From d7bea6b6299677fe0b5ddc73ff313f93c3d453c7 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Fri, 24 Nov 2017 18:22:17 +0100 Subject: nspawn: introduce an option for specifying network namespace path Add a new option `--network-namespace-path` to systemd-nspawn to allow users to specify an arbitrary network namespace, e.g. `/run/netns/foo`. Then systemd-nspawn will open the netns file, pass the fd to outer_child, and enter the namespace represented by the fd before running inner_child. ``` $ sudo ip netns add foo $ mount | grep /run/netns/foo nsfs on /run/netns/foo type nsfs (rw) ... $ sudo systemd-nspawn -D /srv/fc27 --network-namespace-path=/run/netns/foo \ /bin/readlink -f /proc/self/ns/net /proc/1/ns/net:[4026532009] ``` Note that the option `--network-namespace-path=` cannot be used together with other network-related options such as `--private-network` so that the options do not conflict with each other. Fixes https://github.com/systemd/systemd/issues/7361 --- src/basic/stat-util.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src/basic/stat-util.c') diff --git a/src/basic/stat-util.c b/src/basic/stat-util.c index c6b8507e9d..96fc8b3787 100644 --- a/src/basic/stat-util.c +++ b/src/basic/stat-util.c @@ -226,6 +226,18 @@ int fd_is_temporary_fs(int fd) { return is_temporary_fs(&s); } +int fd_is_network_ns(int fd) { + int r; + + r = fd_is_fs_type(fd, NSFS_MAGIC); + if (r <= 0) + return r; + r = ioctl(fd, NS_GET_NSTYPE); + if (r < 0) + return -errno; + return r == CLONE_NEWNET; +} + int path_is_temporary_fs(const char *path) { _cleanup_close_ int fd = -1; -- cgit v1.2.1