persistent namespaces
Today I merged support for persistent namespaces to unshare(1). The persistent namespace does not require any running process with in the namespace and it's possible to enter the namespace by nsenter(1).
For example let's create a new UTS namespace and set a different hostname within the namespace:
For example let's create a new UTS namespace and set a different hostname within the namespace:
# hostname ws # touch /root/ns-uts # unshare --uts=/root/ns-uts # hostname FooBar # exitNow there is no process in the namespace, try to enter the namespace by --uts=/root/ns-uts reference:
# nsenter --uts=/root/ns-uts # hostname FooBar # exitThe reference to the namespace is bind mount to /proc/[pid]/ns/[type], so umount(8) is enough to remove the reference:
# umount /root/ns-utsIf there is no another reference or any running process within the namespace then the namesapce is destoyed.
It's also possible to create another types of the persistent namespaces (--net, --ipc, ...). Don't forget that if you want to create a persistent mount namespace than the file (--mount=file) has to be on "private" filesystem, for example on Fedora where all is "shared" you have to use:
# mount --bind /mnt/test /mnt/test # mount --make-rprivate /mnt/test # touch /mnt/test/my-ns # unshare --mount=/mnt/test/my-ns ...Note that PID namespace cannot be without a running process (or more precisely the PID namespace is dead thing after init process (PID 1) termination).