Hello, I forgot to add --cc-cover for git send-email, so everyone who is in Cc got only a cover letter. All messages were sent in mail lists. Sorry for inconvenience. On Thu, Jul 14, 2016 at 11:20 AM, Andrey Vagin <avagin@xxxxxxxxxx> wrote: > Each namespace has an owning user namespace and now there is not way > to discover these relationships. > > Pid and user namepaces are hierarchical. There is no way to discover > parent-child relationships too. > > Why we may want to know relationships between namespaces? > > One use would be visualization, in order to understand the running system. > Another would be to answer the question: what capability does process X have to > perform operations on a resource governed by namespace Y? > > One more use-case (which usually called abnormal) is checkpoint/restart. > In CRIU we age going to dump and restore nested namespaces. > > There [1] was a discussion about which interface to choose to determing > relationships between namespaces. > > Eric suggested to add two ioctl-s [2]: >> Grumble, Grumble. I think this may actually a case for creating ioctls >> for these two cases. Now that random nsfs file descriptors are bind >> mountable the original reason for using proc files is not as pressing. >> >> One ioctl for the user namespace that owns a file descriptor. >> One ioctl for the parent namespace of a namespace file descriptor. > > Here is an implementaions of these ioctl-s. > > [1] https://lkml.org/lkml/2016/7/6/158 > [2] https://lkml.org/lkml/2016/7/9/101 > > Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx> > Cc: "W. Trevor King" <wking@xxxxxxxxxx> > Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx> > Cc: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > > -- > 2.5.5 > _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers