Skip to main content
Unix & Linux

All Questions

Ask Question
Tagged with
8 questions
Newest Active Bountied Unanswered
0 votes
1 answer
124 views

Why the access to /proc/[pid]/ns needs to generate symlinks?

The directories of the form /proc/[pid]/ns get populated each time they are accessed. That is, each time they are accessed the kernel produces a symlink to somewhere in the namespace filesystem (not ...
caciquekampeon's user avatar
caciquekampeon
  • 1
0 votes
1 answer
518 views

How to spawn each child process in separate pid namespace

How to spawn each child in a separate PID namespace using unshare (without CLONE_NEWPID flag in child process clone syscall). I am able to successfully spawn first child in PID namespace but I am not ...
Karthik Nedunchezhiyan's user avatar
Karthik Nedunchezhiyan
  • 825
3 votes
0 answers
90 views

Which namespaces are the executable specified by `release_agent` executed in, when the last task leaves the cgroup?

Reading the documentation for Linux cgroups, I've come across the notify_on_release flag and how it relates to release_agent, i.e. the kernel runs the executable specified by release_agent, if ...
Shuzheng's user avatar
Shuzheng
  • 4,871
2 votes
0 answers
1k views

How to enter the root PID namespace from a distribution installed on WSL?

I've been experimenting with the Windows Subsystem for Linux v2 (WSL 2) and read in their FAQ that all distributions are installed on the same virtual machine (VM), isolated using namespaces, in Hyper-...
Shuzheng's user avatar
Shuzheng
  • 4,871
4 votes
1 answer
3k views

Do user (group) ID mappings in `/proc/[pid]/uid_map` (`/proc/[pid]/gid_map`) only apply for the process `[pid]` or globally for the whole namespace?

After reading man user_namespaces, I'm not sure, whether user (group) ID mappings to the parent namespace, set in /proc/[pid]/uid_map (/proc/[pid]/gid_map), apply to all processes in the namespace or ...
Shuzheng's user avatar
Shuzheng
  • 4,871
6 votes
0 answers
680 views

Opening /proc/<pid>/net/dev prevents network namespace from expiring, is this expected?

I'm looking for input whether the following observation related to network namespace expiration is expected, or should be reported as bug? When some process opens /proc/<pid>/net/dev it can ...
Arne Welzel's user avatar
Arne Welzel
  • 61
2 votes
2 answers
323 views

What parts of the kernel are not namespace aware? [closed]

I've started to learn Docker security, and so have come across cgroups, namespaces, and capabilities, which together with chroot form the basis of modern container technologies. Historically many ...
Shuzheng's user avatar
Shuzheng
  • 4,871
2 votes
1 answer
689 views

How to find official documentation about Linux kernel namespaces?

I've been using Docker for a while and I'm interested in learning its internals. I've read about kernel namespaces it uses. But I don't understand how they are used. So my problem is: I haven't found ...
Safar Safarli's user avatar
Safar Safarli
  • 123