Mapping PIDs from parent->child namespaces

Mike Heffner mikeh at fesnel.com
Tue Jan 4 11:57:16 PST 2011


On 01/04/2011 11:04 AM, Daniel Lezcano wrote:
> On 01/04/2011 12:02 AM, Mike Heffner wrote:
>> Hi,
>>
>> Is it possible for a process running in a parent PID namespace to map
>> the PID of a process running in a child's namespace from the
>> parent->child's namespace? For example, if I span the process "myproc"
>> with CLONE_NEWPID then a call to getpid() inside myproc will return "1"
>> whereas in the parent's namespace that process could actually be PID
>> "23495". I'd like to be able to know that 23495 maps to 1 in the new NS.
>> Obviously, just mapping the first PID is straightforward since I can
>> just look at the result of clone(). However, mapping the PIDs of
>> processes subsequently forked from "myproc" -- in this example -- I
>> haven't been able to figure out.
>
> AFAIK, it is not possible.
>
> That would be very nice to show the pid<->  vpid association.
>
> The procfs is a good candidate to show these informations.
>
> That would makes sense to show the content of /proc/<pid>/status with
> the pid relatively to the namespace.
>
> Let me give an example:
>
> Assuming the process '1234' creates a new pid namespace, and the child
> which is '1' in the new namespace has the real pid '4321'. This one
> mounts its /proc.
>
> If the process '1234' looks at /proc/4321/root/proc/1/status, it sees:
>
> ...
> Tgid:	1
> Pid:	1
> PPid:	0
> ...
>
>
> It could be:
>
> ...
> Tgid:	4321
> Pid:	4321
> PPid:	1234
> ...
>
> as the file is inspected from the parent namespace. Of course, if the
> file is looked from the child namespace context, we will see '1', '1'
> and '0'.
>
> I suppose the patch in the kernel should very small also.
>
> Thoughts ?

Would that mean that finding the pid->vpid association for a real PID X 
requires checking all files /proc/<X>/root/proc/<Y>/status where Y is 
all vpids until you find the one where Pid == X? It would be nice to 
have a have a way to check a single file for the association where vpid 
is not known beforehand -- unless I'm misunderstanding your solution.


Cheers,

Mike


More information about the Containers mailing list