Hello,
Looking for linux setns() like facility from freebsd jail - where using setns() a different threads of a process can switch to different namespaces where as, using jail, once the first thread calls jail_attach() whole process(including other threads) gets into the same jail as entered by first thread. And any subsequent attempt to call jail_attach() from other threads would fail with "Invalid argument". Understood the reason for this failure being, once the process gets into a jail(JID#1 below), it can't find jails defined (with JID#1 and JID#2) the system.
Now, Is there a way(libc/system call) for these threads to reassociate with jails similar to setns? Like thread1 should operate on Jail#1 and Thread2 on Jail#2 at any point in time.
Test Code for above: (To compile: cc file.c -lpthread -o jlattach)
Looking for linux setns() like facility from freebsd jail - where using setns() a different threads of a process can switch to different namespaces where as, using jail, once the first thread calls jail_attach() whole process(including other threads) gets into the same jail as entered by first thread. And any subsequent attempt to call jail_attach() from other threads would fail with "Invalid argument". Understood the reason for this failure being, once the process gets into a jail(JID#1 below), it can't find jails defined (with JID#1 and JID#2) the system.
Now, Is there a way(libc/system call) for these threads to reassociate with jails similar to setns? Like thread1 should operate on Jail#1 and Thread2 on Jail#2 at any point in time.
Code:
# jls
JID IP Address Hostname Path
1 bsd1 /
2 bsd1 /
Code:
bsd1: # ./jlattach
Starting threads..
Inside Thread1 ==> This thread could attach to Jail#1 (Now, whole process switched to Jail#1)
Inside Thread2
Attach Failed2: Invalid argument ==> This fails as process already entered Jail#1 and can't find Jail#2 defined inside Jail#1
Attach Failed - Main Thread: Invalid argument ==> This also fails, main thread attempts to attach to Jail#1 from Jail#1
Threads exit..Test Code for above: (To compile: cc file.c -lpthread -o jlattach)
Code:
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <pthread.h>
#include <sys/param.h>
#include <sys/jail.h>
#include <netinet/in.h>
#include <string.h>
void *Thread1(void *argp)
{
printf("Inside Thread1\n");
if(jail_attach(1)<0)
perror("Attach Failed1");
sleep(5);
return NULL;
}
void *Thread2(void *argp)
{
printf("Inside Thread2\n");
if(jail_attach(2)<0)
perror("Attach Failed2");
sleep(6);
return NULL;
}
int main()
{
pthread_t thread_id[2];
printf("Starting threads..\n");
pthread_create(&thread_id[0], NULL, Thread1, NULL);
pthread_create(&thread_id[1], NULL, Thread2, NULL);
pthread_join(thread_id[0], NULL);
pthread_join(thread_id[1], NULL);
if(jail_attach(1)<0)
perror("Attach Failed - Main Thread");
printf("Threads exit..\n");
exit(0);
}