Find a way to use pipe work for different namespace synchnization

[HackToday]

Hi @LK4D4 , Thanks for blog, it helped me a lot to understand docker namespace magic. I like such hack learning.

I did not know you mail, so sorry to open a issue for one question :)

I have written C code like this: https://github.com/HackToday/Hackwork/blob/master/linux-namespace/netns.c

Also a simple go code (some reference your implementation, it is about MNT ns) https://github.com/HackToday/Hackwork/blob/master/go-container/gocontainer-4/main.go

I did read your blog about http://lk4d4.darth.io/ network namespace part, Right now, I want to use pipe to sychnization, as netns.c (I learn docker used this magic), instead of looping ways between parent and child network operation(interface ready and up etc)

Could you show me some hint how to achieve that ?

[HackToday]

ping @LK4D4 wish to get your insight. Thanks

[LK4D4]

You can find simple pipe-sync trick in man user_namespace. It used for different task, but idea is the same.

[HackToday]

hi @LK4D4 What's man user_namespace ? Seems linux not have such man page for that

$ man user_namespace No manual entry for user_namespace

[LK4D4]

Sorry, it's user_namespaces

[HackToday]

yes @LK4D4 I did read that article before, For C seems it is easy combine with pipe and clone call.

But for your GO program, it seems use magic like

    cmd := &exec.Cmd{
            Path: os.Args[0],
            Args: append([]string{"forkChild"}, args...),
    }

to simulate clone ways. which make me find diffcult to use such pipe ways.

Did you try Go ways for pipe like that?

[LK4D4]

@HackToday I think any fork/clone actions is dangerous in Golang because of its runtime. Only safe way is to do fork-exec(exec.Cmd).

[Joey777210]

hello there! I dont know if you guys have fix that problem yet... I got the same error while writing my own container...

[LK4D4]

@Joey777210 Not sure which error you means. This issue is about using pipes for synchronization.