mirror of https://github.com/mkerrisk/man-pages
pid_namespaces.7: Other call sequences fail with multiple threads and CLONE_NEWPID
Reported-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
2a4b78e7e2
commit
ec411de6d5
|
@ -197,14 +197,20 @@ the parent of a process is either in the same namespace
|
||||||
or resides in the immediate parent PID namespace.
|
or resides in the immediate parent PID namespace.
|
||||||
|
|
||||||
Every thread in a process must be in the same PID namespace.
|
Every thread in a process must be in the same PID namespace.
|
||||||
For this reason, the two following call sequences will fail:
|
For this reason, the following call sequences will fail:
|
||||||
|
|
||||||
.nf
|
.nf
|
||||||
unshare(CLONE_NEWPID);
|
unshare(CLONE_NEWPID);
|
||||||
clone(..., CLONE_VM, ...); /* Fails */
|
clone(..., CLONE_VM, ...); /* Fails */
|
||||||
|
|
||||||
|
clone(..., CLONE_VM, ...);
|
||||||
|
unshare(CLONE_NEWPID); /* Fails */
|
||||||
|
|
||||||
setns(fd, CLONE_NEWPID);
|
setns(fd, CLONE_NEWPID);
|
||||||
clone(..., CLONE_VM, ...); /* Fails */
|
clone(..., CLONE_VM, ...); /* Fails */
|
||||||
|
|
||||||
|
clone(..., CLONE_VM, ...);
|
||||||
|
setns(fd, CLONE_NEWPID); /* Fails */
|
||||||
.fi
|
.fi
|
||||||
|
|
||||||
Because the above
|
Because the above
|
||||||
|
|
Loading…
Reference in New Issue