2013-01-13 23:45:09 +00:00
|
|
|
.\" Copyright (c) 2013 by Michael Kerrisk <mtk.manpages@gmail.com>
|
2013-01-14 04:33:36 +00:00
|
|
|
.\" and Copyright (c) 2012 by Eric W. Biederman <ebiederm@xmission.com>
|
2013-01-13 23:45:09 +00:00
|
|
|
.\"
|
2014-09-16 07:05:40 +00:00
|
|
|
.\" %%%LICENSE_START(VERBATIM)
|
2013-01-13 23:45:09 +00:00
|
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
|
|
.\" preserved on all copies.
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to copy and distribute modified versions of this
|
|
|
|
.\" manual under the conditions for verbatim copying, provided that the
|
|
|
|
.\" entire resulting derived work is distributed under the terms of a
|
|
|
|
.\" permission notice identical to this one.
|
|
|
|
.\"
|
|
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume no
|
|
|
|
.\" responsibility for errors or omissions, or for damages resulting from
|
|
|
|
.\" the use of the information contained herein. The author(s) may not
|
|
|
|
.\" have taken the same level of care in the production of this manual,
|
|
|
|
.\" which is licensed free of charge, as they might when working
|
|
|
|
.\" professionally.
|
|
|
|
.\"
|
|
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
2014-09-16 07:05:40 +00:00
|
|
|
.\" %%%LICENSE_END
|
2013-01-13 23:45:09 +00:00
|
|
|
.\"
|
|
|
|
.\"
|
locale.1, localedef.1, _exit.2, accept.2, access.2, acct.2, adjtimex.2, bdflush.2, bind.2, bpf.2, brk.2, chdir.2, chmod.2, chown.2, chroot.2, clock_nanosleep.2, clone.2, close.2, connect.2, copy_file_range.2, create_module.2, delete_module.2, dup.2, epoll_ctl.2, eventfd.2, execve.2, fallocate.2, fanotify_init.2, fcntl.2, flock.2, fork.2, fsync.2, futex.2, get_kernel_syms.2, getdomainname.2, getgroups.2, gethostname.2, getpagesize.2, getpeername.2, getsid.2, getsockname.2, getsockopt.2, gettimeofday.2, init_module.2, ioctl.2, ioctl_list.2, ioperm.2, iopl.2, kexec_load.2, kill.2, killpg.2, link.2, listen.2, llseek.2, lseek.2, madvise.2, memfd_create.2, mincore.2, mkdir.2, mknod.2, mmap.2, mount.2, nanosleep.2, nice.2, open.2, personality.2, pipe.2, poll.2, posix_fadvise.2, read.2, readahead.2, readlink.2, readv.2, recv.2, recvmmsg.2, rename.2, request_key.2, sched_setaffinity.2, sched_setattr.2, select.2, select_tut.2, semctl.2, semop.2, send.2, sendfile.2, sendmmsg.2, seteuid.2, setns.2, setpgid.2, setreuid.2, shutdown.2, sigaction.2, sigaltstack.2, signal.2, signalfd.2, sigpending.2, sigprocmask.2, sigsuspend.2, socketpair.2, splice.2, stat.2, statfs.2, stime.2, symlink.2, sync.2, syscall.2, syscalls.2, times.2, truncate.2, unlink.2, unshare.2, uselib.2, utimensat.2, vfork.2, vhangup.2, wait.2, wait4.2, write.2, a64l.3, abs.3, acos.3, acosh.3, addseverity.3, adjtime.3, aio_read.3, aio_write.3, asin.3, asinh.3, atan.3, atan2.3, atanh.3, atoi.3, backtrace.3, cbrt.3, ceil.3, cfree.3, clearenv.3, clock_getcpuclockid.3, clog10.3, cmsg.3, copysign.3, cos.3, cosh.3, ctermid.3, ctime.3, daemon.3, dirfd.3, div.3, dl_iterate_phdr.3, drand48.3, drand48_r.3, dysize.3, ecvt.3, ecvt_r.3, endian.3, erf.3, erfc.3, errno.3, exec.3, exp.3, exp2.3, expm1.3, fabs.3, fdim.3, ferror.3, fexecve.3, ffs.3, fgetgrent.3, fgetpwent.3, finite.3, flockfile.3, floor.3, fma.3, fmax.3, fmin.3, fmod.3, fopen.3, fpclassify.3, frexp.3, fseeko.3, fts.3, futimes.3, fwide.3, gamma.3, gcvt.3, getaddrinfo.3, getcwd.3, getdate.3, getdirentries.3, getdtablesize.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, gethostbyname.3, gethostid.3, getline.3, getloadavg.3, getmntent.3, getnameinfo.3, getnetent_r.3, getpass.3, getprotoent_r.3, getpwent.3, getpwent_r.3, getpwnam.3, getrpcent_r.3, getservent_r.3, getspnam.3, getsubopt.3, getusershell.3, getutent.3, getw.3, gsignal.3, hypot.3, ilogb.3, inet.3, initgroups.3, insque.3, isalpha.3, isgreater.3, iswblank.3, j0.3, ldexp.3, lgamma.3, lio_listio.3, lockf.3, log.3, log10.3, log1p.3, log2.3, logb.3, lrint.3, lround.3, makedev.3, matherr.3, mbsnrtowcs.3, mkdtemp.3, mkfifo.3, mkstemp.3, mktemp.3, modf.3, mq_close.3, mq_getattr.3, mq_notify.3, mq_receive.3, mq_send.3, nan.3, nextafter.3, on_exit.3, open_memstream.3, opendir.3, perror.3, popen.3, posix_fallocate.3, posix_madvise.3, posix_memalign.3, posix_openpt.3, posix_spawn.3, pow.3, printf.3, profil.3, psignal.3, pthread_attr_setstack.3, pthread_setaffinity_np.3, putenv.3, putpwent.3, qecvt.3, rand.3, random.3, random_r.3, rcmd.3, readdir.3, realpath.3, remainder.3, remquo.3, rexec.3, rint.3, round.3, rpc.3, rpmatch.3, scalb.3, scalbln.3, scandir.3, scanf.3, seekdir.3, sem_wait.3, setbuf.3, setenv.3, setjmp.3, setnetgrent.3, siginterrupt.3, signbit.3, significand.3, sigset.3, sigsetops.3, sigvec.3, sigwait.3, sin.3, sinh.3, sleep.3, sockatmark.3, sqrt.3, statvfs.3, stpcpy.3, stpncpy.3, strdup.3, strerror.3, strftime.3, strlen.3, strnlen.3, strsep.3, strsignal.3, strtod.3, strtok.3, strtol.3, strtoul.3, syslog.3, system.3, tan.3, tanh.3, telldir.3, tempnam.3, termios.3, tgamma.3, timegm.3, timeradd.3, tmpfile.3, tmpnam.3, toascii.3, trunc.3, ttyslot.3, tzset.3, ualarm.3, unlocked_stdio.3, usleep.3, wcpcpy.3, wcpncpy.3, wcscasecmp.3, wcsdup.3, wcsncasecmp.3, wcsnlen.3, wcsnrtombs.3, wprintf.3, y0.3, pts.4, st.4, tty_ioctl.4, elf.5, gai.conf.5, group.5, locale.5, nsswitch.conf.5, proc.5, utmp.5, aio.7, capabilities.7, credentials.7, environ.7, epoll.7, fanotify.7, feature_test_macros.7, inotify.7, ip.7, mq_overview.7, namespaces.7, pipe.7, signal.7, socket.7, standards.7, svipc.7, symlink.7, time.7, unicode.7, unix.7: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-03-15 03:46:01 +00:00
|
|
|
.TH NAMESPACES 7 2016-03-15 "Linux" "Linux Programmer's Manual"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SH NAME
|
|
|
|
namespaces \- overview of Linux namespaces
|
|
|
|
.SH DESCRIPTION
|
|
|
|
A namespace wraps a global system resource in an abstraction that
|
|
|
|
makes it appear to the processes within the namespace that they
|
|
|
|
have their own isolated instance of the global resource.
|
|
|
|
Changes to the global resource are visible to other processes
|
|
|
|
that are members of the namespace, but are invisible to other processes.
|
|
|
|
One use of namespaces is to implement containers.
|
|
|
|
|
2014-06-02 13:33:41 +00:00
|
|
|
Linux provides the following namespaces:
|
|
|
|
.TS
|
|
|
|
lB lB lB
|
|
|
|
l lB l.
|
|
|
|
Namespace Constant Isolates
|
2014-09-21 20:50:35 +00:00
|
|
|
IPC CLONE_NEWIPC System V IPC, POSIX message queues
|
2014-06-02 13:33:41 +00:00
|
|
|
Network CLONE_NEWNET Network devices, stacks, ports, etc.
|
|
|
|
Mount CLONE_NEWNS Mount points
|
|
|
|
PID CLONE_NEWPID Process IDs
|
|
|
|
User CLONE_NEWUSER User and group IDs
|
|
|
|
UTS CLONE_NEWUTS Hostname and NIS domain name
|
|
|
|
.TE
|
|
|
|
|
2013-01-13 23:45:09 +00:00
|
|
|
This page describes the various namespaces and the associated
|
|
|
|
.I /proc
|
|
|
|
files, and summarizes the APIs for working with namespaces.
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== The namespaces API ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS The namespaces API
|
|
|
|
As well as various
|
|
|
|
.I /proc
|
|
|
|
files described below,
|
2013-02-18 15:10:30 +00:00
|
|
|
the namespaces API includes the following system calls:
|
2013-01-13 23:45:09 +00:00
|
|
|
.TP
|
|
|
|
.BR clone (2)
|
|
|
|
The
|
|
|
|
.BR clone (2)
|
|
|
|
system call creates a new process.
|
|
|
|
If the
|
|
|
|
.I flags
|
|
|
|
argument of the call specifies one or more of the
|
|
|
|
.B CLONE_NEW*
|
|
|
|
flags listed below, then new namespaces are created for each flag,
|
|
|
|
and the child process is made a member of those namespaces.
|
|
|
|
(This system call also implements a number of features
|
|
|
|
unrelated to namespaces.)
|
|
|
|
.TP
|
|
|
|
.BR setns (2)
|
|
|
|
The
|
|
|
|
.BR setns (2)
|
|
|
|
system call allows the calling process to join an existing namespace.
|
|
|
|
The namespace to join is specified via a file descriptor that refers to
|
|
|
|
one of the
|
|
|
|
.IR /proc/[pid]/ns
|
|
|
|
files described below.
|
|
|
|
.TP
|
|
|
|
.BR unshare (2)
|
|
|
|
The
|
|
|
|
.BR unshare (2)
|
|
|
|
system call moves the calling process to a new namespace.
|
|
|
|
If the
|
|
|
|
.I flags
|
|
|
|
argument of the call specifies one or more of the
|
|
|
|
.B CLONE_NEW*
|
|
|
|
flags listed below, then new namespaces are created for each flag,
|
|
|
|
and the calling process is made a member of those namespaces.
|
|
|
|
(This system call also implements a number of features
|
|
|
|
unrelated to namespaces.)
|
2013-01-16 09:24:52 +00:00
|
|
|
.PP
|
2013-01-14 05:08:22 +00:00
|
|
|
Creation of new namespaces using
|
|
|
|
.BR clone (2)
|
|
|
|
and
|
|
|
|
.BR unshare (2)
|
|
|
|
in most cases requires the
|
|
|
|
.BR CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
User namespaces are the exception: since Linux 3.8,
|
2013-01-14 08:30:04 +00:00
|
|
|
no privilege is required to create a user namespace.
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== The /proc/[pid]/ns/ directory ====================
|
|
|
|
.\"
|
2013-01-14 00:22:01 +00:00
|
|
|
.SS The /proc/[pid]/ns/ directory
|
2014-09-21 09:24:24 +00:00
|
|
|
Each process has a
|
2013-01-14 00:22:01 +00:00
|
|
|
.IR /proc/[pid]/ns/
|
|
|
|
.\" See commit 6b4e306aa3dc94a0545eb9279475b1ab6209a31f
|
|
|
|
subdirectory containing one entry for each namespace that
|
|
|
|
supports being manipulated by
|
2013-01-14 00:24:16 +00:00
|
|
|
.BR setns (2):
|
|
|
|
|
|
|
|
.in +4n
|
|
|
|
.nf
|
|
|
|
$ \fBls -l /proc/$$/ns\fP
|
|
|
|
total 0
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 ipc -> ipc:[4026531839]
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 mnt -> mnt:[4026531840]
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 net -> net:[4026531956]
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 pid -> pid:[4026531836]
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 user -> user:[4026531837]
|
|
|
|
lrwxrwxrwx. 1 mtk mtk 0 Jan 14 01:20 uts -> uts:[4026531838]
|
|
|
|
.fi
|
|
|
|
.in
|
2013-01-14 00:22:01 +00:00
|
|
|
|
|
|
|
Bind mounting (see
|
|
|
|
.BR mount (2))
|
|
|
|
one of the files in this directory
|
2014-03-14 18:54:00 +00:00
|
|
|
to somewhere else in the filesystem keeps
|
2013-01-14 00:22:01 +00:00
|
|
|
the corresponding namespace of the process specified by
|
|
|
|
.I pid
|
|
|
|
alive even if all processes currently in the namespace terminate.
|
|
|
|
|
|
|
|
Opening one of the files in this directory
|
|
|
|
(or a file that is bind mounted to one of these files)
|
|
|
|
returns a file handle for
|
|
|
|
the corresponding namespace of the process specified by
|
|
|
|
.IR pid .
|
|
|
|
As long as this file descriptor remains open,
|
|
|
|
the namespace will remain alive,
|
|
|
|
even if all processes in the namespace terminate.
|
|
|
|
The file descriptor can be passed to
|
|
|
|
.BR setns (2).
|
|
|
|
|
|
|
|
In Linux 3.7 and earlier, these files were visible as hard links.
|
|
|
|
Since Linux 3.8, they appear as symbolic links.
|
|
|
|
If two processes are in the same namespace, then the inode numbers of their
|
|
|
|
.IR /proc/[pid]/ns/xxx
|
|
|
|
symbolic links will be the same; an application can check this using the
|
|
|
|
.I stat.st_ino
|
|
|
|
field returned by
|
|
|
|
.BR stat (2).
|
|
|
|
The content of this symbolic link is a string containing
|
|
|
|
the namespace type and inode number as in the following example:
|
|
|
|
|
|
|
|
.in +4n
|
|
|
|
.nf
|
|
|
|
$ \fBreadlink /proc/$$/ns/uts\fP
|
|
|
|
uts:[4026531838]
|
|
|
|
.fi
|
|
|
|
.in
|
|
|
|
|
|
|
|
The files in this subdirectory are as follows:
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/ipc " (since Linux 3.0)"
|
|
|
|
This file is a handle for the IPC namespace of the process.
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/mnt " (since Linux 3.8)"
|
|
|
|
This file is a handle for the mount namespace of the process.
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/net " (since Linux 3.0)"
|
|
|
|
This file is a handle for the network namespace of the process.
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/pid " (since Linux 3.8)"
|
|
|
|
This file is a handle for the PID namespace of the process.
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/user " (since Linux 3.8)"
|
|
|
|
This file is a handle for the user namespace of the process.
|
|
|
|
.TP
|
|
|
|
.IR /proc/[pid]/ns/uts " (since Linux 3.0)"
|
2014-09-01 17:00:32 +00:00
|
|
|
This file is a handle for the UTS namespace of the process.
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== IPC namespaces ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS IPC namespaces (CLONE_NEWIPC)
|
|
|
|
IPC namespaces isolate certain IPC resources,
|
|
|
|
namely, System V IPC objects (see
|
|
|
|
.BR svipc (7))
|
2013-01-14 03:21:33 +00:00
|
|
|
and (since Linux 2.6.30)
|
|
|
|
.\" commit 7eafd7c74c3f2e67c27621b987b28397110d643f
|
|
|
|
.\" https://lwn.net/Articles/312232/
|
|
|
|
POSIX message queues (see
|
2014-11-02 19:23:55 +00:00
|
|
|
.BR mq_overview (7)).
|
2013-01-14 03:21:33 +00:00
|
|
|
The common characteristic of these IPC mechanisms is that IPC
|
2014-03-14 18:54:00 +00:00
|
|
|
objects are identified by mechanisms other than filesystem
|
2013-01-14 03:21:33 +00:00
|
|
|
pathnames.
|
|
|
|
|
2013-01-13 23:45:09 +00:00
|
|
|
Each IPC namespace has its own set of System V IPC identifiers and
|
2014-03-14 18:54:00 +00:00
|
|
|
its own POSIX message queue filesystem.
|
2013-01-14 03:21:33 +00:00
|
|
|
Objects created in an IPC namespace are visible to all other processes
|
|
|
|
that are members of that namespace,
|
|
|
|
but are not visible to processes in other IPC namespaces.
|
|
|
|
|
2013-03-18 08:42:04 +00:00
|
|
|
The following
|
|
|
|
.I /proc
|
|
|
|
interfaces are distinct in each IPC namespace:
|
|
|
|
.IP * 3
|
|
|
|
The POSIX message queue interfaces in
|
|
|
|
.IR /proc/sys/fs/mqueue .
|
|
|
|
.IP *
|
2014-06-02 13:22:54 +00:00
|
|
|
The System V IPC interfaces in
|
2013-03-18 08:42:04 +00:00
|
|
|
.IR /proc/sys/kernel ,
|
|
|
|
namely:
|
|
|
|
.IR msgmax ,
|
|
|
|
.IR msgmnb ,
|
|
|
|
.IR msgmni ,
|
|
|
|
.IR sem ,
|
|
|
|
.IR shmall ,
|
|
|
|
.IR shmmax ,
|
|
|
|
.IR shmmni ,
|
|
|
|
and
|
|
|
|
.IR shm_rmid_forced .
|
|
|
|
.IP *
|
2014-06-02 13:22:54 +00:00
|
|
|
The System V IPC interfaces in
|
2013-03-18 08:42:04 +00:00
|
|
|
.IR /proc/sysvipc .
|
|
|
|
.PP
|
2013-01-14 03:21:33 +00:00
|
|
|
When an IPC namespace is destroyed
|
|
|
|
(i.e., when the last process that is a member of the namespace terminates),
|
|
|
|
all IPC objects in the namespace are automatically destroyed.
|
|
|
|
|
|
|
|
Use of IPC namespaces requires a kernel that is configured with the
|
|
|
|
.B CONFIG_IPC_NS
|
|
|
|
option.
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== Network namespaces ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS Network namespaces (CLONE_NEWNET)
|
|
|
|
Network namespaces provide isolation of the system resources associated
|
2013-03-05 11:23:26 +00:00
|
|
|
with networking: network devices, IPv4 and IPv6 protocol stacks,
|
|
|
|
IP routing tables, firewalls, the
|
2013-01-13 23:45:09 +00:00
|
|
|
.I /proc/net
|
2014-09-21 09:24:24 +00:00
|
|
|
directory, the
|
|
|
|
.I /sys/class/net
|
2014-06-02 13:23:13 +00:00
|
|
|
directory, port numbers (sockets), and so on.
|
2013-01-14 03:24:34 +00:00
|
|
|
A physical network device can live in exactly one
|
|
|
|
network namespace.
|
|
|
|
A virtual network device ("veth") pair provides a pipe-like abstraction
|
|
|
|
.\" FIXME Add pointer to veth(4) page when it is eventually completed
|
|
|
|
that can be used to create tunnels between network namespaces,
|
|
|
|
and can be used to create a bridge to a physical network device
|
|
|
|
in another namespace.
|
|
|
|
|
|
|
|
When a network namespace is freed
|
|
|
|
(i.e., when the last process in the namespace terminates),
|
|
|
|
its physical network devices are moved back to the
|
|
|
|
initial network namespace (not to the parent of the process).
|
|
|
|
|
|
|
|
Use of network namespaces requires a kernel that is configured with the
|
|
|
|
.B CONFIG_NET_NS
|
|
|
|
option.
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== Mount namespaces ====================
|
|
|
|
.\"
|
2013-01-14 00:01:21 +00:00
|
|
|
.SS Mount namespaces (CLONE_NEWNS)
|
2014-03-14 18:54:00 +00:00
|
|
|
Mount namespaces isolate the set of filesystem mount points,
|
2013-01-14 00:01:21 +00:00
|
|
|
meaning that processes in different mount namespaces can
|
2014-03-14 18:54:00 +00:00
|
|
|
have different views of the filesystem hierarchy.
|
2013-01-14 00:01:21 +00:00
|
|
|
The set of mounts in a mount namespace is modified using
|
|
|
|
.BR mount (2)
|
|
|
|
and
|
|
|
|
.BR umount (2).
|
|
|
|
|
|
|
|
The
|
|
|
|
.IR /proc/[pid]/mounts
|
|
|
|
file (present since Linux 2.4.19)
|
2014-03-14 18:54:00 +00:00
|
|
|
lists all the filesystems currently mounted in the
|
2013-01-14 00:01:21 +00:00
|
|
|
process's mount namespace.
|
|
|
|
The format of this file is documented in
|
|
|
|
.BR fstab (5).
|
|
|
|
Since kernel version 2.6.15, this file is pollable:
|
|
|
|
after opening the file for reading, a change in this file
|
2014-03-14 18:54:00 +00:00
|
|
|
(i.e., a filesystem mount or unmount) causes
|
2013-01-14 00:01:21 +00:00
|
|
|
.BR select (2)
|
|
|
|
to mark the file descriptor as readable, and
|
|
|
|
.BR poll (2)
|
|
|
|
and
|
|
|
|
.BR epoll_wait (2)
|
|
|
|
mark the file as having an error condition.
|
|
|
|
|
2013-01-14 00:11:55 +00:00
|
|
|
The
|
|
|
|
.IR /proc/[pid]/mountstats
|
|
|
|
file (present since Linux 2.6.17)
|
|
|
|
exports information (statistics, configuration information)
|
|
|
|
about the mount points in the process's mount namespace.
|
2015-01-28 09:39:58 +00:00
|
|
|
This file is readable only by the owner of the process.
|
2013-01-14 00:11:55 +00:00
|
|
|
Lines in this file have the form:
|
|
|
|
.RS
|
|
|
|
.in 12
|
|
|
|
.nf
|
|
|
|
|
|
|
|
device /dev/sda7 mounted on /home with fstype ext3 [statistics]
|
|
|
|
( 1 ) ( 2 ) (3 ) (4)
|
|
|
|
.fi
|
|
|
|
.in
|
|
|
|
|
|
|
|
The fields in each line are:
|
|
|
|
.TP 5
|
|
|
|
(1)
|
|
|
|
The name of the mounted device
|
|
|
|
(or "nodevice" if there is no corresponding device).
|
|
|
|
.TP
|
|
|
|
(2)
|
2014-03-14 18:54:00 +00:00
|
|
|
The mount point within the filesystem tree.
|
2013-01-14 00:11:55 +00:00
|
|
|
.TP
|
|
|
|
(3)
|
2014-03-14 18:54:00 +00:00
|
|
|
The filesystem type.
|
2013-01-14 00:11:55 +00:00
|
|
|
.TP
|
|
|
|
(4)
|
|
|
|
Optional statistics and configuration information.
|
2014-03-14 18:54:00 +00:00
|
|
|
Currently (as at Linux 2.6.26), only NFS filesystems export
|
2013-01-14 00:11:55 +00:00
|
|
|
information via this field.
|
|
|
|
.RE
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== PID namespaces ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS PID namespaces (CLONE_NEWPID)
|
2013-02-27 06:50:25 +00:00
|
|
|
See
|
|
|
|
.BR pid_namespaces (7).
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== User namespaces ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS User namespaces (CLONE_NEWUSER)
|
2013-02-27 06:08:06 +00:00
|
|
|
See
|
|
|
|
.BR user_namespaces (7).
|
2013-02-25 13:00:44 +00:00
|
|
|
.\"
|
|
|
|
.\" ==================== UTS namespaces ====================
|
|
|
|
.\"
|
2013-01-13 23:45:09 +00:00
|
|
|
.SS UTS namespaces (CLONE_NEWUTS)
|
|
|
|
UTS namespaces provide isolation of two system identifiers:
|
|
|
|
the hostname and the NIS domain name.
|
|
|
|
These identifiers are set using
|
|
|
|
.BR sethostname (2)
|
|
|
|
and
|
|
|
|
.BR setdomainname (2),
|
|
|
|
and can be retrieved using
|
|
|
|
.BR uname (2),
|
|
|
|
.BR gethostname (2),
|
|
|
|
and
|
|
|
|
.BR getdomainname (2).
|
|
|
|
|
2013-01-14 05:14:16 +00:00
|
|
|
Use of UTS namespaces requires a kernel that is configured with the
|
|
|
|
.B CONFIG_UTS_NS
|
|
|
|
option.
|
2013-01-13 23:45:09 +00:00
|
|
|
.SH CONFORMING TO
|
|
|
|
Namespaces are a Linux-specific feature.
|
2013-03-01 07:53:55 +00:00
|
|
|
.SH EXAMPLE
|
|
|
|
See
|
|
|
|
.BR user_namespaces (7).
|
2013-01-13 23:45:09 +00:00
|
|
|
.SH SEE ALSO
|
2016-02-15 12:32:43 +00:00
|
|
|
.BR lsns (1),
|
2013-01-17 19:02:12 +00:00
|
|
|
.BR nsenter (1),
|
2013-01-13 23:45:09 +00:00
|
|
|
.BR readlink (1),
|
2013-01-17 19:02:12 +00:00
|
|
|
.BR unshare (1),
|
2013-01-13 23:45:09 +00:00
|
|
|
.BR clone (2),
|
|
|
|
.BR setns (2),
|
|
|
|
.BR unshare (2),
|
|
|
|
.BR proc (5),
|
|
|
|
.BR credentials (7),
|
2013-02-11 23:13:01 +00:00
|
|
|
.BR capabilities (7),
|
2013-02-27 06:50:25 +00:00
|
|
|
.BR pid_namespaces (7),
|
2013-02-27 06:08:06 +00:00
|
|
|
.BR user_namespaces (7),
|
2013-02-11 23:13:01 +00:00
|
|
|
.BR switch_root (8)
|