The user namespace, which is a important piece of Linux containers, has been merged into the mainline of the kernel since 3.8. However, it implementation is still incomplete for some components of the kernel. Hence, to enable the feature we need to disable some features: network filesystems and XFS.
See the below to know the dependencies of the user namespace:
config USER_NS
bool "User namespace (EXPERIMENTAL)"
depends on EXPERIMENTAL
depends on UIDGID_CONVERTED
select UIDGID_STRICT_TYPE_CHECKS
config UIDGID_STRICT_TYPE_CHECKS
bool "Require conversions between uid/gids and their internal representation"
depends on UIDGID_CONVERTED
config UIDGID_CONVERTED
# True if all of the selected software conmponents are known
# to have uid_t and gid_t converted to kuid_t and kgid_t
# where appropriate and are otherwise safe to use with
# the user namespace.
bool
default y
# Networking
depends on NET_9P = n
# Filesystems
depends on 9P_FS = n
depends on AFS_FS = n
depends on CEPH_FS = n
depends on CIFS = n
depends on CODA_FS = n
depends on GFS2_FS = n
depends on NCP_FS = n
depends on NFSD = n
depends on NFS_FS = n
depends on OCFS2_FS = n
depends on XFS_FS = n
By disabling the features, you are able to select USER_NS.
The following sections describe how to build a kernel package for Fedora 18. The target kernel is 3.8.3-201.fc18. In the procedure, I uses a sample kernel configuration for a kernel running on VirtualBox, which is provided by me. Visit https://gist.github.com/peo3/5180704 to see on gist.
kversion=3.8.3-201
sudo yum install rpmdevtools yum-utils rpm-build ncurses-devel
rpmdev-setuptree
yumdownloader --source kernel
sudo yum-builddep kernel-${kversion}.fc18.src.rpm
rpm -Uvh kernel-${kversion}.fc18.src.rpm
cd ~/rpmbuild/SPECS
rpmbuild -bp --target=$(uname -m) kernel.spec
cd ~/rpmbuild/BUILD/kernel-3.8.fc18/linux-${kversion}.fc18.x86_64
wget https://gist.github.com/peo3/5180704/raw/f9e97de308b82bd3d1be0f471310fe993a7e2f00/config-3.8.3-201.vbox.fc18.x86_64 -O .config
# Optional: configure the kernel as you want
# make nconfig
cp -b .config ~/rpmbuild/SOURCES/config-$(uname -m)-generic
# Append x86_64 at the top of the file
vim ~/rpmbuild/SOURCES/config-$(uname -m)-generic
cd ~/rpmbuild/SPECS rpmbuild -bb --target=$(uname -m) --define "buildid .vbox" --with baseonly --with firmware --without debuginfo kernel.spec
cd ~/rpmbuild/RPMS/x86_64
sudo rpm -ivh kernel-${kversion}.vbox.fc18.x86_64.rpm kernel-headers-${kversion}.vbox.fc18.x86_64.rpm
sudo reboot
- Building a custom kernel http://fedoraproject.org/wiki/Building_a_custom_kernel
- USER_NS in Kconfig https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/init/Kconfig?id=v3.8.3#n1028
- config-3.8.3-201.vbox.fc18.x86_64 https://gist.github.com/peo3/5180704