namespaces/multi_pidns.cThis is namespaces/multi_pidns.c, an example to accompany the book, The Linux Programming Interface. This file is not printed in the book; it demonstrates Linux features that are not described in the book (typically features that have appeared since the book was published). The source code file is copyright 2024, Michael Kerrisk, and is licensed under the GNU General Public License, version 3. In the listing below, the names of Linux system calls and C library functions are hyperlinked to manual pages from the Linux man-pages project, and the names of functions implemented in the book are hyperlinked to the implementations of those functions.
|
/* multi_pidns.c Create a series of child processes in nested PID namespaces. See https://lwn.net/Articles/531419/ */ #define _GNU_SOURCE #include <sched.h> #include <unistd.h> #include <stdlib.h> #include <sys/wait.h> #include <string.h> #include <signal.h> #include <stdio.h> #include <limits.h> #include <sys/mount.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/mman.h> /* A simple error-handling function: print an error message based on the value in 'errno' and terminate the calling process */ #define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \ } while (0) #define STACK_SIZE (1024 * 1024)
/* Recursively create a series of child process in nested PID namespaces. 'arg' is an integer that counts down to 0 during the recursion. When the counter reaches 0, recursion stops and the tail child executes the sleep(1) program. */ static int childFunc(void *arg) { static int first_call = 1; long level = (long) arg; if (!first_call) { /* Unless this is the first recursive call to childFunc() (i.e., we were invoked from main()), mount a procfs for the current PID namespace */ char mount_point[PATH_MAX]; snprintf(mount_point, PATH_MAX, "/proc%c", (char) ('0' + level)); mkdir(mount_point, 0555); /* Create directory for mount point */ if (mount("proc", mount_point, "proc", 0, NULL) == -1) errExit("mount"); printf("Mounting procfs at %s\n", mount_point); } first_call = 0; if (level > 0) { /* Recursively invoke childFunc() to create another child in a nested PID namespace */ level--; pid_t child_pid; char *stack = mmap(NULL, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); if (stack == MAP_FAILED) errExit("mmap"); child_pid = clone(childFunc, stack + STACK_SIZE, /* Assume stack grows downward */ CLONE_NEWPID | SIGCHLD, (void *) level); if (child_pid == -1) errExit("clone"); munmap(stack, STACK_SIZE); if (waitpid(child_pid, NULL, 0) == -1) /* Wait for child */ errExit("waitpid"); if (munmap(stack, STACK_SIZE) == -1) errExit("munmap"); } else { /* Tail end of recursion: execute sleep(1) */ printf("Final child sleeping\n"); execlp("sleep", "sleep", "1000", (char *) NULL); errExit("execlp"); } return 0; }
int main(int argc, char *argv[]) { long levels = (argc > 1) ? atoi(argv[1]) : 5; childFunc((void *) levels); exit(EXIT_SUCCESS); }
Note that, in most cases, the programs rendered in these web pages are not free standing: you'll typically also need a few other source files (mostly in the lib/ subdirectory) as well. Generally, it's easier to just download the entire source tarball and build the programs with make(1). By hovering your mouse over the various hyperlinked include files and function calls above, you can see which other source files this file depends on.