuBDMQJJZ/X/bOaKwUBcXgoeBAqRdqV135Wpk13ZQy4eFvwSiTMA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1728340574; a=rsa-sha256; cv=none; b=kenwP6X9LCLRKBBdC4+cj3ZnIgGxE7fdRkEJwSgqZVS1tObE+9mdlJ6Erg/JB93rjvJ93p GNL+ei6KoMhj8yQTiXsFXTkNoihHdCYodCK5CaNLLeJD3/2GgeieQqdB/nJX0Ud9aXvyQt TQ5liv/qndB/9+nW69J8DIG2ty29VfnOdsVpFE/slD24I1lZFWeuD5wj+RS6LZr3tbF3af SIpPENLKwkQ/sAd2ouu3faOlPjgeLHqihox3EsOE9vljK9yGaiUP2g1VJj9s9QGo8cDzAO WKVJu1aNyiVKOf4fNuDa1+wsiGIt8cJFulzBn1wDsKhPg42evUzxdehAfPGOVw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=RuxsEylE; dkim=fail ("headers rsa verify failed") header.d=autistici.org header.s=stigmate header.b="qJ/SJ2M6"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 676D756FDA for ; Tue, 08 Oct 2024 00:36:14 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sxwKd-00042Z-Gd; Mon, 07 Oct 2024 18:35:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sxwKZ-00042J-UA for guix-patches@gnu.org; Mon, 07 Oct 2024 18:35:56 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sxwKZ-0001lI-IN for guix-patches@gnu.org; Mon, 07 Oct 2024 18:35:55 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=In-Reply-To:From:References:MIME-Version:Date:To:Subject; bh=o9QpG5UsQDAnbeYRFKl4/LTchDNWxdtZDopInmlJWvU=; b=RuxsEylEMGLcc/2G79lQi5PjC9QpGCQTeXAxbYSu+Ao98+6JghhAJD8boAPCqujaaohjW368N7CJErVZrwekpiRpgA8hzrVys25tgsYQMAACrGTJdeyR400ddrBRSXcEosy2V42H/q0IU3PT6sbZ2Yls+ddrkBp018V5HeCbRaabuffUAi6U/xnktlI48GFyuJkgqcSViWoFuuBIDmvMCTbgM5lly9YaAL8yO29S4lBXuChaSQJ1dxIVkYTORLbJIUck2ilkkktkBzIE8oAG1qP99K3t/20W0eeW4Zo5MCoUIfz0aqM7onCAUhwVQOzzHazIaUYyOsJ+FbbJkCXg3A==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sxwKg-00018o-8v for guix-patches@gnu.org; Mon, 07 Oct 2024 18:36:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#72337] Add /etc/subuid and /etc/subgid support Resent-From: paul Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 07 Oct 2024 22:36:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 72337 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 72337@debbugs.gnu.org Received: via spool by 72337-submit@debbugs.gnu.org id=B72337.17283405304342 (code B ref 72337); Mon, 07 Oct 2024 22:36:02 +0000 Received: (at 72337) by debbugs.gnu.org; 7 Oct 2024 22:35:30 +0000 Received: from localhost ([127.0.0.1]:49259 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sxwK9-00017x-J1 for submit@debbugs.gnu.org; Mon, 07 Oct 2024 18:35:29 -0400 Received: from confino.investici.org ([93.190.126.19]:40759) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sxwK7-00017p-BX for 72337@debbugs.gnu.org; Mon, 07 Oct 2024 18:35:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autistici.org; s=stigmate; t=1728340511; bh=o9QpG5UsQDAnbeYRFKl4/LTchDNWxdtZDopInmlJWvU=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=qJ/SJ2M6FkBHOzAplOFoYmRqOXoAzR207JmWSUiH35v8/XXHDhZBeCOgAwnipqisB XcsWfsJWZvUFrk9tnqqz2ykE3CCKEE5mTDTz/8VpDIIurglFLkZoKDwdT4hBgdDp1i miwuiRONMRghIX1JcvjkfmLpaZ43oF/CzJAb7QZA= Received: from mx1.investici.org (unknown [127.0.0.1]) by confino.investici.org (Postfix) with ESMTP id 4XMv9W2jGpz11XK; Mon, 7 Oct 2024 22:35:11 +0000 (UTC) Received: from [93.190.126.19] (mx1.investici.org [93.190.126.19]) (Authenticated sender: goodoldpaul@autistici.org) by localhost (Postfix) with ESMTPSA id 4XMv9W21mWz11XF; Mon, 7 Oct 2024 22:35:11 +0000 (UTC) Content-Type: multipart/alternative; boundary="------------hJbd8LBh6HHrS39wpUQznLLi" Message-ID: <45280b7f-dd6e-47b2-87ba-41c68235f50b@autistici.org> Date: Tue, 8 Oct 2024 00:35:10 +0200 MIME-Version: 1.0 User-Agent: Icedove Daily References: <8737329a065c5436643c6e5e7d52ec760f069725.1725742309.git.goodoldpaul@autistici.org> <2771695a2527240c89c0ba6879aeda0d4ab840ab.1725742309.git.goodoldpaul@autistici.org> <87ploz7v4e.fsf_-_@gnu.org> Content-Language: en-US In-Reply-To: <87ploz7v4e.fsf_-_@gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: paul X-ACL-Warn: , paul via Guix-patches From: paul via Guix-patches via Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -3.23 X-Spam-Score: -3.23 X-Migadu-Queue-Id: 676D756FDA X-Migadu-Scanner: mx13.migadu.com X-TUID: Kv5HCqZ+pdDa This is a multi-part message in MIME format. --------------hJbd8LBh6HHrS39wpUQznLLi Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hi Ludo’ , I think I have addressed your comments. I have now implemented two separate code paths: - when the request is specific (i.e. the subid range has a start) we can traverse the tree logarithmically - when the request is generic (i.e. the subid range does not have a start) the search is linear since all the nodes have to be visited worst case to avoid leaving empty spaces interleaved, that could actually evade requests As for estimating the size of the input, I'm not sure I know enough to answer this. My reasoning has been: in general the number of possible subids (i.e. %subordinate-id-max - %subordinate-id-min) is huge. The use case I have in mind for subids is rootless podman, so how many users in average need to use rootless containers on a system and how many subids are they to request in average are two very good questions I don't know how to answer yet, or where I could find data for. Let me know if you have any idea. Please let me know if this v5 looks ok, thank you a lot for your help. giacomo --------------hJbd8LBh6HHrS39wpUQznLLi Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit

Hi Ludo’ ,

I think I have addressed your comments. I have now implemented two separate code paths: - when the request is specific (i.e. the subid range has a start) we can traverse the tree logarithmically

- when the request is generic (i.e. the subid range does not have a start) the search is linear since all the nodes have to be visited worst case to avoid leaving empty spaces interleaved, that could actually evade requests


As for estimating the size of the input, I'm not sure I know enough to answer this. My reasoning has been: in general the number of possible subids (i.e. %subordinate-id-max - %subordinate-id-min) is huge. The use case I have in mind for subids is rootless podman, so how many users in average need to use rootless containers on a system and how many subids are they to request in average are two very good questions I don't know how to answer yet, or where I could find data for. Let me know if you have any idea.


Please let me know if this v5 looks ok, thank you a lot for your help. giacomo

--------------hJbd8LBh6HHrS39wpUQznLLi--