>      * policy: when creating the shadow directory in the
>      * upper layer, create it owned by the user who did
>      * the mount, group from parent directory, and mode
>      * 777 modified by umask (ie mostly identical to the
>      * mkdir syscall).  (jsp, kb)
> 
> uhm.. so, why?  File permissions and ownership are copied.  Shouldn't
> directories behave the same?

Count this as a "me too".  I had big plans for things I was going to do
with union mounts, but scrapped them because I can't trust the shadow
copies to have the right permissions.  I don't understand the reasoning.

There's also (what seems to be) a bug (I haven't tried anything more recent
than 1.6.2 i386) with shadow-copying a file when the underlying FS is readonly.
Trying to open the existing file for writing produces EROFS instead of
making a shadow copy ... but putting a union mount over a readonly file
system is one of the most obvious uses of union mounts ....  Creating a
*new* file works fine, and shadow copying the file works fine if the below
FS isn't readonly.

-Chap