[thirdparty/man-pages.git] / man2 / setns.2

.\" Copyright (C) 2011, Eric Biederman <ebiederm@xmission.com>
.\" and Copyright (C) 2011, 2012, Michael Kerrisk <mtk.manpages@gamil.com>
.\"
.\" %%%LICENSE_START(GPLv2_ONELINE)
.\" Licensed under the GPLv2
.\" %%%LICENSE_END
.\"
.TH SETNS 2 2013-01-01 "Linux" "Linux Programmer's Manual"
.SH NAME
setns \- reassociate thread with a namespace
.SH SYNOPSIS
.nf
.BR "#define _GNU_SOURCE" "             /* See feature_test_macros(7) */"
.B #include <sched.h>
.sp
.BI "int setns(int " fd ", int " nstype );
.fi
.SH DESCRIPTION
Given a file descriptor referring to a namespace,
reassociate the calling thread with that namespace.

The
.I fd
argument is a file descriptor referring to one of the namespace entries in a
.I /proc/[pid]/ns/
directory; see
.BR proc (5)
for further information on
.IR /proc/[pid]/ns/ .
The calling thread will be reassociated with the corresponding namespace,
subject to any constraints imposed by the
.I nstype
argument.

The
.I nstype
argument specifies which type of namespace
the calling thread may be reassociated with.
This argument can have one of the following values:
.TP
.BR 0
Allow any type of namespace to be joined.
.TP
.BR CLONE_NEWIPC
.I fd
must refer to an IPC namespace.
.TP
.BR CLONE_NEWNET
.I fd
must refer to a network namespace.
.TP
.BR CLONE_NEWNS
.I fd
must refer to a mount namespace.
.TP
.BR CLONE_NEWPID
.I fd
must refer to a PID namespace.
.TP
.BR CLONE_NEWUSER
.I fd
must refer to a user namespace.
.TP
.BR CLONE_NEWUTS
.I fd
must refer to a UTS namespace.
.PP
Specifying
.I nstype
as 0 suffices if the caller knows (or does not care)
what type of namespace is referred to by
.IR fd .
Specifying a nonzero value for
.I nstype
is useful if the caller does not know what type of namespace is referred to by
.IR fd
and wants to ensure that the namespace is of a particular type.
(The caller might not know the type of the namespace referred to by
.IR fd
if the file descriptor was opened by another process and, for example,
passed to the caller via a UNIX domain socket.)

The pid namespace is a little different.  Reassociating the calling
thread with a pid namespace only changes the pid namespace that the
child processes will be created in.

Changing the pid namespace for child processes is only allowed if the
pid namespace specified by
.IR fd
is a child pid namespace of the pid namespace of the current thread.

A multi-threaded process may not change user namespace with setns.  A
process may not reassociate the thread with the current user
namespace.  The process reassociating itself with a user namespace
must have CAP_SYS_ADMIN privileges in the target user namespace.

A process may not be reassociated with a new mount namespace if it is
multi-threaded or it does not possess both CAP_SYS_CHROOT privileges
and CAP_SYS_ADMIN rights over the target mount namespace.

.SH RETURN VALUE
On success,
.IR setns ()
returns 0.
On failure, \-1 is returned and
.I errno
is set to indicate the error.
.SH ERRORS
.TP
.B EBADF
.I fd
is not a valid file descriptor.
.TP
.B EINVAL
.I fd
refers to a namespace whose type does not match that specified in
.IR nstype ,
or there is problem with reassociating the
the thread with the specified namespace.
.TP
.B ENOMEM
Cannot allocate sufficient memory to change the specified namespace.
.TP
.B EPERM
The calling thread did not have the required privilege
.RB ( CAP_SYS_ADMIN )
for this operation.
.SH VERSIONS
The
.BR setns ()
system call first appeared in Linux in kernel 3.0;
library support was added to glibc in version 2.14;
Support for PID, user and mount namespaces first appeard in Linux in kernel 3.8.
.SH CONFORMING TO
The
.BR setns ()
system call is Linux-specific.
.SH NOTES
Not all of the attributes that can be shared when
a new thread is created using
.BR clone (2)
can be changed using
.BR setns ().
.SH EXAMPLE
The program below takes two or more arguments.
The first argument specifies the pathname of a namespace file in an existing
.I /proc/[pid]/ns/
directory.
The remaining arguments specify a command and its arguments.
The program opens the namespace file, joins that namespace using
.BR setns (),
and executes the specified command inside that namespace.

The following shell session demonstrates the use of this program
(compiled as a binary named
.IR ns_exec )
in conjunction with the
.BR CLONE_NEWUTS
example program in the
.BR clone (2)
man page (complied as a binary named
.IR newuts ).

We begin by executing the example program in
.BR clone (2)
in the background.
That program creates a child in a separate UTS namespace.
The child changes the hostname in its namespace,
and then both processes display the hostnames in their UTS namespaces,
so that we can see that they are different.

.nf
.in +4n
$ \fBsu\fP                   # Need privilege for namespace operations
Password:
# \fB./newuts bizarro &\fP
[1] 3549
clone() returned 3550
uts.nodename in child:  bizarro
uts.nodename in parent: antero
# \fBuname \-n\fP             # Verify hostname in the shell
antero
.in
.fi

We then run the program shown below,
using it to execute a shell.
Inside that shell, we verify that the hostname is the one
set by the child created by the first program:

.nf
.in +4n
# \fB./ns_exec /proc/3550/ns/uts /bin/bash\fP
# \fBuname \-n\fP             # Executed in shell started by ns_exec
bizarro
.in
.fi
.SS Program source
.nf
#define _GNU_SOURCE
#include <fcntl.h>
#include <sched.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>

#define errExit(msg)    do { perror(msg); exit(EXIT_FAILURE); \\
                        } while (0)

int
main(int argc, char *argv[])
{
    int fd;

    if (argc < 3) {
        fprintf(stderr, "%s /proc/PID/ns/FILE cmd args...\\n", argv[0]);
        exit(EXIT_FAILURE);
    }

    fd = open(argv[1], O_RDONLY);   /* Get descriptor for namespace */
    if (fd == \-1)
        errExit("open");

    if (setns(fd, 0) == \-1)         /* Join that namespace */
        errExit("setns");

    execvp(argv[2], &argv[2]);      /* Execute a command in namespace */
    errExit("execvp");
}
.fi
.SH SEE ALSO
.BR clone (2),
.BR fork (2),
.BR vfork (2),
.BR proc (5),
.BR unix (7)
Commit	Line	Data
dfa22c8b	1	.\" Copyright (C) 2011, Eric Biederman <ebiederm@xmission.com>
8d41e607	2	.\" and Copyright (C) 2011, 2012, Michael Kerrisk <mtk.manpages@gamil.com>
2297bf0e	3	.\"
c4a99c30	4	.\" %%%LICENSE_START(GPLv2_ONELINE)
dfa22c8b	5	.\" Licensed under the GPLv2
8ff7380d	6	.\" %%%LICENSE_END
dfa22c8b	7	.\"
8d41e607	8	.TH SETNS 2 2013-01-01 "Linux" "Linux Programmer's Manual"
dfa22c8b	9	.SH NAME
7aa166c5	10	setns \- reassociate thread with a namespace
dfa22c8b EB	11	.SH SYNOPSIS
	12	.nf
	13	.BR "#define _GNU_SOURCE" " /* See feature_test_macros(7) */"
	14	.B #include <sched.h>
	15	.sp
	16	.BI "int setns(int " fd ", int " nstype );
	17	.fi
	18	.SH DESCRIPTION
c07ad242	19	Given a file descriptor referring to a namespace,
7aa166c5	20	reassociate the calling thread with that namespace.
dfa22c8b	21
92dcb220 MK	22	The
	23	.I fd
	24	argument is a file descriptor referring to one of the namespace entries in a
	25	.I /proc/[pid]/ns/
	26	directory; see
	27	.BR proc (5)
c409c4ff	28	for further information on
92dcb220	29	.IR /proc/[pid]/ns/ .
7aa166c5	30	The calling thread will be reassociated with the corresponding namespace,
92dcb220 MK	31	subject to any constraints imposed by the
	32	.I nstype
	33	argument.
	34
dfa22c8b EB	35	The
dfa22c8b EB	36	.I nstype
c07ad242	37	argument specifies which type of namespace
7aa166c5	38	the calling thread may be reassociated with.
4e1e208d	39	This argument can have one of the following values:
dfa22c8b EB	40	.TP
dfa22c8b EB	41	.BR 0
92dcb220	42	Allow any type of namespace to be joined.
dfa22c8b EB	43	.TP
dfa22c8b EB	44	.BR CLONE_NEWIPC
92dcb220 MK	45	.I fd
92dcb220 MK	46	must refer to an IPC namespace.
dfa22c8b EB	47	.TP
dfa22c8b EB	48	.BR CLONE_NEWNET
92dcb220 MK	49	.I fd
92dcb220 MK	50	must refer to a network namespace.
dfa22c8b	51	.TP
99fd2fe3 EB	52	.BR CLONE_NEWNS
	53	.I fd
	54	must refer to a mount namespace.
	55	.TP
	56	.BR CLONE_NEWPID
	57	.I fd
	58	must refer to a PID namespace.
	59	.TP
	60	.BR CLONE_NEWUSER
	61	.I fd
	62	must refer to a user namespace.
	63	.TP
dfa22c8b	64	.BR CLONE_NEWUTS
92dcb220 MK	65	.I fd
92dcb220 MK	66	must refer to a UTS namespace.
dfa22c8b	67	.PP
92dcb220 MK	68	Specifying
	69	.I nstype
	70	as 0 suffices if the caller knows (or does not care)
	71	what type of namespace is referred to by
	72	.IR fd .
	73	Specifying a nonzero value for
	74	.I nstype
	75	is useful if the caller does not know what type of namespace is referred to by
	76	.IR fd
	77	and wants to ensure that the namespace is of a particular type.
	78	(The caller might not know the type of the namespace referred to by
	79	.IR fd
	80	if the file descriptor was opened by another process and, for example,
	81	passed to the caller via a UNIX domain socket.)
99fd2fe3 EB	82
	83	The pid namespace is a little different. Reassociating the calling
	84	thread with a pid namespace only changes the pid namespace that the
	85	child processes will be created in.
	86
	87	Changing the pid namespace for child processes is only allowed if the
	88	pid namespace specified by
	89	.IR fd
	90	is a child pid namespace of the pid namespace of the current thread.
	91
	92	A multi-threaded process may not change user namespace with setns. A
	93	process may not reassociate the thread with the current user
	94	namespace. The process reassociating itself with a user namespace
	95	must have CAP_SYS_ADMIN privileges in the target user namespace.
	96
	97	A process may not be reassociated with a new mount namespace if it is
	98	multi-threaded or it does not possess both CAP_SYS_CHROOT privileges
	99	and CAP_SYS_ADMIN rights over the target mount namespace.
	100
dfa22c8b	101	.SH RETURN VALUE
92dcb220 MK	102	On success,
	103	.IR setns ()
	104	returns 0.
dfa22c8b EB	105	On failure, \-1 is returned and
	106	.I errno
	107	is set to indicate the error.
	108	.SH ERRORS
	109	.TP
dfa22c8b	110	.B EBADF
c07ad242 MK	111	.I fd
c07ad242 MK	112	is not a valid file descriptor.
dfa22c8b EB	113	.TP
dfa22c8b EB	114	.B EINVAL
92dcb220 MK	115	.I fd
92dcb220 MK	116	refers to a namespace whose type does not match that specified in
7aa166c5 MK	117	.IR nstype ,
	118	or there is problem with reassociating the
	119	the thread with the specified namespace.
dfa22c8b EB	120	.TP
	121	.B ENOMEM
	122	Cannot allocate sufficient memory to change the specified namespace.
dfa22c8b EB	123	.TP
dfa22c8b EB	124	.B EPERM
c409c4ff	125	The calling thread did not have the required privilege
63b6ef41 MK	126	.RB ( CAP_SYS_ADMIN )
63b6ef41 MK	127	for this operation.
dfa22c8b EB	128	.SH VERSIONS
	129	The
	130	.BR setns ()
c95b6ae1	131	system call first appeared in Linux in kernel 3.0;
99fd2fe3 EB	132	library support was added to glibc in version 2.14;
99fd2fe3 EB	133	Support for PID, user and mount namespaces first appeard in Linux in kernel 3.8.
dfa22c8b EB	134	.SH CONFORMING TO
	135	The
	136	.BR setns ()
	137	system call is Linux-specific.
	138	.SH NOTES
7aa166c5 MK	139	Not all of the attributes that can be shared when
7aa166c5 MK	140	a new thread is created using
dfa22c8b EB	141	.BR clone (2)
	142	can be changed using
	143	.BR setns ().
8d41e607 MK	144	.SH EXAMPLE
	145	The program below takes two or more arguments.
	146	The first argument specifies the pathname of a namespace file in an existing
	147	.I /proc/[pid]/ns/
	148	directory.
	149	The remaining arguments specify a command and its arguments.
	150	The program opens the namespace file, joins that namespace using
	151	.BR setns (),
	152	and executes the specified command inside that namespace.
	153
	154	The following shell session demonstrates the use of this program
	155	(compiled as a binary named
a1ce9159	156	.IR ns_exec )
8d41e607 MK	157	in conjunction with the
	158	.BR CLONE_NEWUTS
	159	example program in the
	160	.BR clone (2)
	161	man page (complied as a binary named
	162	.IR newuts ).
	163
	164	We begin by executing the example program in
	165	.BR clone (2)
	166	in the background.
	167	That program creates a child in a separate UTS namespace.
51ebe080	168	The child changes the hostname in its namespace,
8d41e607 MK	169	and then both processes display the hostnames in their UTS namespaces,
	170	so that we can see that they are different.
	171
	172	.nf
	173	.in +4n
	174	$ \fBsu\fP # Need privilege for namespace operations
9f1b9726	175	Password:
8d41e607 MK	176	# \fB./newuts bizarro &\fP
	177	[1] 3549
	178	clone() returned 3550
	179	uts.nodename in child: bizarro
	180	uts.nodename in parent: antero
5c977011	181	# \fBuname \-n\fP # Verify hostname in the shell
8d41e607 MK	182	antero
	183	.in
	184	.fi
	185
	186	We then run the program shown below,
	187	using it to execute a shell.
	188	Inside that shell, we verify that the hostname is the one
	189	set by the child created by the first program:
	190
	191	.nf
	192	.in +4n
a1ce9159	193	# \fB./ns_exec /proc/3550/ns/uts /bin/bash\fP
5c977011	194	# \fBuname \-n\fP # Executed in shell started by ns_exec
8d41e607 MK	195	bizarro
	196	.in
	197	.fi
8d41e607 MK	198	.SS Program source
	199	.nf
	200	#define _GNU_SOURCE
	201	#include <fcntl.h>
	202	#include <sched.h>
	203	#include <unistd.h>
	204	#include <stdlib.h>
	205	#include <stdio.h>
	206
	207	#define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \\
	208	} while (0)
	209
	210	int
	211	main(int argc, char *argv[])
	212	{
	213	int fd;
	214
	215	if (argc < 3) {
	216	fprintf(stderr, "%s /proc/PID/ns/FILE cmd args...\\n", argv[0]);
	217	exit(EXIT_FAILURE);
	218	}
	219
	220	fd = open(argv[1], O_RDONLY); /* Get descriptor for namespace */
	221	if (fd == \-1)
	222	errExit("open");
	223
	224	if (setns(fd, 0) == \-1) /* Join that namespace */
	225	errExit("setns");
	226
	227	execvp(argv[2], &argv[2]); /* Execute a command in namespace */
	228	errExit("execvp");
	229	}
	230	.fi
dfa22c8b EB	231	.SH SEE ALSO
	232	.BR clone (2),
	233	.BR fork (2),
b93a34b5	234	.BR vfork (2),
92dcb220 MK	235	.BR proc (5),
92dcb220 MK	236	.BR unix (7)