From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman) Subject: Re: CLONE_NEWNET + unix domain sockets Date: Thu, 28 Apr 2011 13:03:46 -0700 Message-ID: References: <6E3DBEA16997DE780A11C637@Ximines.local> <20110425183459.GA29536@wavehammer.waldi.eu.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: (Alex Bligh's message of "Mon, 25 Apr 2011 19:54:10 +0100") List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Alex Bligh Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org, Bastian Blank List-Id: containers.vger.kernel.org Alex Bligh writes: > --On 25 April 2011 20:35:00 +0200 Bastian Blank > wrote: > >> On Mon, Apr 25, 2011 at 02:56:25PM +0100, Alex Bligh wrote: >>> but I don't understand why, or what the semantics are for interaction >>> between unshare(CLONE_NEWNET) and unix domain sockets. Any ideas? >> >> AFAIK sharing unix sockets between network namespaces is supported since >> 2.6.36 or so. > > I'm using 2.6.32-28-generic, and I'm doing > fork() > listen() > unshare(CLONE_NEWNET) > ... > accept() > > and it seems to be working. Is that forward compatible? Yes. Eric