mirror of https://github.com/mkerrisk/man-pages
namespaces.7: ffix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
6e2ef46bb8
commit
77eaf0524b
|
@ -34,7 +34,7 @@ have their own isolated instance of the global resource.
|
|||
Changes to the global resource are visible to other processes
|
||||
that are members of the namespace, but are invisible to other processes.
|
||||
One use of namespaces is to implement containers.
|
||||
|
||||
.PP
|
||||
Linux provides the following namespaces:
|
||||
.TS
|
||||
lB lB lB
|
||||
|
@ -48,7 +48,7 @@ PID CLONE_NEWPID Process IDs
|
|||
User CLONE_NEWUSER User and group IDs
|
||||
UTS CLONE_NEWUTS Hostname and NIS domain name
|
||||
.TE
|
||||
|
||||
.PP
|
||||
This page describes the various namespaces and the associated
|
||||
.I /proc
|
||||
files, and summarizes the APIs for working with namespaces.
|
||||
|
@ -115,7 +115,7 @@ Each process has a
|
|||
subdirectory containing one entry for each namespace that
|
||||
supports being manipulated by
|
||||
.BR setns (2):
|
||||
|
||||
.PP
|
||||
.in +4n
|
||||
.nf
|
||||
$ \fBls \-l /proc/$$/ns\fP
|
||||
|
@ -130,7 +130,7 @@ lrwxrwxrwx. 1 mtk mtk 0 Apr 28 12:46 user \-> user:[4026531837]
|
|||
lrwxrwxrwx. 1 mtk mtk 0 Apr 28 12:46 uts \-> uts:[4026531838]
|
||||
.fi
|
||||
.in
|
||||
|
||||
.PP
|
||||
Bind mounting (see
|
||||
.BR mount (2))
|
||||
one of the files in this directory
|
||||
|
@ -138,7 +138,7 @@ to somewhere else in the filesystem keeps
|
|||
the corresponding namespace of the process specified by
|
||||
.I pid
|
||||
alive even if all processes currently in the namespace terminate.
|
||||
|
||||
.PP
|
||||
Opening one of the files in this directory
|
||||
(or a file that is bind mounted to one of these files)
|
||||
returns a file handle for
|
||||
|
@ -149,7 +149,7 @@ the namespace will remain alive,
|
|||
even if all processes in the namespace terminate.
|
||||
The file descriptor can be passed to
|
||||
.BR setns (2).
|
||||
|
||||
.PP
|
||||
In Linux 3.7 and earlier, these files were visible as hard links.
|
||||
Since Linux 3.8,
|
||||
.\" commit bf056bfa80596a5d14b26b17276a56a0dcb080e5
|
||||
|
@ -162,14 +162,14 @@ field returned by
|
|||
.BR stat (2).
|
||||
The content of this symbolic link is a string containing
|
||||
the namespace type and inode number as in the following example:
|
||||
|
||||
.PP
|
||||
.in +4n
|
||||
.nf
|
||||
$ \fBreadlink /proc/$$/ns/uts\fP
|
||||
uts:[4026531838]
|
||||
.fi
|
||||
.in
|
||||
|
||||
.PP
|
||||
The symbolic links in this subdirectory are as follows:
|
||||
.TP
|
||||
.IR /proc/[pid]/ns/cgroup " (since Linux 4.6)"
|
||||
|
@ -324,13 +324,13 @@ POSIX message queues (see
|
|||
The common characteristic of these IPC mechanisms is that IPC
|
||||
objects are identified by mechanisms other than filesystem
|
||||
pathnames.
|
||||
|
||||
.PP
|
||||
Each IPC namespace has its own set of System V IPC identifiers and
|
||||
its own POSIX message queue filesystem.
|
||||
Objects created in an IPC namespace are visible to all other processes
|
||||
that are members of that namespace,
|
||||
but are not visible to processes in other IPC namespaces.
|
||||
|
||||
.PP
|
||||
The following
|
||||
.I /proc
|
||||
interfaces are distinct in each IPC namespace:
|
||||
|
@ -357,7 +357,7 @@ The System V IPC interfaces in
|
|||
When an IPC namespace is destroyed
|
||||
(i.e., when the last process that is a member of the namespace terminates),
|
||||
all IPC objects in the namespace are automatically destroyed.
|
||||
|
||||
.PP
|
||||
Use of IPC namespaces requires a kernel that is configured with the
|
||||
.B CONFIG_IPC_NS
|
||||
option.
|
||||
|
@ -379,12 +379,12 @@ A virtual network device ("veth") pair provides a pipe-like abstraction
|
|||
that can be used to create tunnels between network namespaces,
|
||||
and can be used to create a bridge to a physical network device
|
||||
in another namespace.
|
||||
|
||||
.PP
|
||||
When a network namespace is freed
|
||||
(i.e., when the last process in the namespace terminates),
|
||||
its physical network devices are moved back to the
|
||||
initial network namespace (not to the parent of the process).
|
||||
|
||||
.PP
|
||||
Use of network namespaces requires a kernel that is configured with the
|
||||
.B CONFIG_NET_NS
|
||||
option.
|
||||
|
@ -421,7 +421,7 @@ and can be retrieved using
|
|||
.BR gethostname (2),
|
||||
and
|
||||
.BR getdomainname (2).
|
||||
|
||||
.PP
|
||||
Use of UTS namespaces requires a kernel that is configured with the
|
||||
.B CONFIG_UTS_NS
|
||||
option.
|
||||
|
|
Loading…
Reference in New Issue