[GSOC][namespace Support]
Eugene Syromiatnikov
esyr at redhat.com
Sat Mar 17 06:56:48 UTC 2018
On Sat, Mar 17, 2018 at 10:52:39AM +0800, WeiDeng Lai wrote:
> mounting /proc whenever we enter the new name space.
How do you expect to do this, taking into account the fact that strace
process doesn't normally have CAP_SYS_ADMIN?
> To complete this requirement,we can make a try to add a
> new kernel API for trans_pid between different pid_namespaces,such as patch
> in link: * https://lkml.org/lkml/2018/3/6/593
> <https://lkml.org/lkml/2018/3/6/593> *.
Note Eric Biederman's comments there[1]. Please also refer to the
discussion related to the previous version of the patch[2]. How do you
expect to address the objections raised there in order to have the API
accepted in the kernel's upstream?
> a few days ago,I talk with my seniors of community,we have a consistent
> point that add a new kernel API may a good idea,we can apply patch on later
> kernel versions,and modify it so that patch can apply on 3.x to now.If it
> make sense,I'll do this.
Note that stable upstream kernels do not normally accept new features.
And downstream kernels are also quite hesitant in doing so.
> I don't hatch other methods,can someone provide some information or
> documents for my reference?
There are NSFS_* ioctls present that can be used for (PID) namespace
tree traversal[3]. Along with inspection of *id fields in
/proc/<pid>/status, the available information information is sufficient
for deriving the needed PID in strace's PID NS (having /proc mounted
with different PID NS quite complicates things but still manageable).
[1] https://lkml.org/lkml/2018/3/13/1544
[2] https://lkml.org/lkml/2017/10/13/177
[3] http://blog.man7.org/2016/12/introspecting-namespace-relationships.html
More information about the Strace-devel
mailing list