Linux 101 : Processes and Namespaces
It creates a new namespace and run the specified process in it - default program is the "/bin/bash" -, if no program is mentioned.
Empty namespace gets deleted. To be able to keep a namespace "alive", a process needs to be running inside it or a bind mount needs to be attached to it.
A bind mount means mounting a directory onto another so that they would point to the same content.
We could enter an "alive" namespace using the "nsenter" command.
Our namesapce will be removed if we un-mount the bind mount using the "umount" command.
Example:
We display our processes using the "ps -aux" command.
Then, we create a new namespace using "unshare":
The pid of the shell is "1" in our new namespace. The other processes displayed in our first "ps -aux" command are not there anymore.
Below is a short explanation of the used parameters:
- --fork : spawns the specified program as a child of unshare
- --pid : creates a PID namespace.
- --mount-proc : mounts the "/proc" filesystem.
Comments