Questions tagged [namespace]
Questions relating to Linux namespaces, including commands such as: unshare and ip netns. Namespaces support isolation of filesystems, system names, IPC, processes, networks, and users. Closely related to the docker and lxc tags; use those tags instead of this one if you are simply using docker or lxc to implement namespaces.
285
questions
0
votes
0
answers
50
views
Mount in a directory I don't have permissions to for my user only
Is it possible to circumvent the traditional mount permission requirements if I just need my own user to see the mount?
For example, I want to bind mount /home/$USER/folder into /folder. I do not have ...
- 41
0
votes
0
answers
23
views
How is the namespace able to communicate with eth0 without NAT here
I was following this tutorial https://github.com/faysalmehedi/linux-network-namespaces-hands-on
I had to use this command so that our ns1 namespace can talk to eth0, where 192.168.1.1 is the IP ...
- 101
0
votes
1
answer
56
views
Why the access to /proc/[pid]/ns needs to generate symlinks?
The directories of the form /proc/[pid]/ns get populated each time they are accessed. That is, each time they are accessed the kernel produces a symlink to somewhere in the namespace filesystem (not ...
3
votes
0
answers
66
views
Why can't root bypass permissions in an ID-mapped mount?
Why does global root (root in the initial user namespace) not have the ability to read all files regardless of permission when ID-mapped mounts (see "ID-mapped mounts" under man 2 ...
1
vote
1
answer
98
views
Connecting two network namespaces over a bridge
I'm trying to make one network namespace to be able to ping another namespace via a bridge.
Here are the commands I'm executing:
# create two namespaces
ip netns add ns0
ip netns add ns1
# create a ...
- 247
2
votes
0
answers
98
views
Mounting overlayfs in a user namespace with child mounts
I am trying to mount an overlayfs on /tmp from within a separate user & mount namespace. This works well unless /tmp already has a child mount in the original namespace, in which case this ...
0
votes
0
answers
15
views
Virtual interface pair forwarding packets to each other
The goal is very simple: anything sent to pair1, as outgoing packet, should appear on pair0 as an incoming packet and vice versa. I am thinking on a layer3-only, virtual interface now.
tun could do ...
- 9,848
3
votes
1
answer
139
views
Disable namespaces in Linux without compiling
Is there a way to disable all namespace types at boot time or runtime in Linux?
- 4,158
0
votes
0
answers
43
views
How to forward data via netns exec namespace
I'm using zmq to receive data from another pc. I would like to formard this received data to the Internet via namespace. I've created this python script:
import subprocess
import zmq
context = zmq....
0
votes
0
answers
21
views
How to get full mountpoint path name by the sturct fc_context
In my kernel module, I've implemented a syscall hook named fsconfig to manage operations related to remounting readonly mountpoints. For instance, if a user executes mount /dev/sda /tmp/mytest -o ...
- 1
1
vote
1
answer
63
views
Can't use user/group IDs in unshared namespace
When mounting a tmpfs in a mount and user namespace that is separate from my 'regular' system, my expectation is that it's possible to use any user/group ID.
There would be no need for mapping IDs ...
- 35
2
votes
1
answer
58
views
Cannot close LUKS volume while any flatpak app is running
The problem
I cannot cryptsetup close any LUKS volume while any flatpak app is running in the background. Yes, the flatpak app just has to be running in the background, I'm not trying to use ...
- 111
1
vote
0
answers
31
views
Isolating a child process in a remote desktop program
I'm developing a remote desktop/streaming program for linux. When a user logs in, they specify a program to launch, and the remote server launches that program as a new process. The server process ...
- 111
0
votes
1
answer
144
views
Kubernetes Namespace Stuck in 'Terminating'
I'm encountering an issue where a Kubernetes namespace is stuck in the 'Terminating' state. Running kubectl get ns cattle-monitoring-system -o json|jq produces error messages related to custom.metrics....
- 815
1
vote
0
answers
77
views
What is causing permission denied under proot?
At work I have limited access to my PC, so I am running proot with /nix mounted to give me access to nix package manager. However, executing some setuid commands fails under proot.
$ proot /usr/bin/...
- 870