From: James Bottomley > Sent: 21 November 2022 14:03 ... > > Then how does the networking code handle the namespace stuff in > > sysfs? > > That seems to work today, or am I missing something? > > have you actually tried? > > jejb@lingrow:~> sudo unshare --net bash > lingrow:/home/jejb # ls /sys/class/net/ > lo tun0 tun10 wlan0 > lingrow:/home/jejb # ip link show > 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group > default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > > So, as you see, I've entered a network namespace and ip link shows me > the only interface I can see in that namespace (a down loopback) but > sysfs shows me every interface on the system outside the namespace. You have to remount /sys to get the restricted copy. eg by running 'ip netns exec namespace command'. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
