.\" %%%LICENSE_END
.\"
.\"
-.TH CGROUP_NAMESPACES 7 2017-09-15 "Linux" "Linux Programmer's Manual"
+.TH CGROUP_NAMESPACES 7 2019-03-06 "Linux" "Linux Programmer's Manual"
.SH NAME
cgroup_namespaces \- overview of Linux cgroup namespaces
.SH DESCRIPTION
.PP
The following shell session demonstrates the effect of creating
a new cgroup namespace.
+.PP
First, (as superuser) we create a child cgroup in the
.I freezer
-hierarchy, and put the shell into that cgroup:
+hierarchy, and place a process in that cgroup that we will
+use as part of the demonstration below:
+.PP
+.in +4n
+.EX
+# \fBmkdir \-p /sys/fs/cgroup/freezer/sub2\fP
+# \fBsleep 10000 &\fP # Create a process that lives for a while
+[1] 20124
+# \fBecho 20124 > /sys/fs/cgroup/freezer/sub2/cgroup.procs\fP
+.EE
+.in
+.PP
+We then create another child cgroup in the
+.I freezer
+hierarchy and put the shell into that cgroup:
.PP
.in +4n
.EX
.BR unshare (1)
command, a process that is in the original cgroup namespace
.RI ( init ,
-with PID 1), and a process in a sibling cgroup
+with PID 1), and the process in the sibling cgroup
.RI ( sub2 ):
.PP
.EX
155 145 0:32 / /sys/fs/cgroup/freezer rw,relatime ...
.in
.EE
-.PP
-Use of cgroup namespaces requires a kernel that is configured with the
-.B CONFIG_CGROUPS
-option.
.\"
.SH CONFORMING TO
Namespaces are a Linux-specific feature.
.SH NOTES
+Use of cgroup namespaces requires a kernel that is configured with the
+.B CONFIG_CGROUPS
+option.
+.PP
The virtualization provided by cgroup namespaces serves a number of purposes:
.IP * 2
It prevents information leaks whereby cgroup directory paths outside of
projects / thirdparty / man-pages.git / blobdiff