Documentation ¶
Index ¶
- func New(nstype species.NamespaceType, nsid species.NamespaceID, ref string) model.Namespace
- type HierarchicalNamespace
- func (hns *HierarchicalNamespace) AddChild(child model.Hierarchy)
- func (hns *HierarchicalNamespace) Children() []model.Hierarchy
- func (hns *HierarchicalNamespace) Parent() model.Hierarchy
- func (hns *HierarchicalNamespace) ParentChildrenString() string
- func (hns *HierarchicalNamespace) ResolveOwner(usernsmap model.NamespaceMap)
- func (hns *HierarchicalNamespace) SetParent(parent model.Hierarchy)
- func (hns *HierarchicalNamespace) String() string
- type HierarchyConfigurer
- type NamespaceConfigurer
- type PlainNamespace
- func (pns *PlainNamespace) AddLeader(proc *model.Process)
- func (pns *PlainNamespace) DetectOwner(nsr relations.Relation)
- func (pns *PlainNamespace) Ealdorman() (p *model.Process)
- func (pns *PlainNamespace) ID() species.NamespaceID
- func (pns *PlainNamespace) LeaderPIDs() []model.PIDType
- func (pns *PlainNamespace) LeaderString() string
- func (pns *PlainNamespace) Leaders() []*model.Process
- func (pns *PlainNamespace) Owner() model.Ownership
- func (pns *PlainNamespace) Ref() string
- func (pns *PlainNamespace) ResolveOwner(usernsmap model.NamespaceMap)
- func (pns *PlainNamespace) SetOwner(usernsid species.NamespaceID)
- func (pns *PlainNamespace) SetRef(ref string)
- func (pns *PlainNamespace) String() string
- func (pns *PlainNamespace) Type() species.NamespaceType
- func (pns *PlainNamespace) TypeIDString() string
- type UserConfigurer
- type UserNamespace
- func (uns *UserNamespace) AddChild(child model.Hierarchy)
- func (uns *UserNamespace) DetectUID(nsref relations.Relation)
- func (uns *UserNamespace) Ownings() model.AllNamespaces
- func (uns *UserNamespace) ResolveOwner(usernsmap model.NamespaceMap)
- func (uns *UserNamespace) SetOwnerUID(uid int)
- func (uns *UserNamespace) String() string
- func (uns *UserNamespace) UID() int
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(nstype species.NamespaceType, nsid species.NamespaceID, ref string) model.Namespace
New returns a new zero'ed namespace object suitable for the specified type of namespace. Now this is a real-world case where the "nongonformist" rule of "accept interfaces, return structs" doesn't make sense, because struct types don't support polymorphism. On the other hand, thousands of blog posts and SO answers cannot be wrong, more so, the more upvotes they accumulated ;)
Types ¶
type HierarchicalNamespace ¶
type HierarchicalNamespace struct { PlainNamespace // contains filtered or unexported fields }
HierarchicalNamespace stores hierarchy information in addition to the information for plain namespaces. Besides the interfaces for a plainNamespace, it additionally implements the public Hierarchy interface.
func (*HierarchicalNamespace) AddChild ¶
func (hns *HierarchicalNamespace) AddChild(child model.Hierarchy)
AddChild adds a child namespace to this (parent) namespace. It panics in case a child is tried to be added twice to either the same parent or different parents.
func (*HierarchicalNamespace) Children ¶
func (hns *HierarchicalNamespace) Children() []model.Hierarchy
Children returns a list of child PID or user namespaces for this PID or user namespace.
func (*HierarchicalNamespace) Parent ¶
func (hns *HierarchicalNamespace) Parent() model.Hierarchy
Parent returns the parent user or PID namespace of this user or PID namespace. If there is no parent namespace or the parent namespace in inaccessible, then Parent returns nil.
func (*HierarchicalNamespace) ParentChildrenString ¶
func (hns *HierarchicalNamespace) ParentChildrenString() string
ParentChildrenString just describes the parent and children of a hierarchical Linux kernel namespace, in a non-recursive form.
func (*HierarchicalNamespace) ResolveOwner ¶
func (hns *HierarchicalNamespace) ResolveOwner(usernsmap model.NamespaceMap)
ResolveOwner sets the owning user namespace reference based on the owning user namespace id discovered earlier. Yes, we're repeating us ourselves with this method, because Golang is self-inflicted pain when trying to emulate inheritance using embedding ... note: it doesn't work correctly. The reason is that we need the use the correct instance pointer and not a pointer to an embedded instance when setting the "owned" relationship.
func (*HierarchicalNamespace) SetParent ¶
func (hns *HierarchicalNamespace) SetParent(parent model.Hierarchy)
SetParent sets the parent namespace of this child namespace. It panics in case the parent would change.
func (*HierarchicalNamespace) String ¶
func (hns *HierarchicalNamespace) String() string
String describes this instance of a hierarchical Linux kernel namespace, with its parent and children (but not grand-children). This description is non-recursive.
type HierarchyConfigurer ¶
type HierarchyConfigurer interface { AddChild(child model.Hierarchy) SetParent(parent model.Hierarchy) }
HierarchyConfigurer allows discovery and unmarshalling mechanisms to configure the information hold by hierarchical namespaces.
type NamespaceConfigurer ¶
type NamespaceConfigurer interface { AddLeader(proc *model.Process) // adds yet another self-styled leader. SetRef(string) // sets a filesystem path for referencing this namespace. DetectOwner(nsr relations.Relation) // detects owning user namespace id. SetOwner(usernsid species.NamespaceID) // sets the owning user namespace id directly. ResolveOwner(usernsmap model.NamespaceMap) // resolves owner ns id into object reference. }
NamespaceConfigurer allows discovery and unmarshalling mechanisms to set up the information for a namespace. This is a lxkns-internal interface needed by other lxkns subpackages.
type PlainNamespace ¶
type PlainNamespace struct {
// contains filtered or unexported fields
}
PlainNamespace stores useful information about a concrete Linux kernel namespace. It implements the interfaces Namespace, Hierarchy, Ownership, and NamespaceStringer. Additionally, it implements the package-private interface leaderAdder. (There, I did it. I documented implemented interfaces explicitly for clarity.)
func (*PlainNamespace) AddLeader ¶
func (pns *PlainNamespace) AddLeader(proc *model.Process)
AddLeader joins another leader process to the lot of leaders in this namespace. It ensures that each leader appears only once in the list, even if AddLeader is called multiple times for the same leader process.
func (*PlainNamespace) DetectOwner ¶
func (pns *PlainNamespace) DetectOwner(nsr relations.Relation)
DetectOwner gets the ownering user namespace id from Linux, and stores it for later resolution, after when we have a complete map of all user namespaces.
func (*PlainNamespace) Ealdorman ¶
func (pns *PlainNamespace) Ealdorman() (p *model.Process)
Ealdorman returns the most senior leader process. The "most senior" process is the one which was created at the earliest, based on the start times from /proc/[PID]/stat.
Me thinks, me has read too many Bernard Cornwell books. Wyrd bið ful aræd.
func (*PlainNamespace) ID ¶
func (pns *PlainNamespace) ID() species.NamespaceID
ID returns the namespace identifier. This identifier is basically a tuple made of an inode number from the special "nsfs" namespace filesystem inside the Linux kernel, together with the device ID of the nsfs. IDs cannot be set as only the Linux allocates and manages them.
func (*PlainNamespace) LeaderPIDs ¶
func (pns *PlainNamespace) LeaderPIDs() []model.PIDType
LeaderPIDs returns the list of leader PIDs. This is a convenience method for those use cases where just a list of leader process PIDs is needed, but not the leader Process objects themselves.
func (*PlainNamespace) LeaderString ¶
func (pns *PlainNamespace) LeaderString() string
LeaderString returns a textual list of leader process PIDs.
func (*PlainNamespace) Leaders ¶
func (pns *PlainNamespace) Leaders() []*model.Process
Leaders returns an unsorted list of Process-es which are joined to this namespace and which are the topmost processes in the process tree still joined to this namespace.
func (*PlainNamespace) Owner ¶
func (pns *PlainNamespace) Owner() model.Ownership
Owner returns the user namespace "owning" this namespace. According to Linux-kernel rules, the owner of a user namespace is the parent of that user namespace.
func (*PlainNamespace) Ref ¶
func (pns *PlainNamespace) Ref() string
Ref returns a filesystem path suitable for referencing this namespace. A zero ref indicates that there is no reference path available: this is the case for "hidden" PID and user namespaces sandwiched in between PID or user namespaces where reference paths are available, because these other namespaces have processes joined to them, or are either bind-mounted or fd-referenced. Hidden PID namespaces can appear only when there is no process in any of their child namespaces and the child PID namespace(s) is bind-mounted or fd-references (the parent PID namespace is then kept alive because the child PID namespaces are kept alive).
func (*PlainNamespace) ResolveOwner ¶
func (pns *PlainNamespace) ResolveOwner(usernsmap model.NamespaceMap)
ResolveOwner sets the owning user namespace reference based on the owning user namespace id discovered earlier.
func (*PlainNamespace) SetOwner ¶
func (pns *PlainNamespace) SetOwner(usernsid species.NamespaceID)
SetOwner set the namespace ID of the user namespace owning this namespace.
func (*PlainNamespace) SetRef ¶
func (pns *PlainNamespace) SetRef(ref string)
SetRef sets a filesystem path to reference this namespace.
func (*PlainNamespace) String ¶
func (pns *PlainNamespace) String() string
String describes this instance of a non-hierarchical ("plain") Linux kernel namespace.
func (*PlainNamespace) Type ¶
func (pns *PlainNamespace) Type() species.NamespaceType
Type returns the type of namespace in form of one of the NamespaceType, such as species.CLONE_NEWNS, species.CLONE_NEWCGROUP, et cetera.
func (*PlainNamespace) TypeIDString ¶
func (pns *PlainNamespace) TypeIDString() string
TypeIDString describes this instance of a Linux kernel namespace just by its type and identifier, and nothing else.
type UserConfigurer ¶
type UserConfigurer interface {
SetOwnerUID(uid int)
}
UserConfigurer allows discovery and unmarshalling mechanisms to configure the information hold by user namespaces.
type UserNamespace ¶
type UserNamespace struct { HierarchicalNamespace // contains filtered or unexported fields }
UserNamespace stores ownership information in addition to the information for hierarchical namespaces. On top of the interfaces supported by a hierarchicalNamespace, UserNamespace implements the Ownership interface.
func (*UserNamespace) AddChild ¶
func (uns *UserNamespace) AddChild(child model.Hierarchy)
AddChild adds a child namespace to this (parent) namespace. It panics in case a child is tried to be added twice to either the same parent or different parents.
Note: we must reimplement this method here, as otherwise Golang will totally fubar because it calls the embedded hierarchicalNamespace.AddChild and will then set us not as a userNamespace parent, but instead as a hierarchicalNamespace parent. If this Golang design isn't a fubar, then I really don't know what a fubar is.
func (*UserNamespace) DetectUID ¶
func (uns *UserNamespace) DetectUID(nsref relations.Relation)
DetectUID takes an open file referencing a user namespace to query its owner's UID and then stores it for this user namespace proxy.
func (*UserNamespace) Ownings ¶
func (uns *UserNamespace) Ownings() model.AllNamespaces
Ownings returns all namespaces owned by this user namespace, with the exception of user namespaces. "Owned" user namespaces are actually child user namespaces, so they are returned through Hierarchy.Children() instead.
func (*UserNamespace) ResolveOwner ¶
func (uns *UserNamespace) ResolveOwner(usernsmap model.NamespaceMap)
ResolveOwner sets the owning user namespace reference based on the owning user namespace id discovered earlier. Yes, we're repeating us ourselves with this method, because Golang is self-inflicted pain when trying to emulate inheritance using embedding ... note: it doesn't work correctly. The reason is that we need the use the correct instance pointer and not a pointer to an embedded instance when setting the "owned" relationship.
func (*UserNamespace) SetOwnerUID ¶
func (uns *UserNamespace) SetOwnerUID(uid int)
SetOwnerUID sets the user ID which originally created this user namespace and thus is its owner.
func (*UserNamespace) String ¶
func (uns *UserNamespace) String() string
String describes this instance of a user namespace, with its parent, children, and owned namespaces. This description is non-recursive.
func (*UserNamespace) UID ¶
func (uns *UserNamespace) UID() int
UID returns the user ID of the process that created this user namespace.