[lxc-devel] [Need Assistance] How to monitor activities inside LXC-Container

Kushan Sharma mlkushan at gmail.com
Thu Jun 28 10:41:34 UTC 2012 

Dear Sir,

Thank you very much for your prompt reply. I understand that a process
actually doesn't "run" inside container. I also was able to view system
calls executed by a process (using strace) initiated by a program running
inside the container. This was done by staying outside the LXC-Container.

As the next step, I need to separately identify all the processes, being
initiated by programs running inside the container. This will help me to
track all the activities carried out by sandboxed application.

If you can direct me to a proper documentation so that I can find a
mechanism to track all the processes as mentioned above, that would be a
greatly appreciated.

Thank you.
Kind regards,
Sharma

On Thu, Jun 28, 2012 at 12:38 PM, Jäkel, Guido <G.Jaekel at dnb.de> wrote:

> Dear Sharma,
>
> Because container virtualization may be roughly described as a "complex
> chroot tool", a process actually don't "run" inside container. It's acting
> in the same context of one-and-only kernel which have bootstrapped the
> host. It is just inside a access control group, which phenotype forms "the
> container".
>
> Therefore, since container isolation in LXC is mainly formed by different
> namespaces and the host -- as a super-root -- is able to distinguish and
> access all processes of a container, you may use the same mechanisms to
> inspect the system as in the vanilla case, e.g. to hook  strace  to a
> process which belongs to a container.
>
> Guido
>
> >-----Original Message-----
> >From: Kushan Sharma [mailto:mlkushan at gmail.com]
> >Sent: Thursday, June 28, 2012 8:39 AM
> >To: lxc-devel at lists.sourceforge.net
> >Subject: [lxc-devel] [Need Assistance] How to monitor activities inside
> LXC-Container
> >
> >Dear All,
> >
> >I am a computer science and engineering research student at University of
> Moratuwa, Sri Lanka.
> >
> >I need to write a program to monitor activities of Arkose container <
> https://launchpad.net/arkose> . Since this uses LXC-
> >container as, is it possible for write a program to externally (external
> to the container) monitor system calls executes by Arkose
> >and applications running inside Arkose?
> >
> >Your advice on this regard is highly appreciated.
> >
> >Thank you very much and I await your feedback.
> >
> >--
> >Kushan Sharma
> >Research Student.
> >
>
>


-- 
Kushan Sharma
Information Security Engineer
TechCERT / A Division of LK Domain Registry,
Sri Lanka.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20120628/487c566f/attachment.html>

More information about the lxc-devel mailing list