From: Mike Waychison <Michael.Waychison@Sun.COM>
To: Ram Pai <linuxram@us.ibm.com>
Cc: linux-kernel@vger.kernel.org, viro@parcelfarce.linux.theplanet.co.uk
Subject: Re: per-process namespace?
Date: Wed, 30 Jun 2004 09:30:11 -0400 [thread overview]
Message-ID: <40E2C063.2010806@sun.com> (raw)
In-Reply-To: <1088547899.4788.41.camel@dyn319623-009047021109.beaverton.ibm.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ram Pai wrote:
> On Tue, 2004-06-29 at 14:10, Mike Waychison wrote:
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>Ram Pai wrote:
>>
>>>Is there a way for an application to
>>>1. fork its own namespace and modify it, and
>>>2. still be able to see changes to the system namespace?
>>>
>>>Al Viro's Per-process namespace implementation provides the first
>>>feature. But is there any work done to do the second part? Is it worth
>>>doing?
>>>
>>>RP
>>
>>In what sense?
>>
>>The current model has no definition for a 'system namespace'.
>
>
> by 'system namespace' I mean the very first initial hand-crafted
> namespace.
>
The problem is that namespaces have no inherent hierarchy to them. Once
you create one, all relation to the parenting namespace is lost. You
can't even tell if you are in a different namespace from the 'system
namespace' other than by comparing /proc/self/mounts with /proc/1/mounts.
>
>>Accessing /proc/<pid>/mounts where <pid> is running in a different
>>namespace appears to work.
>
>
> Are you sure? I dont see it to be the case. I just verified it on 2.6.7
> /proc/<pid>/mounts is a file. However /proc/pid/root is a symbolic link
> to the root directory of the process. So the process with a cloned
> namespace wont be able to access it through its namespace.
>
>
Yes. mounts gives you the mount-table. root is a symbolic link. You
can obtain the fd across a fork or over a unix socket. Proc doesn't
give you any magic files to access namespaces directly.
- --
Mike Waychison
Sun Microsystems, Inc.
1 (650) 352-5299 voice
1 (416) 202-8336 voice
http://www.sun.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE: The opinions expressed in this email are held by me,
and may not represent the views of Sun Microsystems, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA4sBidQs4kOxk3/MRAgFUAJ0V19QWPRhT3OMJeSi/2cGhwpJB1ACePHSE
aYAsHb1TNiY7bs7a+FFBsno=
=qpir
-----END PGP SIGNATURE-----
prev parent reply other threads:[~2004-06-30 13:30 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-29 18:47 per-process namespace? Ram Pai
2004-06-29 21:10 ` Mike Waychison
2004-06-29 22:10 ` viro
2004-06-29 23:22 ` Ram Pai
2004-06-30 13:15 ` Mike Waychison
2004-06-30 18:15 ` Ram Pai
2004-07-01 0:14 ` Serge E. Hallyn
2004-07-01 1:32 ` Ram Pai
2004-06-29 22:25 ` Ram Pai
2004-06-30 13:30 ` Mike Waychison [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40E2C063.2010806@sun.com \
--to=michael.waychison@sun.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxram@us.ibm.com \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox