Package Details: shiftfs-dkms 20210723-1

Git Clone URL: https://aur.archlinux.org/shiftfs-dkms.git (read-only, click to copy)
Package Base: shiftfs-dkms
Description: kernel module that provides a kernel filesystem for uid/gid shifting; dkms version for custom kernels
Upstream URL: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/impish/log/fs/shiftfs.c?h=master-next
Keywords: lxd
Licenses: GPL2
Conflicts: shiftfs
Provides: shiftfs
Submitter: G3ro
Maintainer: G3ro
Last Packager: G3ro
Votes: 1
Popularity: 0.89
First Submitted: 2020-09-29 19:53
Last Updated: 2021-07-25 19:13

Dependencies (1)

Required by (2)

Sources (3)

Pinned Comments

G3ro commented on 2021-07-25 19:23

Note: This version is for kernel versions 5.13+.

For linux-lts kernels (5.10), see shiftfs-lts-dkms instead.

G3ro commented on 2020-09-29 20:07

Details: shiftfs is a kernel filesystem for uid/gid-shifting.
It is used by LXD for example.

You find more details (including limitations etc.) in the official LXD forum:
https://discuss.linuxcontainers.org/t/trying-out-shiftfs/5155
https://discuss.linuxcontainers.org/t/lxd-usecases-of-shiftfs-volume-disk-share/7735

Report on the initial implementation in the Ubuntu Kernel repo:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823186


Usage in LXD:

If you use the LXD package from the Arch Repos, shiftfs will be enabled by default.
You can check whether it is enabled with "lxc info" (look for: shiftfs: "true").

Latest Comments

G3ro commented on 2021-07-25 19:23

Note: This version is for kernel versions 5.13+.

For linux-lts kernels (5.10), see shiftfs-lts-dkms instead.

dreieck commented on 2021-05-18 21:22

@G3ro: The build error you mentioned on 2021-05-02 also appeared for nullfs in 5.12-kernel. For nullfs, it has been fixed. So we need (to wait for) a similar fix here, too.

G3ro commented on 2021-04-17 19:35

@gamezelda: Thx for the info. I didn't know that. I might include it in some time or rename the package with -git.

gamezelda commented on 2021-04-17 17:30

Apologies, I see now that it's mentioned very early in the link, I certainly should have RTFM better.

Regarding pinning to a specific commit, it can be done without any major changes, you can get a link to get the file at a specific commit from the cgit interface by going to the log tab -> specific commit -> tree tab -> "plain" link.

For example here's a link to shiftfs.c that is not to the latest commit: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/hirsute/plain/fs/shiftfs.c?h=master-next&id=eb00293db1e71f56d6cfa9bf2783ef7197765de6

(However I'm not 100% if that would actually keep working if they rebase the branch)

G3ro commented on 2021-04-17 14:33

@gamezelda: Yes that is a known limitation. I didn't add a note here, because:

  1. It's a very special usecase.
  2. It is included in the top of the LXD forum post that I link to directly, so it's like reading the manual first (if you know what I mean).

Still I will clarify the original comment an bit.

For those interested in using overlayfs on top of shiftfs inside your container: It is also likely possible to put a patched version of the overlayfs-module into a dkms-package, so you don't have to rebuild the whole kernel.


Regarding the -git suffix: The situation here is not so easy. Essentially I use a specific file as a source, not the whole git repo. There are methods such as git-sparse-checkout etc., but:

  1. It's experimental.
  2. I don't know (haven't tested) whether it works with makepkg (I doubt it for now).

This leads to the situation that:

  1. I can't link to a specific commit (for stable version approach)
  2. The user will not be notified about updates (that are checked via the commit id) (for git approach).

Maybe this information is wrong and maybe there is a solution I don't know.

Assuming that it is correct, one could still argue that I should name it "shiftfs-dkms-git" etc. anyway; I will think about that some more.

gamezelda commented on 2021-04-16 22:21

A warning that may save someone a lot of time:

Additionally to this kernel module, Ubuntu also has an additional patch outside the module that fixes mounting an overlayfs on top of a shiftfs "UBUNTU: SAUCE: overlayfs: allow with shiftfs as underlay": https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/hirsute/commit/?h=master-next&id=d6c123354a5f2b3d2fb7d11bf50ebf58dd511303 (Remember to replace/define SHIFTFS_MAGIC on the patch with the value in this package's Makefile!)

If you don't apply this patch on your kernel, it will allow you to do the mount, but then it will crash (kernel panic) when you try to read a file on the shiftfs from the overlayfs. As a note, I doubt many of you are using Arch to run production workloads, but on the latest Linux kernels an unprivileged user can mount an overlayfs, so this can probably be used as a DoS vector (I haven't actually tested it).

This code will trigger a crash if you don't have the patch:

sudo modprobe shiftfs
mkdir -p "/tmp/cme" "/tmp/cme2"
echo "hello" > "/tmp/cme/x"

sudo mount -t shiftfs -o mark "/tmp/cme" "/tmp/cme"
mkdir -p /tmp/{upper,work}
sudo mount -t overlay -o lowerdir="/tmp/cme",upperdir=/tmp/upper,workdir=/tmp/work none "/tmp/cme2"

echo "CRASHING NOW"
cat "/tmp/cme2/x"

PS: BTW, this package and shiftfs should either be pinned to a specific commit, or suffixed with '-git'.

G3ro commented on 2020-09-29 20:07

Details: shiftfs is a kernel filesystem for uid/gid-shifting.
It is used by LXD for example.

You find more details (including limitations etc.) in the official LXD forum:
https://discuss.linuxcontainers.org/t/trying-out-shiftfs/5155
https://discuss.linuxcontainers.org/t/lxd-usecases-of-shiftfs-volume-disk-share/7735

Report on the initial implementation in the Ubuntu Kernel repo:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823186


Usage in LXD:

If you use the LXD package from the Arch Repos, shiftfs will be enabled by default.
You can check whether it is enabled with "lxc info" (look for: shiftfs: "true").