mirror of https://github.com/mkerrisk/man-pages
namespaces.7: ffix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk
parent
6e2ef46bb8
commit
77eaf0524b
|
|
@ -34,7 +34,7 @@ have their own isolated instance of the global resource.
|
||||||
Changes to the global resource are visible to other processes
|
Changes to the global resource are visible to other processes
|
||||||
that are members of the namespace, but are invisible to other processes.
|
that are members of the namespace, but are invisible to other processes.
|
||||||
One use of namespaces is to implement containers.
|
One use of namespaces is to implement containers.
|
||||||
|
.PP
|
||||||
Linux provides the following namespaces:
|
Linux provides the following namespaces:
|
||||||
.TS
|
.TS
|
||||||
lB lB lB
|
lB lB lB
|
||||||
|
|
@ -48,7 +48,7 @@ PID CLONE_NEWPID Process IDs
|
||||||
User CLONE_NEWUSER User and group IDs
|
User CLONE_NEWUSER User and group IDs
|
||||||
UTS CLONE_NEWUTS Hostname and NIS domain name
|
UTS CLONE_NEWUTS Hostname and NIS domain name
|
||||||
.TE
|
.TE
|
||||||
|
.PP
|
||||||
This page describes the various namespaces and the associated
|
This page describes the various namespaces and the associated
|
||||||
.I /proc
|
.I /proc
|
||||||
files, and summarizes the APIs for working with namespaces.
|
files, and summarizes the APIs for working with namespaces.
|
||||||
|
|
@ -115,7 +115,7 @@ Each process has a
|
||||||
subdirectory containing one entry for each namespace that
|
subdirectory containing one entry for each namespace that
|
||||||
supports being manipulated by
|
supports being manipulated by
|
||||||
.BR setns (2):
|
.BR setns (2):
|
||||||
|
.PP
|
||||||
.in +4n
|
.in +4n
|
||||||
.nf
|
.nf
|
||||||
$ \fBls \-l /proc/$$/ns\fP
|
$ \fBls \-l /proc/$$/ns\fP
|
||||||
|
|
@ -130,7 +130,7 @@ lrwxrwxrwx. 1 mtk mtk 0 Apr 28 12:46 user \-> user:[4026531837]
|
||||||
lrwxrwxrwx. 1 mtk mtk 0 Apr 28 12:46 uts \-> uts:[4026531838]
|
lrwxrwxrwx. 1 mtk mtk 0 Apr 28 12:46 uts \-> uts:[4026531838]
|
||||||
.fi
|
.fi
|
||||||
.in
|
.in
|
||||||
|
.PP
|
||||||
Bind mounting (see
|
Bind mounting (see
|
||||||
.BR mount (2))
|
.BR mount (2))
|
||||||
one of the files in this directory
|
one of the files in this directory
|
||||||
|
|
@ -138,7 +138,7 @@ to somewhere else in the filesystem keeps
|
||||||
the corresponding namespace of the process specified by
|
the corresponding namespace of the process specified by
|
||||||
.I pid
|
.I pid
|
||||||
alive even if all processes currently in the namespace terminate.
|
alive even if all processes currently in the namespace terminate.
|
||||||
|
.PP
|
||||||
Opening one of the files in this directory
|
Opening one of the files in this directory
|
||||||
(or a file that is bind mounted to one of these files)
|
(or a file that is bind mounted to one of these files)
|
||||||
returns a file handle for
|
returns a file handle for
|
||||||
|
|
@ -149,7 +149,7 @@ the namespace will remain alive,
|
||||||
even if all processes in the namespace terminate.
|
even if all processes in the namespace terminate.
|
||||||
The file descriptor can be passed to
|
The file descriptor can be passed to
|
||||||
.BR setns (2).
|
.BR setns (2).
|
||||||
|
.PP
|
||||||
In Linux 3.7 and earlier, these files were visible as hard links.
|
In Linux 3.7 and earlier, these files were visible as hard links.
|
||||||
Since Linux 3.8,
|
Since Linux 3.8,
|
||||||
.\" commit bf056bfa80596a5d14b26b17276a56a0dcb080e5
|
.\" commit bf056bfa80596a5d14b26b17276a56a0dcb080e5
|
||||||
|
|
@ -162,14 +162,14 @@ field returned by
|
||||||
.BR stat (2).
|
.BR stat (2).
|
||||||
The content of this symbolic link is a string containing
|
The content of this symbolic link is a string containing
|
||||||
the namespace type and inode number as in the following example:
|
the namespace type and inode number as in the following example:
|
||||||
|
.PP
|
||||||
.in +4n
|
.in +4n
|
||||||
.nf
|
.nf
|
||||||
$ \fBreadlink /proc/$$/ns/uts\fP
|
$ \fBreadlink /proc/$$/ns/uts\fP
|
||||||
uts:[4026531838]
|
uts:[4026531838]
|
||||||
.fi
|
.fi
|
||||||
.in
|
.in
|
||||||
|
.PP
|
||||||
The symbolic links in this subdirectory are as follows:
|
The symbolic links in this subdirectory are as follows:
|
||||||
.TP
|
.TP
|
||||||
.IR /proc/[pid]/ns/cgroup " (since Linux 4.6)"
|
.IR /proc/[pid]/ns/cgroup " (since Linux 4.6)"
|
||||||
|
|
@ -324,13 +324,13 @@ POSIX message queues (see
|
||||||
The common characteristic of these IPC mechanisms is that IPC
|
The common characteristic of these IPC mechanisms is that IPC
|
||||||
objects are identified by mechanisms other than filesystem
|
objects are identified by mechanisms other than filesystem
|
||||||
pathnames.
|
pathnames.
|
||||||
|
.PP
|
||||||
Each IPC namespace has its own set of System V IPC identifiers and
|
Each IPC namespace has its own set of System V IPC identifiers and
|
||||||
its own POSIX message queue filesystem.
|
its own POSIX message queue filesystem.
|
||||||
Objects created in an IPC namespace are visible to all other processes
|
Objects created in an IPC namespace are visible to all other processes
|
||||||
that are members of that namespace,
|
that are members of that namespace,
|
||||||
but are not visible to processes in other IPC namespaces.
|
but are not visible to processes in other IPC namespaces.
|
||||||
|
.PP
|
||||||
The following
|
The following
|
||||||
.I /proc
|
.I /proc
|
||||||
interfaces are distinct in each IPC namespace:
|
interfaces are distinct in each IPC namespace:
|
||||||
|
|
@ -357,7 +357,7 @@ The System V IPC interfaces in
|
||||||
When an IPC namespace is destroyed
|
When an IPC namespace is destroyed
|
||||||
(i.e., when the last process that is a member of the namespace terminates),
|
(i.e., when the last process that is a member of the namespace terminates),
|
||||||
all IPC objects in the namespace are automatically destroyed.
|
all IPC objects in the namespace are automatically destroyed.
|
||||||
|
.PP
|
||||||
Use of IPC namespaces requires a kernel that is configured with the
|
Use of IPC namespaces requires a kernel that is configured with the
|
||||||
.B CONFIG_IPC_NS
|
.B CONFIG_IPC_NS
|
||||||
option.
|
option.
|
||||||
|
|
@ -379,12 +379,12 @@ A virtual network device ("veth") pair provides a pipe-like abstraction
|
||||||
that can be used to create tunnels between network namespaces,
|
that can be used to create tunnels between network namespaces,
|
||||||
and can be used to create a bridge to a physical network device
|
and can be used to create a bridge to a physical network device
|
||||||
in another namespace.
|
in another namespace.
|
||||||
|
.PP
|
||||||
When a network namespace is freed
|
When a network namespace is freed
|
||||||
(i.e., when the last process in the namespace terminates),
|
(i.e., when the last process in the namespace terminates),
|
||||||
its physical network devices are moved back to the
|
its physical network devices are moved back to the
|
||||||
initial network namespace (not to the parent of the process).
|
initial network namespace (not to the parent of the process).
|
||||||
|
.PP
|
||||||
Use of network namespaces requires a kernel that is configured with the
|
Use of network namespaces requires a kernel that is configured with the
|
||||||
.B CONFIG_NET_NS
|
.B CONFIG_NET_NS
|
||||||
option.
|
option.
|
||||||
|
|
@ -421,7 +421,7 @@ and can be retrieved using
|
||||||
.BR gethostname (2),
|
.BR gethostname (2),
|
||||||
and
|
and
|
||||||
.BR getdomainname (2).
|
.BR getdomainname (2).
|
||||||
|
.PP
|
||||||
Use of UTS namespaces requires a kernel that is configured with the
|
Use of UTS namespaces requires a kernel that is configured with the
|
||||||
.B CONFIG_UTS_NS
|
.B CONFIG_UTS_NS
|
||||||
option.
|
option.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue