LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Nick Andrew <nick@nick-andrew.net>
To: Pavel Emelyanov <xemul@openvz.org>
Cc: Randy Dunlap <randy.dunlap@oracle.com>,
	linux-kernel@vger.kernel.org, Serge Hallyn <serue@us.ibm.com>
Subject: Re: [PATCH 2.6.25-rc2 3/9] config: Improve init/Kconfig help	descriptions - namespaces
Date: Thu, 21 Feb 2008 00:01:44 +1100	[thread overview]
Message-ID: <20080220130142.GC2169@tull.net> (raw)
In-Reply-To: <47BC1BA9.5040009@openvz.org>

On Wed, Feb 20, 2008 at 03:23:05PM +0300, Pavel Emelyanov wrote:
> > +	  This is used by container systems (i.e. vservers).
> > +	  Tasks in the container are placed in the PID namespace
> > +	  corresponding to the container, and can only see or
> > +	  affect processes in the same PID namespace.
> 
> same of one of child namespaces. In other words when you create
> a new pid namespace, you still see the tasks from this new one,
> but the tasks from this one, doesn't see yours :)

Due to the hierarchial nature, I see. I'm still trying to grok
it. Would it be adequate to describe what a process _cannot_
do? i.e.

          This is used by container systems (i.e. vservers).
          Tasks in the container are placed in the PID namespace
          corresponding to the container, and cannot see or
          affect processes in any parent PID namespaces.

Or maybe I should say both what it cannot do and what it can,
so readers don't have to use their imagination much :-)

Let's see if I understand how it works with an example. Say we've
got a hierarchy of PID namespaces ... pidA/pidB/pidC and a new
process created in pidC. This new process may have pid 18925 in
pidA, 2263 in pidB and 56 in pidC?

So if there's another process running in pidC, the first process
may be signaled as pid 56, and if a process is running in pidB
it would be 2263 and not 56. Can a process running in pidB see
all processes running in pidC only with their pidB PIDs?

Now, a process A running in pidA can send a signal to a process
C running in pidC but not vice-versa. Process C cannot know
where the signal came from. Is there any kernel mechanism
which normally would provide that kind of information to
process C but which breaks when PID namespaces are used,
because there's no way to name process A from the context
of pidC ?

Nick.

  reply	other threads:[~2008-02-20 13:02 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-02-19 14:06 Improve init/Kconfig help descriptions [PATCH 0/9] Nick Andrew
2008-02-19 14:09 ` Improve init/Kconfig help descriptions [PATCH 1/9] Nick Andrew
2008-02-19 14:11 ` Improve init/Kconfig help descriptions [PATCH 2/9] Nick Andrew
2008-02-19 14:33 ` Improve init/Kconfig help descriptions [PATCH 3/9] Nick Andrew
2008-02-19 14:42   ` Pavel Emelyanov
2008-02-19 15:10     ` Nick Andrew
2008-02-19 15:16       ` Pavel Emelyanov
2008-02-19 15:50         ` Serge E. Hallyn
2008-02-19 16:44         ` Randy Dunlap
2008-02-19 22:41           ` Nick Andrew
2008-02-20 12:19           ` [PATCH 2.6.25-rc2 3/9] config: Improve init/Kconfig help descriptions - namespaces Nick Andrew
2008-02-20 12:23             ` Pavel Emelyanov
2008-02-20 13:01               ` Nick Andrew [this message]
2008-02-20 13:07                 ` Pavel Emelyanov
2008-02-20 16:50             ` serge
2008-02-20 23:10               ` Nick Andrew
2008-02-19 14:38 ` Improve init/Kconfig help descriptions [PATCH 4/9] Nick Andrew
2008-02-20  3:42   ` Valdis.Kletnieks
2008-02-20 22:17     ` Nick Andrew
2008-02-19 14:53 ` Improve init/Kconfig help descriptions [PATCH 5/9] Nick Andrew
2008-02-19 20:17   ` Randy Dunlap
2008-02-19 15:12 ` Improve init/Kconfig help descriptions [PATCH 6/9] Nick Andrew
2008-02-19 15:39   ` Paul Jackson
2008-02-20 12:41     ` Nick Andrew
2008-02-20 16:43       ` Paul Jackson
2008-02-20  2:04   ` Paul Menage
2008-02-20  2:54     ` Nick Andrew
2008-02-20  3:12       ` Paul Menage
2008-02-20 16:55       ` serge
2008-02-20 21:31         ` Nick Andrew
2008-02-19 15:15 ` Improve init/Kconfig help descriptions [PATCH 7/9] Nick Andrew
2008-02-19 15:21 ` Improve init/Kconfig help descriptions [PATCH 8/9] Nick Andrew
2008-02-19 15:27 ` Improve init/Kconfig help descriptions [PATCH 9/9] Nick Andrew
2008-02-20 22:33 ` [PATCH 2.6.25-rc2 1/9] init: Improve init/Kconfig help descriptions part 1 Nick Andrew
     [not found] ` <200802220014.m1M0Dh5r022354@rgminet03.oracle.com>
2008-02-22  0:19   ` [PATCH 2.6.25-rc2 5/9] Kconfig: Improve init/Kconfig help descriptions - IKCONFIG etc Randy Dunlap
2008-02-22  0:48 ` [PATCH 2.6.25-rc2 1/9] Kconfig: Improve init/Kconfig help descriptions part 1 Nick Andrew
2008-02-22  0:49 ` [PATCH 2.6.25-rc2 2/9] Kconfig: Improve init/Kconfig help descriptions - TASKSTATS Nick Andrew
2008-02-22  0:51 ` [PATCH 2.6.25-rc2 3/9] Kconfig: Improve init/Kconfig help descriptions - NAMESPACES Nick Andrew
2008-02-27 23:00   ` Nick Andrew
2008-02-27 23:08     ` Serge E. Hallyn
2008-02-22  0:52 ` [PATCH 2.6.25-rc2 4/9] Kconfig: Improve init/Kconfig help descriptions - AUDIT Nick Andrew
2008-02-22  0:54 ` [PATCH 2.6.25-rc2 5/9] Kconfig: Improve init/Kconfig help descriptions - IKCONFIG etc Nick Andrew
2008-02-22  0:55 ` [PATCH 2.6.25-rc2 6/9] Kconfig: Improve init/Kconfig help descriptions - CGROUPS Nick Andrew
2008-02-22  0:56 ` [PATCH 2.6.25-rc2 7/9] Kconfig: Improve init/Kconfig help descriptions - EMBEDDED etc Nick Andrew
2008-02-22  0:58 ` [PATCH 2.6.25-rc2 8/9] Kconfig: Improve init/Kconfig help descriptions - SLAB Nick Andrew
2008-02-22  0:59 ` [PATCH 2.6.25-rc2 9/9] Kconfig: Improve init/Kconfig help descriptions - MODULES Nick Andrew
     [not found] ` <200802220010.m1M0Arr7024044@vzorg.swsoft.net>
2008-02-22  8:14   ` [PATCH 2.6.25-rc2 3/9] Kconfig: Improve init/Kconfig help descriptions - NAMESPACES Pavel Emelyanov
     [not found] ` <200802220010.m1M0Auqn024414@e5.ny.us.ibm.com>
2008-02-22 22:14   ` Serge E. Hallyn
2008-02-23  1:12     ` Nick Andrew
2008-02-23  3:45       ` Serge E. Hallyn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080220130142.GC2169@tull.net \
    --to=nick@nick-andrew.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=randy.dunlap@oracle.com \
    --cc=serue@us.ibm.com \
    --cc=xemul@openvz.org \
    --subject='Re: [PATCH 2.6.25-rc2 3/9] config: Improve init/Kconfig help	descriptions - namespaces' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).