Rob Landley <rob@xxxxxxxxxxx> writes: > On 03/04/2013 11:52:19 AM, Eric W. Biederman wrote: >> > How about this: >> > >> > The point here is that unshare(2) and setns(2) change the >> PID >> > namespace for processes subsequently created by the caller, >> but >> > not for the calling process, while clone(2) CLONE_VM >> specifies >> > the creation of a new thread in the same process. >> >> Hmm. How about this. >> >> The point here is that unshare(2) and setns(2) change the PID >> namespace that will be used by in all subsequent calls to >> clone >> and fork by the caller, but not for the calling process, and >> that all threads in a process must share the same PID >> namespace. Which makes a subsequent clone(2) CLONE_VM >> specify the creation of a new thread in the a different PID >> namespace but in the same process which is impossible. > > CLONE_VM and CLONE_NEWPID are incompatible because all threads of the > same process must be in the same PID namespace. Since unshare(2) and > setns(2) change the PID namespace for subsequent calls to clone(2), > those subsequent calls cannot create new threads (unless you setns(2) > back to the original namespace first). > > That last bit's a guess. :) Good wording thank you, and the last bit is right. You can restore the pid namespace with setns(2), and that will allow thread and process creation creation again. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
