[lxc-devel] [PATCH] Add option to lxc-attach to select specific namespaces
Christian Seiler
christian at iwakd.de
Fri May 18 16:29:16 UTC 2012
>> + int flags[] = { CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWNET, CLONE_NEWIPC, CLONE_NEWUTS };
> ...
>> -static char *namespaces_list[] = {
>> - "MOUNT", "PID", "UTSNAME", "IPC",
>> - "USER", "NETWORK"
>> -};
>> -static int cloneflags_list[] = {
>> - CLONE_NEWNS, CLONE_NEWPID, CLONE_NEWUTS, CLONE_NEWIPC,
>> - CLONE_NEWUSER, CLONE_NEWNET
>> -};
>
> These should be commonized. I'm surprised this patch worked for you, as
> the indices for network don't match up.
Yes, they do, but you have to see which one matches against which:
namespaces_list <-> cloneflags_list
but in the lxc_attach_to_pid there's
char *ns[] = { "pid", "mnt", "net", "ipc", "uts" };
so we have
flags <-> ns. In the end, those are totally different arrays.
I've blacklisten USER because I don't know to which file in
/proc/$pid/ns it will map to once the feature is inside the kernel (I
only see the 5 in the char *ns[] list on my system) - I'll happily
rearrange them and add CLONE_NEWUSER to the flags and ns lists in the
attach to pid function.
Regards,
Christian
More information about the lxc-devel
mailing list