2 * SPDX-License-Identifier: GPL-2.0-or-later
4 * lsns(8) - list system namespaces
6 * Copyright (C) 2015 Karel Zak <kzak@redhat.com>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
21 #include <sys/types.h>
23 #include <libsmartcols.h>
27 #ifdef HAVE_LINUX_NET_NAMESPACE_H
28 # include <sys/socket.h>
29 # include <linux/netlink.h>
30 # include <linux/rtnetlink.h>
31 # include <linux/net_namespace.h>
34 #ifdef HAVE_LINUX_NSFS_H
35 # include <linux/nsfs.h>
36 # if defined(NS_GET_NSTYPE) && defined(NS_GET_OWNER_UID)
37 # define USE_NS_GET_API 1
41 #include "pathnames.h"
46 #include "closestream.h"
50 #include "namespace.h"
52 #include "fileutils.h"
53 #include "column-list-table.h"
57 static UL_DEBUG_DEFINE_MASK(lsns
);
58 UL_DEBUG_DEFINE_MASKNAMES(lsns
) = UL_DEBUG_EMPTY_MASKNAMES
;
60 #define LSNS_DEBUG_INIT (1 << 1)
61 #define LSNS_DEBUG_PROC (1 << 2)
62 #define LSNS_DEBUG_NS (1 << 3)
63 #define LSNS_DEBUG_FILTER (1 << 4)
64 #define LSNS_DEBUG_ALL 0xFFFF
66 #define LSNS_NETNS_UNUSABLE -2
68 #define DBG(m, x) __UL_DBG(lsns, LSNS_DEBUG_, m, x)
69 #define ON_DBG(m, x) __UL_DBG_CALL(lsns, LSNS_DEBUG_, m, x)
71 #define lsns_ioctl(fildes, request, ...) __extension__ ({ \
72 int ret = ioctl(fildes, request, ##__VA_ARGS__); \
73 if (ret == -1 && errno == ENOTTY) \
74 warnx("Unsupported ioctl %s", #request); \
77 #define UL_DEBUG_CURRENT_MASK UL_DEBUG_MASK(lsns)
80 #define EXIT_UNSUPPORTED_IOCTL 2
82 static struct idcache
*uid_cache
= NULL
;
97 COL_PNS
, /* parent namespace */
98 COL_ONS
, /* owner namespace */
103 const char *name
; /* header */
104 double whint
; /* width hint (N < 1 is in percent of termwidth) */
105 int flags
; /* SCOLS_FL_* */
110 /* columns descriptions */
111 static const struct colinfo infos
[] = {
112 [COL_NS
] = { "NS", 10, SCOLS_FL_RIGHT
, N_("namespace identifier (inode number)"), SCOLS_JSON_NUMBER
},
113 [COL_TYPE
] = { "TYPE", 5, 0, N_("kind of namespace") },
114 [COL_PATH
] = { "PATH", 0, 0, N_("path to the namespace")},
115 [COL_NPROCS
] = { "NPROCS", 5, SCOLS_FL_RIGHT
, N_("number of processes in the namespace"), SCOLS_JSON_NUMBER
},
116 [COL_PID
] = { "PID", 5, SCOLS_FL_RIGHT
, N_("lowest PID in the namespace"), SCOLS_JSON_NUMBER
},
117 [COL_PPID
] = { "PPID", 5, SCOLS_FL_RIGHT
, N_("PPID of the PID"), SCOLS_JSON_NUMBER
},
118 [COL_COMMAND
] = { "COMMAND", 0, SCOLS_FL_TRUNC
, N_("command line of the PID")},
119 [COL_UID
] = { "UID", 0, SCOLS_FL_RIGHT
, N_("UID of the PID"), SCOLS_JSON_NUMBER
},
120 [COL_USER
] = { "USER", 0, 0, N_("username of the PID")},
121 [COL_NETNSID
] = { "NETNSID", 0, SCOLS_FL_RIGHT
, N_("namespace ID as used by network subsystem")},
122 [COL_NSFS
] = { "NSFS", 0, SCOLS_FL_WRAP
, N_("nsfs mountpoint (usually used network subsystem)")},
123 [COL_PNS
] = { "PNS", 10, SCOLS_FL_RIGHT
, N_("parent namespace identifier (inode number)"), SCOLS_JSON_NUMBER
},
124 [COL_ONS
] = { "ONS", 10, SCOLS_FL_RIGHT
, N_("owner namespace identifier (inode number)"), SCOLS_JSON_NUMBER
},
127 static int columns
[ARRAY_SIZE(infos
) * 2];
128 static size_t ncolumns
;
141 static char *ns_names
[] = {
142 [LSNS_ID_MNT
] = "mnt",
143 [LSNS_ID_NET
] = "net",
144 [LSNS_ID_PID
] = "pid",
145 [LSNS_ID_UTS
] = "uts",
146 [LSNS_ID_IPC
] = "ipc",
147 [LSNS_ID_USER
] = "user",
148 [LSNS_ID_CGROUP
] = "cgroup",
149 [LSNS_ID_TIME
] = "time"
158 struct lsns_namespace
{
160 int type
; /* LSNS_* */
163 ino_t related_id
[MAX_RELA
];
165 struct lsns_process
*proc
;
167 struct lsns_namespace
*related_ns
[MAX_RELA
];
168 struct libscols_line
*ns_outline
;
169 uid_t uid_fallback
; /* refer this member if `proc' is NULL. */
171 struct list_head namespaces
; /* lsns->processes member */
172 struct list_head processes
; /* head of lsns_process *siblings */
175 struct lsns_process
{
176 pid_t pid
; /* process PID */
177 pid_t ppid
; /* parent's PID */
178 pid_t tpid
; /* thread group */
182 ino_t ns_ids
[ARRAY_SIZE(ns_names
)];
183 ino_t ns_pids
[ARRAY_SIZE(ns_names
)];
184 ino_t ns_oids
[ARRAY_SIZE(ns_names
)];
186 struct list_head ns_siblings
[ARRAY_SIZE(ns_names
)];
188 struct list_head processes
; /* list of processes */
190 struct libscols_line
*outline
;
191 struct lsns_process
*parent
;
205 struct list_head processes
;
206 struct list_head namespaces
;
208 pid_t fltr_pid
; /* filter out by PID */
209 ino_t fltr_ns
; /* filter out by namespace */
210 int fltr_types
[ARRAY_SIZE(ns_names
)];
213 unsigned int raw
: 1,
223 struct libmnt_table
*tab
;
224 struct libscols_filter
*filter
;
227 struct netnsid_cache
{
230 struct list_head netnsids
;
233 /* "userdata" used by callback for libsmartcols filter */
236 struct lsns_namespace
*ns
;
237 struct lsns_process
*proc
;
240 static struct list_head netnsids_cache
;
242 static int netlink_fd
= -1;
244 static void lsns_init_debug(void)
246 __UL_INIT_DEBUG_FROM_ENV(lsns
, LSNS_DEBUG_
, 0, LSNS_DEBUG
);
249 static int ns_name2type(const char *name
)
253 for (i
= 0; i
< ARRAY_SIZE(ns_names
); i
++) {
254 if (strcmp(ns_names
[i
], name
) == 0)
260 static int column_name_to_id(const char *name
, size_t namesz
)
266 for (i
= 0; i
< ARRAY_SIZE(infos
); i
++) {
267 const char *cn
= infos
[i
].name
;
269 if (!strncasecmp(name
, cn
, namesz
) && !*(cn
+ namesz
))
272 warnx(_("unknown column: %s"), name
);
276 static int has_column(int id
)
280 for (i
= 0; i
< ncolumns
; i
++) {
281 if (columns
[i
] == id
)
287 static inline int get_column_id(int num
)
290 assert((size_t) num
< ncolumns
);
291 assert(columns
[num
] < (int) ARRAY_SIZE(infos
));
296 static inline const struct colinfo
*get_column_info(unsigned num
)
298 return &infos
[ get_column_id(num
) ];
301 static int get_ns_ino(struct path_cxt
*pc
, const char *nsname
, ino_t
*ino
, ino_t
*pino
, ino_t
*oino
)
306 snprintf(path
, sizeof(path
), "ns/%s", nsname
);
308 if (ul_path_stat(pc
, &st
, 0, path
) != 0)
315 #ifdef USE_NS_GET_API
317 fd
= ul_path_open(pc
, 0, path
);
320 if (strcmp(nsname
, "pid") == 0 || strcmp(nsname
, "user") == 0) {
321 if ((pfd
= lsns_ioctl(fd
, NS_GET_PARENT
)) < 0) {
327 if (fstat(pfd
, &st
) < 0) {
336 if ((ofd
= lsns_ioctl(fd
, NS_GET_USERNS
)) < 0) {
342 if (fstat(ofd
, &st
) < 0) {
355 static int parse_proc_stat(char *line
, pid_t
*pid
, char *state
, pid_t
*ppid
)
360 p
= strrchr(line
, ')');
362 sscanf(line
, "%d (", pid
) != 1 ||
363 sscanf(p
, ") %c %d*[^\n]", state
, ppid
) != 2) {
373 #ifdef HAVE_LINUX_NET_NAMESPACE_H
374 static int netnsid_cache_find(ino_t netino
, int *netnsid
)
378 list_for_each(p
, &netnsids_cache
) {
379 struct netnsid_cache
*e
= list_entry(p
,
380 struct netnsid_cache
,
382 if (e
->ino
== netino
) {
391 static void netnsid_cache_add(ino_t netino
, int netnsid
)
393 struct netnsid_cache
*e
;
395 e
= xcalloc(1, sizeof(*e
));
398 INIT_LIST_HEAD(&e
->netnsids
);
399 list_add(&e
->netnsids
, &netnsids_cache
);
402 static int get_netnsid_via_netlink_send_request(int target_fd
)
404 unsigned char req
[NLMSG_SPACE(sizeof(struct rtgenmsg
))
405 + RTA_SPACE(sizeof(int32_t))];
407 struct nlmsghdr
*nlh
= (struct nlmsghdr
*)req
;
408 struct rtgenmsg
*rt
= NLMSG_DATA(req
);
409 struct rtattr
*rta
= (struct rtattr
*)
410 (req
+ NLMSG_SPACE(sizeof(struct rtgenmsg
)));
411 int32_t *fd
= RTA_DATA(rta
);
413 nlh
->nlmsg_len
= sizeof(req
);
414 nlh
->nlmsg_flags
= NLM_F_REQUEST
;
415 nlh
->nlmsg_type
= RTM_GETNSID
;
416 rt
->rtgen_family
= AF_UNSPEC
;
417 rta
->rta_type
= NETNSA_FD
;
418 rta
->rta_len
= RTA_SPACE(sizeof(int32_t));
421 if (send(netlink_fd
, req
, sizeof(req
), 0) < 0)
426 static int get_netnsid_via_netlink_recv_response(int *netnsid
)
428 unsigned char res
[NLMSG_SPACE(sizeof(struct rtgenmsg
))
429 + ((RTA_SPACE(sizeof(int32_t))
430 < RTA_SPACE(sizeof(struct nlmsgerr
)))
431 ? RTA_SPACE(sizeof(struct nlmsgerr
))
432 : RTA_SPACE(sizeof(int32_t)))];
436 struct nlmsghdr
*nlh
;
439 reslen
= recv(netlink_fd
, res
, sizeof(res
), 0);
443 nlh
= (struct nlmsghdr
*)res
;
444 if (!(NLMSG_OK(nlh
, (size_t)reslen
)
445 && nlh
->nlmsg_type
== RTM_NEWNSID
))
448 rtalen
= NLMSG_PAYLOAD(nlh
, sizeof(struct rtgenmsg
));
449 rta
= (struct rtattr
*)(res
+ NLMSG_SPACE(sizeof(struct rtgenmsg
)));
450 if (!(RTA_OK(rta
, rtalen
)
451 && rta
->rta_type
== NETNSA_NSID
))
454 *netnsid
= *(int *)RTA_DATA(rta
);
459 static int get_netnsid_via_netlink(struct path_cxt
*pc
, const char *path
)
465 return LSNS_NETNS_UNUSABLE
;
467 target_fd
= ul_path_open(pc
, O_RDONLY
, path
);
469 return LSNS_NETNS_UNUSABLE
;
471 if (get_netnsid_via_netlink_send_request(target_fd
) < 0) {
472 netnsid
= LSNS_NETNS_UNUSABLE
;
476 if (get_netnsid_via_netlink_recv_response(&netnsid
) < 0) {
477 netnsid
= LSNS_NETNS_UNUSABLE
;
486 static int get_netnsid(struct path_cxt
*pc
, ino_t netino
)
490 if (!netnsid_cache_find(netino
, &netnsid
)) {
491 netnsid
= get_netnsid_via_netlink(pc
, "ns/net");
492 netnsid_cache_add(netino
, netnsid
);
498 static int get_netnsid(struct path_cxt
*pc
__attribute__((__unused__
)),
499 ino_t netino
__attribute__((__unused__
)))
501 return LSNS_NETNS_UNUSABLE
;
503 #endif /* HAVE_LINUX_NET_NAMESPACE_H */
505 static struct lsns_namespace
*add_namespace_for_nsfd(struct lsns
*ls
, int fd
, ino_t ino
);
507 static void read_open_ns_inos(struct lsns
*ls
, struct path_cxt
*pc
)
510 struct dirent
*d
= NULL
;
511 char path
[sizeof("fd/") + sizeof(stringify_value(UINT64_MAX
))];
513 while (ul_path_next_dirent(pc
, &sub
, "fd", &d
) == 0) {
517 if (ul_strtou64(d
->d_name
, &num
, 10) != 0) /* only numbers */
520 snprintf(path
, sizeof(path
), "fd/%ju", (uintmax_t) num
);
522 if (ul_path_stat(pc
, &st
, 0, path
) == 0
523 && st
.st_dev
== ls
->nsfs_dev
) {
524 int fd
= ul_path_open(pc
, O_RDONLY
, path
);
526 add_namespace_for_nsfd(ls
, fd
, st
.st_ino
);
533 static int read_process(struct lsns
*ls
, struct path_cxt
*pc
)
535 struct lsns_process
*p
= NULL
;
540 p
= xcalloc(1, sizeof(*p
));
541 p
->netnsid
= LSNS_NETNS_UNUSABLE
;
543 if (procfs_process_get_uid(pc
, &p
->uid
) == 0)
544 add_uid(uid_cache
, p
->uid
);
546 if ((rc
= procfs_process_get_stat(pc
, buf
, sizeof(buf
))) < 0)
548 if ((rc
= parse_proc_stat(buf
, &p
->pid
, &p
->state
, &p
->ppid
)) < 0)
552 for (i
= 0; i
< ARRAY_SIZE(p
->ns_ids
); i
++) {
553 INIT_LIST_HEAD(&p
->ns_siblings
[i
]);
555 if (!ls
->fltr_types
[i
])
558 rc
= get_ns_ino(pc
, ns_names
[i
], &p
->ns_ids
[i
],
559 &p
->ns_pids
[i
], &p
->ns_oids
[i
]);
560 if (rc
&& rc
!= -EACCES
&& rc
!= -ENOENT
)
562 if (i
== LSNS_ID_NET
)
563 p
->netnsid
= get_netnsid(pc
, p
->ns_ids
[i
]);
567 INIT_LIST_HEAD(&p
->processes
);
569 DBG(PROC
, ul_debugobj(p
, "new pid=%d", p
->pid
));
570 list_add_tail(&p
->processes
, &ls
->processes
);
572 read_open_ns_inos(ls
, pc
);
579 static int read_processes(struct lsns
*ls
)
586 DBG(PROC
, ul_debug("opening /proc"));
588 dir
= opendir(_PATH_PROC
);
592 pc
= ul_new_path(NULL
);
594 err(EXIT_FAILURE
, _("failed to alloc procfs handler"));
596 while ((d
= xreaddir(dir
))) {
599 if (procfs_dirent_get_pid(d
, &pid
) != 0)
602 DBG(PROC
, ul_debug("reading %d", (int) pid
));
603 rc
= procfs_process_init_path(pc
, pid
);
605 DBG(PROC
, ul_debug("failed in reading /proc/%d", (int) pid
));
609 rc
= read_process(ls
, pc
);
610 if (rc
&& rc
!= -EACCES
&& rc
!= -ENOENT
)
617 DBG(PROC
, ul_debug("closing /proc"));
622 static struct lsns_namespace
*get_namespace(struct lsns
*ls
, ino_t ino
)
626 list_for_each(p
, &ls
->namespaces
) {
627 struct lsns_namespace
*ns
= list_entry(p
, struct lsns_namespace
, namespaces
);
635 static int namespace_has_process(struct lsns_namespace
*ns
, pid_t pid
)
639 list_for_each(p
, &ns
->processes
) {
640 struct lsns_process
*proc
= list_entry(p
, struct lsns_process
, ns_siblings
[ns
->type
]);
642 if (proc
->pid
== pid
)
648 static struct lsns_namespace
*add_namespace(struct lsns
*ls
, int type
, ino_t ino
,
649 ino_t parent_ino
, ino_t owner_ino
)
651 struct lsns_namespace
*ns
= xcalloc(1, sizeof(*ns
));
656 DBG(NS
, ul_debugobj(ns
, "new %s[%ju]", ns_names
[type
], (uintmax_t)ino
));
658 INIT_LIST_HEAD(&ns
->processes
);
659 INIT_LIST_HEAD(&ns
->namespaces
);
663 ns
->related_id
[RELA_PARENT
] = parent_ino
;
664 ns
->related_id
[RELA_OWNER
] = owner_ino
;
666 list_add_tail(&ns
->namespaces
, &ls
->namespaces
);
670 static int add_process_to_namespace(struct lsns
*ls
, struct lsns_namespace
*ns
, struct lsns_process
*proc
)
674 DBG(NS
, ul_debugobj(ns
, "add process [%p] pid=%d to %s[%ju]",
675 proc
, proc
->pid
, ns_names
[ns
->type
], (uintmax_t)ns
->id
));
677 list_for_each(p
, &ls
->processes
) {
678 struct lsns_process
*xproc
= list_entry(p
, struct lsns_process
, processes
);
680 if (xproc
->pid
== proc
->ppid
) /* my parent */
681 proc
->parent
= xproc
;
682 else if (xproc
->ppid
== proc
->pid
) /* my child */
683 xproc
->parent
= proc
;
686 list_add_tail(&proc
->ns_siblings
[ns
->type
], &ns
->processes
);
689 if (!ns
->proc
|| ns
->proc
->pid
> proc
->pid
)
695 static int cmp_namespaces(struct list_head
*a
, struct list_head
*b
,
696 __attribute__((__unused__
)) void *data
)
698 struct lsns_namespace
*xa
= list_entry(a
, struct lsns_namespace
, namespaces
),
699 *xb
= list_entry(b
, struct lsns_namespace
, namespaces
);
701 return cmp_numbers(xa
->id
, xb
->id
);
704 static int netnsid_xasputs(char **str
, int netnsid
)
707 return xasprintf(str
, "%d", netnsid
);
708 #ifdef NETNSA_NSID_NOT_ASSIGNED
709 if (netnsid
== NETNSA_NSID_NOT_ASSIGNED
)
710 return xasprintf(str
, "%s", "unassigned");
715 #ifdef USE_NS_GET_API
716 static int clone_type_to_lsns_type(int clone_type
)
718 switch (clone_type
) {
721 case CLONE_NEWCGROUP
:
722 return LSNS_ID_CGROUP
;
742 static struct lsns_namespace
*add_namespace_for_nsfd(struct lsns
*ls
, int fd
, ino_t ino
)
744 int fd_owner
= -1, fd_parent
= -1;
745 struct stat st_owner
, st_parent
;
746 ino_t ino_owner
= 0, ino_parent
= 0;
747 struct lsns_namespace
*ns
;
748 int clone_type
, lsns_type
;
750 clone_type
= lsns_ioctl(fd
, NS_GET_NSTYPE
);
753 lsns_type
= clone_type_to_lsns_type(clone_type
);
754 if (lsns_type
< 0 || ls
->fltr_types
[lsns_type
] == 0)
757 fd_owner
= lsns_ioctl(fd
, NS_GET_USERNS
);
760 if (fstat(fd_owner
, &st_owner
) < 0)
762 ino_owner
= st_owner
.st_ino
;
765 fd_parent
= lsns_ioctl(fd
, NS_GET_PARENT
);
768 if (fstat(fd_parent
, &st_parent
) < 0)
770 ino_parent
= st_parent
.st_ino
;
773 ns
= add_namespace(ls
, lsns_type
, ino
, ino_parent
, ino_owner
);
774 lsns_ioctl(fd
, NS_GET_OWNER_UID
, &ns
->uid_fallback
);
775 add_uid(uid_cache
, ns
->uid_fallback
);
777 if ((lsns_type
== LSNS_ID_USER
|| lsns_type
== LSNS_ID_PID
)
778 && ino_parent
!= ino
&& ino_parent
!= 0) {
779 ns
->related_ns
[RELA_PARENT
] = get_namespace(ls
, ino_parent
);
780 if (!ns
->related_ns
[RELA_PARENT
]) {
781 ns
->related_ns
[RELA_PARENT
] = add_namespace_for_nsfd(ls
, fd_parent
, ino_parent
);
782 if (ino_parent
== ino_owner
)
783 ns
->related_ns
[RELA_OWNER
] = ns
->related_ns
[RELA_PARENT
];
787 if (ns
->related_ns
[RELA_OWNER
] == NULL
&& ino_owner
!= 0) {
788 ns
->related_ns
[RELA_OWNER
] = get_namespace(ls
, ino_owner
);
789 if (!ns
->related_ns
[RELA_OWNER
])
790 ns
->related_ns
[RELA_OWNER
] = add_namespace_for_nsfd(ls
, fd_owner
, ino_owner
);
801 static void interpolate_missing_namespaces(struct lsns
*ls
, struct lsns_namespace
*orphan
, int rela
)
803 const int cmd
[MAX_RELA
] = {
804 [RELA_PARENT
] = NS_GET_PARENT
,
805 [RELA_OWNER
] = NS_GET_USERNS
808 int fd_orphan
, fd_missing
;
811 orphan
->related_ns
[rela
] = get_namespace(ls
, orphan
->related_id
[rela
]);
812 if (orphan
->related_ns
[rela
])
815 snprintf(buf
, sizeof(buf
), "/proc/%d/ns/%s", orphan
->proc
->pid
, ns_names
[orphan
->type
]);
816 fd_orphan
= open(buf
, O_RDONLY
);
820 fd_missing
= lsns_ioctl(fd_orphan
, cmd
[rela
]);
825 if (fstat(fd_missing
, &st
) < 0
826 || st
.st_ino
!= orphan
->related_id
[rela
]) {
831 orphan
->related_ns
[rela
] = add_namespace_for_nsfd(ls
, fd_missing
, orphan
->related_id
[rela
]);
835 static void read_related_namespaces(struct lsns
*ls
)
838 struct lsns_namespace
*orphan
[2] = {NULL
, NULL
};
841 list_for_each(p
, &ls
->namespaces
) {
842 struct lsns_namespace
*ns
= list_entry(p
, struct lsns_namespace
, namespaces
);
843 struct list_head
*pp
;
844 list_for_each(pp
, &ls
->namespaces
) {
845 struct lsns_namespace
*pns
= list_entry(pp
, struct lsns_namespace
, namespaces
);
846 if (ns
->type
== LSNS_ID_USER
847 || ns
->type
== LSNS_ID_PID
) {
848 if (ns
->related_id
[RELA_PARENT
] == pns
->id
)
849 ns
->related_ns
[RELA_PARENT
] = pns
;
850 if (ns
->related_id
[RELA_OWNER
] == pns
->id
)
851 ns
->related_ns
[RELA_OWNER
] = pns
;
852 if (ns
->related_ns
[RELA_PARENT
] && ns
->related_ns
[RELA_OWNER
])
855 if (ns
->related_id
[RELA_OWNER
] == pns
->id
) {
856 ns
->related_ns
[RELA_OWNER
] = pns
;
862 /* lsns scans /proc/[0-9]+ for finding namespaces.
863 * So if a namespace has no process, lsns cannot
864 * find it. Here we call it a missing namespace.
866 * If the id for a related namesspce is known but
867 * namespace for the id is not found, there must
868 * be orphan namespaces. A missing namespace is an
869 * owner or a parent of the orphan namespace.
871 for (rela
= 0; rela
< MAX_RELA
; rela
++) {
872 if (ns
->related_id
[rela
] != 0
873 && ns
->related_ns
[rela
] == NULL
) {
874 ns
->related_ns
[rela
] = orphan
[rela
];
880 for (rela
= 0; rela
< MAX_RELA
; rela
++) {
881 while (orphan
[rela
]) {
882 struct lsns_namespace
*current
= orphan
[rela
];
883 orphan
[rela
] = orphan
[rela
]->related_ns
[rela
];
884 current
->related_ns
[rela
] = NULL
;
885 interpolate_missing_namespaces(ls
, current
, rela
);
890 static int read_persistent_namespaces(struct lsns
*ls
)
892 struct libmnt_iter
*itr
= mnt_new_iter(MNT_ITER_FORWARD
);
893 struct libmnt_fs
*fs
= NULL
;
895 while (mnt_table_next_fs(ls
->tab
, itr
, &fs
) == 0) {
897 char *p
, *end
= NULL
;
901 if (!mnt_fs_match_fstype(fs
, "nsfs"))
903 root
= mnt_fs_get_root(fs
);
904 if (!root
|| !(p
= strchr(root
, '[')))
908 ino
= strtoumax(++p
, &end
, 10);
909 if (!end
|| *end
!= ']' || errno
!= 0)
911 if (get_namespace(ls
, ino
))
914 fd
= open(mnt_fs_get_target(fs
), O_RDONLY
);
918 add_namespace_for_nsfd(ls
, fd
, ino
);
926 #endif /* USE_NS_GET_API */
928 static int read_namespaces(struct lsns
*ls
)
932 DBG(NS
, ul_debug("reading namespace"));
934 list_for_each(p
, &ls
->processes
) {
936 struct lsns_namespace
*ns
;
937 struct lsns_process
*proc
= list_entry(p
, struct lsns_process
, processes
);
939 for (i
= 0; i
< ARRAY_SIZE(proc
->ns_ids
); i
++) {
940 if (proc
->ns_ids
[i
] == 0)
942 if (!(ns
= get_namespace(ls
, proc
->ns_ids
[i
]))) {
943 ns
= add_namespace(ls
, i
, proc
->ns_ids
[i
],
944 proc
->ns_pids
[i
], proc
->ns_oids
[i
]);
948 add_process_to_namespace(ls
, ns
, proc
);
952 #ifdef USE_NS_GET_API
953 read_persistent_namespaces(ls
);
955 if (ls
->tree
== LSNS_TREE_OWNER
|| ls
->tree
== LSNS_TREE_PARENT
)
956 read_related_namespaces(ls
);
958 list_sort(&ls
->namespaces
, cmp_namespaces
, NULL
);
963 static int is_nsfs_root(struct libmnt_fs
*fs
, void *data
)
965 if (!mnt_fs_match_fstype(fs
, "nsfs") || !mnt_fs_get_root(fs
))
968 return (strcmp(mnt_fs_get_root(fs
), (char *)data
) == 0);
971 static int is_path_included(const char *path_set
, const char *elt
,
979 tmp
= strstr(path_set
, elt
);
983 elt_len
= strlen(elt
);
984 path_set_len
= strlen(path_set
);
986 /* path_set includes only elt or
987 * path_set includes elt as the first element.
990 && ((path_set_len
== elt_len
)
991 || (path_set
[elt_len
] == sep
)))
994 /* path_set includes elt at the middle
995 * or as the last element.
997 if ((*(tmp
- 1) == sep
)
998 && ((*(tmp
+ elt_len
) == sep
)
999 || (*(tmp
+ elt_len
) == '\0')))
1005 static int nsfs_xasputs(char **str
,
1006 struct lsns_namespace
*ns
,
1007 struct libmnt_table
*tab
,
1010 struct libmnt_iter
*itr
= mnt_new_iter(MNT_ITER_FORWARD
);
1011 char *expected_root
;
1012 struct libmnt_fs
*fs
= NULL
;
1014 xasprintf(&expected_root
, "%s:[%ju]", ns_names
[ns
->type
], (uintmax_t)ns
->id
);
1017 while (mnt_table_find_next_fs(tab
, itr
, is_nsfs_root
,
1018 expected_root
, &fs
) == 0) {
1020 const char *tgt
= mnt_fs_get_target(fs
);
1023 xasprintf(str
, "%s", tgt
);
1025 else if (!is_path_included(*str
, tgt
, sep
)) {
1028 xasprintf(&tmp
, "%s%c%s", *str
, sep
, tgt
);
1033 free(expected_root
);
1039 static void fill_column(struct lsns
*ls
,
1040 struct lsns_namespace
*ns
,
1041 struct lsns_process
*proc
,
1042 struct libscols_line
*line
,
1043 size_t column_index
)
1047 switch (get_column_id(column_index
)) {
1049 xasprintf(&str
, "%ju", (uintmax_t)ns
->id
);
1053 xasprintf(&str
, "%d", (int) proc
->pid
);
1057 xasprintf(&str
, "%d", (int) proc
->ppid
);
1060 xasprintf(&str
, "%s", ns_names
[ns
->type
]);
1063 xasprintf(&str
, "%d", ns
->nprocs
);
1068 str
= pid_get_cmdline(proc
->pid
);
1070 str
= pid_get_cmdname(proc
->pid
);
1075 xasprintf(&str
, "/proc/%d/ns/%s", (int) proc
->pid
, ns_names
[ns
->type
]);
1078 xasprintf(&str
, "%d", proc
? (int) proc
->uid
: (int) ns
->uid_fallback
);
1081 xasprintf(&str
, "%s", get_id(uid_cache
, proc
? proc
->uid
: ns
->uid_fallback
)->name
);
1086 if (ns
->type
== LSNS_ID_NET
)
1087 netnsid_xasputs(&str
, proc
->netnsid
);
1090 nsfs_xasputs(&str
, ns
, ls
->tab
, ls
->no_wrap
? ',' : '\n');
1093 xasprintf(&str
, "%ju", (uintmax_t)ns
->related_id
[RELA_PARENT
]);
1096 xasprintf(&str
, "%ju", (uintmax_t)ns
->related_id
[RELA_OWNER
]);
1102 if (str
&& scols_line_refer_data(line
, column_index
, str
) != 0)
1107 static int filter_filler_cb(
1108 struct libscols_filter
*filter
__attribute__((__unused__
)),
1109 struct libscols_line
*line
,
1110 size_t column_index
,
1113 struct filler_data
*fid
= (struct filler_data
*) userdata
;
1115 fill_column(fid
->ls
, fid
->ns
, fid
->proc
, line
, column_index
);
1119 static void add_scols_line(struct lsns
*ls
, struct libscols_table
*table
,
1120 struct lsns_namespace
*ns
, struct lsns_process
*proc
)
1123 struct libscols_line
*line
;
1128 line
= scols_table_new_line(table
,
1129 (ls
->tree
== LSNS_TREE_PROCESS
&& proc
) && proc
->parent
? proc
->parent
->outline
:
1130 (ls
->tree
== LSNS_TREE_PARENT
) && ns
->related_ns
[RELA_PARENT
] ? ns
->related_ns
[RELA_PARENT
]->ns_outline
:
1131 (ls
->tree
== LSNS_TREE_OWNER
) && ns
->related_ns
[RELA_OWNER
] ? ns
->related_ns
[RELA_OWNER
]->ns_outline
:
1134 warn(_("failed to add line to output"));
1140 struct filler_data fid
= {
1146 scols_filter_set_filler_cb(ls
->filter
,
1147 filter_filler_cb
, (void *) &fid
);
1149 if (scols_line_apply_filter(line
, ls
->filter
, &status
))
1150 err(EXIT_FAILURE
, _("failed to apply filter"));
1152 struct libscols_line
*x
= scols_line_get_parent(line
);
1155 scols_line_remove_child(x
, line
);
1157 scols_table_remove_line(table
, line
);
1162 for (i
= 0; i
< ncolumns
; i
++) {
1163 if (scols_line_is_filled(line
, i
))
1165 fill_column(ls
, ns
, proc
, line
, i
);
1168 if (ls
->tree
== LSNS_TREE_OWNER
|| ls
->tree
== LSNS_TREE_PARENT
)
1169 ns
->ns_outline
= line
;
1171 proc
->outline
= line
;
1174 static struct libscols_table
*init_scols_table(struct lsns
*ls
)
1176 struct libscols_table
*tab
;
1179 tab
= scols_new_table();
1181 warn(_("failed to initialize output table"));
1185 scols_table_enable_raw(tab
, ls
->raw
);
1186 scols_table_enable_json(tab
, ls
->json
);
1187 scols_table_enable_noheadings(tab
, ls
->no_headings
);
1190 scols_table_set_name(tab
, "namespaces");
1192 for (i
= 0; i
< ncolumns
; i
++) {
1193 const struct colinfo
*col
= get_column_info(i
);
1194 int flags
= col
->flags
;
1195 struct libscols_column
*cl
;
1198 flags
&= ~SCOLS_FL_TRUNC
;
1199 if (ls
->tree
== LSNS_TREE_PROCESS
&& get_column_id(i
) == COL_COMMAND
)
1200 flags
|= SCOLS_FL_TREE
;
1202 flags
&= ~SCOLS_FL_WRAP
;
1203 if ((ls
->tree
== LSNS_TREE_OWNER
|| ls
->tree
== LSNS_TREE_PARENT
)
1204 && get_column_id(i
) == COL_NS
) {
1205 flags
|= SCOLS_FL_TREE
;
1206 flags
&= ~SCOLS_FL_RIGHT
;
1209 cl
= scols_table_new_column(tab
, col
->name
, col
->whint
, flags
);
1211 warnx(_("failed to initialize output column"));
1214 if (ls
->json
|| ls
->filter
)
1215 scols_column_set_json_type(cl
, col
->json_type
);
1217 if (!ls
->no_wrap
&& get_column_id(i
) == COL_NSFS
) {
1218 scols_column_set_wrapfunc(cl
,
1219 scols_wrapnl_chunksize
,
1220 scols_wrapnl_nextchunk
,
1222 scols_column_set_safechars(cl
, "\n");
1228 scols_unref_table(tab
);
1232 static void show_namespace(struct lsns
*ls
, struct libscols_table
*tab
,
1233 struct lsns_namespace
*ns
, struct lsns_process
*proc
)
1236 * create a tree from owner->owned and/or parent->child relation
1238 if (ls
->tree
== LSNS_TREE_OWNER
1239 && ns
->related_ns
[RELA_OWNER
]
1240 && !ns
->related_ns
[RELA_OWNER
]->ns_outline
)
1241 show_namespace(ls
, tab
, ns
->related_ns
[RELA_OWNER
], ns
->related_ns
[RELA_OWNER
]->proc
);
1242 else if (ls
->tree
== LSNS_TREE_PARENT
) {
1243 if (ns
->related_ns
[RELA_PARENT
]) {
1244 if (!ns
->related_ns
[RELA_PARENT
]->ns_outline
)
1245 show_namespace(ls
, tab
, ns
->related_ns
[RELA_PARENT
], ns
->related_ns
[RELA_PARENT
]->proc
);
1247 else if (ns
->related_ns
[RELA_OWNER
] && !ns
->related_ns
[RELA_OWNER
]->ns_outline
)
1248 show_namespace(ls
, tab
, ns
->related_ns
[RELA_OWNER
], ns
->related_ns
[RELA_OWNER
]->proc
);
1251 add_scols_line(ls
, tab
, ns
, proc
);
1254 static inline void add_column(int id
)
1256 if (ncolumns
>= ARRAY_SIZE(columns
))
1257 errx(EXIT_FAILURE
, _("too many columns specified, "
1258 "the limit is %zu columns"),
1259 ARRAY_SIZE(columns
) - 1);
1260 columns
[ ncolumns
++ ] = id
;
1263 static void init_scols_filter(struct libscols_table
*tb
, struct libscols_filter
*f
)
1265 struct libscols_iter
*itr
;
1266 const char *name
= NULL
;
1269 itr
= scols_new_iter(SCOLS_ITER_FORWARD
);
1271 err(EXIT_FAILURE
, _("failed to allocate iterator"));
1273 while (scols_filter_next_holder(f
, itr
, &name
, 0) == 0) {
1274 struct libscols_column
*col
= scols_table_get_column_by_name(tb
, name
);
1275 int id
= column_name_to_id(name
, strlen(name
));
1276 const struct colinfo
*ci
= id
>= 0 ? &infos
[id
] : NULL
;
1280 continue; /* report all unknown columns */
1284 col
= scols_table_new_column(tb
, ci
->name
,
1285 ci
->whint
, SCOLS_FL_HIDDEN
);
1287 err(EXIT_FAILURE
,_("failed to allocate output column"));
1289 scols_column_set_json_type(col
, ci
->json_type
);
1292 scols_filter_assign_column(f
, itr
, name
, col
);
1295 scols_free_iter(itr
);
1300 errx(EXIT_FAILURE
, _("failed to initialize filter"));
1303 static int show_namespaces(struct lsns
*ls
)
1305 struct libscols_table
*tab
;
1306 struct list_head
*p
;
1309 tab
= init_scols_table(ls
);
1313 init_scols_filter(tab
, ls
->filter
);
1315 list_for_each(p
, &ls
->namespaces
) {
1316 struct lsns_namespace
*ns
= list_entry(p
, struct lsns_namespace
, namespaces
);
1318 if (ls
->fltr_pid
!= 0 && !namespace_has_process(ns
, ls
->fltr_pid
))
1320 if (ls
->persist
&& ns
->nprocs
!= 0)
1323 if (!ns
->ns_outline
)
1324 show_namespace(ls
, tab
, ns
, ns
->proc
);
1327 scols_print_table(tab
);
1328 scols_unref_table(tab
);
1332 static void show_process(struct lsns
*ls
, struct libscols_table
*tab
,
1333 struct lsns_process
*proc
, struct lsns_namespace
*ns
)
1336 * create a tree from parent->child relation, but only if the parent is
1337 * within the same namespace
1339 if (ls
->tree
== LSNS_TREE_PROCESS
1341 && !proc
->parent
->outline
1342 && proc
->parent
->ns_ids
[ns
->type
] == proc
->ns_ids
[ns
->type
])
1343 show_process(ls
, tab
, proc
->parent
, ns
);
1345 add_scols_line(ls
, tab
, ns
, proc
);
1349 static int show_namespace_processes(struct lsns
*ls
, struct lsns_namespace
*ns
)
1351 struct libscols_table
*tab
;
1352 struct list_head
*p
;
1354 tab
= init_scols_table(ls
);
1358 list_for_each(p
, &ns
->processes
) {
1359 struct lsns_process
*proc
= list_entry(p
, struct lsns_process
, ns_siblings
[ns
->type
]);
1362 show_process(ls
, tab
, proc
, ns
);
1366 scols_print_table(tab
);
1367 scols_unref_table(tab
);
1371 static void free_lsns_process(struct lsns_process
*lsns_p
)
1376 static void free_netnsid_caches(struct netnsid_cache
*cache
)
1381 static void free_lsns_namespace(struct lsns_namespace
*lsns_n
)
1386 static void free_all(struct lsns
*ls
)
1388 list_free(&ls
->processes
, struct lsns_process
, processes
, free_lsns_process
);
1389 list_free(&netnsids_cache
, struct netnsid_cache
, netnsids
, free_netnsid_caches
);
1390 list_free(&ls
->namespaces
, struct lsns_namespace
, namespaces
, free_lsns_namespace
);
1393 static struct libscols_filter
*new_filter(const char *query
)
1395 struct libscols_filter
*f
;
1397 f
= scols_new_filter(NULL
);
1399 err(EXIT_FAILURE
, _("failed to allocate filter"));
1400 if (query
&& scols_filter_parse_string(f
, query
) != 0)
1401 errx(EXIT_FAILURE
, _("failed to parse \"%s\": %s"), query
,
1402 scols_filter_get_errmsg(f
));
1406 static void __attribute__((__noreturn__
)) usage(void)
1410 fputs(USAGE_HEADER
, out
);
1413 _(" %s [options] [<namespace>]\n"), program_invocation_short_name
);
1415 fputs(USAGE_SEPARATOR
, out
);
1416 fputs(_("List system namespaces.\n"), out
);
1418 fputs(USAGE_OPTIONS
, out
);
1419 fputs(_(" -J, --json use JSON output format\n"), out
);
1420 fputs(_(" -l, --list use list format output\n"), out
);
1421 fputs(_(" -n, --noheadings don't print headings\n"), out
);
1422 fputs(_(" -o, --output <list> define which output columns to use\n"), out
);
1423 fputs(_(" --output-all output all columns\n"), out
);
1424 fputs(_(" -P, --persistent namespaces without processes\n"), out
);
1425 fputs(_(" -p, --task <pid> print process namespaces\n"), out
);
1426 fputs(_(" -r, --raw use the raw output format\n"), out
);
1427 fputs(_(" -u, --notruncate don't truncate text in columns\n"), out
);
1428 fputs(_(" -W, --nowrap don't use multi-line representation\n"), out
);
1429 fputs(_(" -t, --type <name> namespace type (mnt, net, ipc, user, pid, uts, cgroup, time)\n"), out
);
1430 fputs(_(" -T, --tree[=<rel>] use tree format (parent, owner, or process)\n"), out
);
1432 fputs(USAGE_SEPARATOR
, out
);
1433 fputs(_(" -H, --list-columns list the available columns\n"), out
);
1434 fprintf(out
, USAGE_HELP_OPTIONS(24));
1435 fprintf(out
, USAGE_MAN_TAIL("lsns(8)"));
1440 static void __attribute__((__noreturn__
)) list_colunms(bool raw
, bool json
)
1442 struct libscols_table
*col_tb
= xcolumn_list_table_new("lsns-columns", stdout
, raw
, json
);
1444 for (size_t i
= 0; i
< ARRAY_SIZE(infos
); i
++)
1445 xcolumn_list_table_append_line(col_tb
, infos
[i
].name
,
1446 infos
[i
].json_type
, NULL
,
1449 scols_print_table(col_tb
);
1450 scols_unref_table(col_tb
);
1455 static dev_t
read_nsfs_dev(void)
1459 if (stat("/proc/self/ns/user", &st
) < 0)
1460 err(EXIT_FAILURE
, _("failed to do stat /proc/self/ns/user"));
1465 int main(int argc
, char *argv
[])
1468 int c
, force_list
= 0;
1470 char *outarg
= NULL
;
1472 OPT_OUTPUT_ALL
= CHAR_MAX
+ 1
1474 static const struct option long_opts
[] = {
1475 { "json", no_argument
, NULL
, 'J' },
1476 { "task", required_argument
, NULL
, 'p' },
1477 { "help", no_argument
, NULL
, 'h' },
1478 { "output", required_argument
, NULL
, 'o' },
1479 { "output-all", no_argument
, NULL
, OPT_OUTPUT_ALL
},
1480 { "persistent", no_argument
, NULL
, 'P' },
1481 { "filter", required_argument
, NULL
, 'Q' },
1482 { "notruncate", no_argument
, NULL
, 'u' },
1483 { "version", no_argument
, NULL
, 'V' },
1484 { "noheadings", no_argument
, NULL
, 'n' },
1485 { "nowrap", no_argument
, NULL
, 'W' },
1486 { "list", no_argument
, NULL
, 'l' },
1487 { "raw", no_argument
, NULL
, 'r' },
1488 { "type", required_argument
, NULL
, 't' },
1489 { "tree", optional_argument
, NULL
, 'T' },
1490 { "list-columns", no_argument
, NULL
, 'H' },
1491 { NULL
, 0, NULL
, 0 }
1494 static const ul_excl_t excl
[] = { /* rows and cols in ASCII order */
1500 int excl_st
[ARRAY_SIZE(excl
)] = UL_EXCL_STATUS_INIT
;
1503 setlocale(LC_ALL
, "");
1504 bindtextdomain(PACKAGE
, LOCALEDIR
);
1505 textdomain(PACKAGE
);
1506 close_stdout_atexit();
1509 memset(&ls
, 0, sizeof(ls
));
1511 INIT_LIST_HEAD(&ls
.processes
);
1512 INIT_LIST_HEAD(&ls
.namespaces
);
1513 INIT_LIST_HEAD(&netnsids_cache
);
1515 while ((c
= getopt_long(argc
, argv
,
1516 "JlPp:o:nruhVt:T::WQ:H", long_opts
, NULL
)) != -1) {
1518 err_exclusive_options(c
, long_opts
, excl
, excl_st
);
1530 case OPT_OUTPUT_ALL
:
1531 for (ncolumns
= 0; ncolumns
< ARRAY_SIZE(infos
); ncolumns
++)
1532 columns
[ncolumns
] = ncolumns
;
1538 ls
.fltr_pid
= strtos32_or_err(optarg
, _("invalid PID argument"));
1544 ls
.no_wrap
= ls
.raw
= 1;
1551 int type
= ns_name2type(optarg
);
1553 errx(EXIT_FAILURE
, _("unknown namespace type: %s"), optarg
);
1554 ls
.fltr_types
[type
] = 1;
1556 if (type
== LSNS_ID_NET
)
1564 ls
.tree
= LSNS_TREE_OWNER
;
1568 if (strcmp (optarg
, "parent") == 0)
1569 ls
.tree
= LSNS_TREE_PARENT
;
1570 else if (strcmp (optarg
, "process") == 0)
1571 ls
.tree
= LSNS_TREE_PROCESS
;
1572 else if (strcmp (optarg
, "owner") != 0)
1573 errx(EXIT_FAILURE
, _("unknown tree type: %s"), optarg
);
1577 ls
.filter
= new_filter(optarg
);
1580 list_colunms(ls
.raw
, ls
.json
);
1585 print_version(EXIT_SUCCESS
);
1587 errtryhelp(EXIT_FAILURE
);
1591 if (!ls
.fltr_ntypes
) {
1594 for (i
= 0; i
< ARRAY_SIZE(ns_names
); i
++)
1595 ls
.fltr_types
[i
] = 1;
1598 if (optind
< argc
) {
1600 errx(EXIT_FAILURE
, _("--task is mutually exclusive with <namespace>"));
1601 ls
.fltr_ns
= strtou64_or_err(argv
[optind
], _("invalid namespace argument"));
1602 if (!ls
.tree
&& !force_list
)
1603 ls
.tree
= LSNS_TREE_PROCESS
;
1606 columns
[ncolumns
++] = COL_PID
;
1607 columns
[ncolumns
++] = COL_PPID
;
1608 columns
[ncolumns
++] = COL_USER
;
1609 columns
[ncolumns
++] = COL_COMMAND
;
1614 columns
[ncolumns
++] = COL_NS
;
1615 columns
[ncolumns
++] = COL_TYPE
;
1616 columns
[ncolumns
++] = COL_NPROCS
;
1617 columns
[ncolumns
++] = COL_PID
;
1618 columns
[ncolumns
++] = COL_USER
;
1620 columns
[ncolumns
++] = COL_NETNSID
;
1621 columns
[ncolumns
++] = COL_NSFS
;
1623 columns
[ncolumns
++] = COL_COMMAND
;
1625 if (!ls
.tree
&& !force_list
)
1626 ls
.tree
= LSNS_TREE_PROCESS
;
1629 #ifndef USE_NS_GET_API
1630 if (ls
.tree
&& ls
.tree
!= LSNS_TREE_PROCESS
)
1631 errx(EXIT_FAILURE
, _("--tree={parent|owner} is unsupported for your system"));
1633 if (outarg
&& string_add_to_idarray(outarg
, columns
, ARRAY_SIZE(columns
),
1634 &ncolumns
, column_name_to_id
) < 0)
1635 return EXIT_FAILURE
;
1637 scols_init_debug(0);
1639 uid_cache
= new_idcache();
1641 err(EXIT_FAILURE
, _("failed to allocate UID cache"));
1643 #ifdef HAVE_LINUX_NET_NAMESPACE_H
1644 if (has_column(COL_NETNSID
))
1645 netlink_fd
= socket(AF_NETLINK
, SOCK_RAW
, NETLINK_ROUTE
);
1647 ls
.tab
= mnt_new_table_from_file(_PATH_PROC_MOUNTINFO
);
1649 err(MNT_EX_FAIL
, _("failed to parse %s"), _PATH_PROC_MOUNTINFO
);
1651 ls
.nsfs_dev
= read_nsfs_dev();
1653 r
= read_processes(&ls
);
1655 r
= read_namespaces(&ls
);
1658 struct lsns_namespace
*ns
= get_namespace(&ls
, ls
.fltr_ns
);
1661 errx(EXIT_FAILURE
, _("not found namespace: %ju"), (uintmax_t) ls
.fltr_ns
);
1662 r
= show_namespace_processes(&ls
, ns
);
1664 r
= show_namespaces(&ls
);
1667 scols_unref_filter(ls
.filter
);
1668 mnt_free_table(ls
.tab
);
1669 if (netlink_fd
>= 0)
1671 free_idcache(uid_cache
);
1676 case 0: return EXIT_SUCCESS
;
1677 case -ENOTTY
: return EXIT_UNSUPPORTED_IOCTL
;
1678 default: return EXIT_FAILURE
;