On 11/18/20 6:51 AM, Roberto Ragusa wrote:
> unshare -n /bin/bash
>
> this will give you a shell where everything can be run, but ifconfig
> -a will show you that there is no network interfaces (localhost is
> missing too).
Never thought about that one. Great idea.
> The idea of letting podman do all the setup and then "borrow" the
> namespace for something out of the container is very smart.
Indeed! If it wasn't for podman one had to create the namespace, bridge
interface on host, the tap interfaces, assign IPs to them, insert proper
firewall rules. and so on. I like how you phrased that.
> ("container" is a meaningless word; the kernel only knows about
> namespaces, you can use or not each of them, in your case network is
> all you need...)
Right on.
--
Jorge
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
