LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

namespaces.7: Trying to add a new process to a PID namespace with no "init" fails 

If the PID namespace init process has terminated, then
setns() on a previously opened /proc/PID/ns/pid file
will succeed, but the subsequent fork() will fail with
ENOMEM.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2013-01-22 08:07:52 +01:00
parent ed94b9b881
commit bcf8010e24
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
man7/namespaces.7
View File

@ -334,6 +334,18 @@ If the "init" process of a PID namespace terminates,
the kernel terminates all of the processes in the namespace.
This behavior reflects the fact that the "init" process
is essential for the correct operation of a PID namespace.
In this case,
if another process holds an open file descriptor for one of the
.I /proc/[pid]/ns/pid
files for one of the processes that was in the namespace,
then a
.BR setns (2)
using that file descriptor will succeed, but a subsequent
.BR fork (2)
will fail with the error
.BR ENOMEM ;
it is not possible to create a new processes in a PID namespace that has
no "init" process.
Only signals for which the "init" process has established a signal handler
can be sent to the "init" process by other members of the PID namespace.