From: ebiederm@xmission.com (Eric W. Biederman)
To: Rob Landley <rob@landley.net>
Cc: Oleg Nesterov <oleg@redhat.com>,
Linux Containers <containers@lists.linux-foundation.org>,
linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
"Michael Kerrisk \(man-pages\)" <mtk.manpages@gmail.com>
Subject: namespace documentation.
Date: Fri, 21 Dec 2012 14:58:56 -0800 [thread overview]
Message-ID: <87fw2zj9lb.fsf@xmission.com> (raw)
In-Reply-To: <1356117854.21178.2@driftwood> (Rob Landley's message of "Fri, 21 Dec 2012 13:24:14 -0600")
Rob Landley <rob@landley.net> writes:
> On 12/21/2012 11:51:03 AM, Eric W. Biederman wrote:
>> Oleg Nesterov <oleg@redhat.com> writes:
>>
>> > Eric. I understand that it is too late to discuss this. And yes, I
>> simply
>> > do not understand the problem space, I never used containers.
>> >
>> > But, stupid question. Let's ignore the pid_ns-specific oddities.
>> >
>> > 1. Ignoring setns(), why do we need /proc/pid/ns/ ?
>> >
>> > 2. Why setns() requires /proc/pid/ns/ ? IOW, why it can't be
>> >
>> > sys_setns(pid_t pid, int clone_flags)
>> > {
>> > truct task_struct *tsk = find_task_by_vpid(pid);
>> > struct nsproxy *target = get_nsproxy(tsk->nsproxy);
>> >
>> > new_nsproxy = create_new_namespaces(...);
>> >
>> > if (clone_flags & CLONE_NEWNS)
>> > mntns_install(...);
>> > if (clone_flags & CLONE_NEWIPC)
>> > ipcns_install(...);
>> > ...
>> > }
>> >
>> > I feel I missed something trivial, but what?
>>
>> It is a question of naming.
>>
>> The problem I set out to solve when all of this was introduced was how
>> to name namespaces without introducing yet another namespace.
>>
>> The solution to the naming problem that I finally found was to
>> introduce
>> something I could mount.
>
> Where might I find documentation on this? I'm aware of
> Documentation/namespaces but it's only got one file in it (about
> conflicts between namespace types). I'm aware of
> http://lxc.sourceforge.net/index.php/about/kernel-namespaces/ and
> http://lxc.sourceforge.net/man/ but that's mixed in with the
> implementation details of a particular userspace tool, and tends to lag
> the kernel significantly. (Those man pages were last updated in 2010,
> which if I recall was the last time I poked them about it.)
I'm not certain what you are asking about.
The man pages that I endeavour to keep reasonably current are.
man 5 proc
man 2 setns
man 2 unshare
man 2 clone
You won't get a design discussion but you will get a description of how
the existing pieces work. Of course now that I look it appears my
patches have not merged yet. But that is reasonable since my recent
changes did not merge until a few days ago.
There is also iproute2 it's man pages and source.
There is the kernel source.
There are the occassional lwn articles.
I believe there should be a reasonable amount of email in the mailing
list archives when talking about the design descision, and when I
introduced setns.
Eric
next prev parent reply other threads:[~2012-12-21 22:59 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-16 16:32 [REVIEW][PATCH 0/11] pid namespace cleanups and enhancements Eric W. Biederman
2012-11-16 16:32 ` Eric W. Biederman
[not found] ` <8739097bkk.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-16 16:35 ` [PATCH 01/11] procfs: Use the proc generic infrastructure for proc/self Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-1-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-16 16:35 ` [PATCH 02/11] procfs: Don't cache a pid in the root inode Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-2-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 1:07 ` Gao feng
2012-11-21 1:07 ` Gao feng
2012-11-16 16:35 ` [PATCH 03/11] pidns: Capture the user namespace and filter ns_last_pid Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-3-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 1:26 ` Gao feng
2012-11-21 1:26 ` Gao feng
2012-11-16 16:35 ` [PATCH 04/11] pidns: Use task_active_pid_ns where appropriate Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-4-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:02 ` Gao feng
2012-11-21 2:02 ` Gao feng
2012-11-16 16:35 ` [PATCH 05/11] pidns: Make the pidns proc mount/umount logic obvious Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-5-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-19 11:02 ` Gao feng
2012-11-19 11:02 ` Gao feng
2012-11-16 16:35 ` [PATCH 06/11] pidns: Don't allow new processes in a dead pid namespace Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-6-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:17 ` Gao feng
2012-11-21 2:17 ` Gao feng
2012-11-16 16:35 ` [PATCH 07/11] pidns: Wait in zap_pid_ns_processes until pid_ns->nr_hashed == 1 Eric W. Biederman
2012-11-16 16:35 ` [PATCH 08/11] pidns: Deny strange cases when creating pid namespaces Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-8-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:25 ` Gao feng
2012-11-21 2:25 ` Gao feng
2012-11-16 16:35 ` [PATCH 09/11] pidns: Add setns support Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-9-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-19 9:11 ` Gao feng
2012-11-19 9:11 ` Gao feng
[not found] ` <50A9F7DE.60807-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2012-11-19 9:27 ` Eric W. Biederman
2012-11-19 9:27 ` Eric W. Biederman
2012-11-21 2:36 ` Gao feng
2012-11-21 2:36 ` Gao feng
2012-11-16 16:35 ` [PATCH 10/11] pidns: Consolidate initialzation of special init task state Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-10-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:56 ` Gao feng
2012-11-21 2:56 ` Gao feng
2012-11-16 16:35 ` [PATCH 11/11] pidns: Support unsharing the pid namespace Eric W. Biederman
2012-11-16 16:35 ` Eric W. Biederman
[not found] ` <1353083750-3621-11-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:55 ` Gao feng
2012-11-21 2:55 ` Gao feng
2012-12-19 18:14 ` Oleg Nesterov
2012-12-19 18:14 ` Oleg Nesterov
[not found] ` <20121219181400.GA22991-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 1:43 ` Eric W. Biederman
2012-12-21 1:43 ` Eric W. Biederman
[not found] ` <871uektc2f.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-12-21 15:49 ` Oleg Nesterov
2012-12-21 15:49 ` Oleg Nesterov
[not found] ` <20121221154931.GA18730-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 17:51 ` Eric W. Biederman
2012-12-21 17:51 ` Eric W. Biederman
[not found] ` <87fw2zmgzc.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-12-21 19:24 ` Rob Landley
2012-12-21 19:24 ` Rob Landley
2012-12-21 22:58 ` Eric W. Biederman [this message]
2012-12-21 22:58 ` namespace documentation Eric W. Biederman
2012-11-16 16:35 ` [PATCH 07/11] pidns: Wait in zap_pid_ns_processes until pid_ns->nr_hashed == 1 Eric W. Biederman
[not found] ` <1353083750-3621-7-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-11-21 2:24 ` Gao feng
2012-11-21 2:24 ` Gao feng
2012-12-19 18:47 ` Oleg Nesterov
2012-12-19 18:47 ` Oleg Nesterov
[not found] ` <20121219184757.GB22991-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 1:19 ` Eric W. Biederman
2012-12-21 1:19 ` Eric W. Biederman
[not found] ` <87bodourqt.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-12-21 14:11 ` Oleg Nesterov
2012-12-21 14:11 ` Oleg Nesterov
[not found] ` <20121221141133.GA13805-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 15:02 ` Oleg Nesterov
2012-12-21 15:02 ` Oleg Nesterov
[not found] ` <20121221150238.GA16003-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 15:31 ` Oleg Nesterov
2012-12-21 15:31 ` Oleg Nesterov
[not found] ` <20121221153152.GA17250-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2012-12-21 18:42 ` Eric W. Biederman
2012-12-21 18:42 ` Eric W. Biederman
2012-12-21 18:33 ` Eric W. Biederman
2012-12-21 18:33 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fw2zj9lb.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=akpm@linux-foundation.org \
--cc=containers@lists.linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=oleg@redhat.com \
--cc=rob@landley.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.