On Fri, 2021-11-19 at 19:07 -0500, Steven Rostedt wrote: > On Fri, 19 Nov 2021 18:22:55 -0500 > James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote: > > > But I could write a script or a tool to gather all the information > > without this filesystem. The namespace tree can be reconstructed > > by anything that can view the process tree and the /proc/<pid>/ns > > directory. > > So basically you're stating that we could build the same thing that > the namespacefs would give us from inside a privileged container that > had access to the system procfs? I think so, yes ... and if some information is missing, we could export it for you. This way the kernel doesn't prescribe what the namespace tree looks like and the tool can display it in many different ways. For instance, your current RFC patch misses the subtlety of the owning user namespace, but that could simply be an alternative view presented by a userspace tool. James
