Apache Mesos
ns.hpp
Go to the documentation of this file.
1 // Licensed to the Apache Software Foundation (ASF) under one
2 // or more contributor license agreements. See the NOTICE file
3 // distributed with this work for additional information
4 // regarding copyright ownership. The ASF licenses this file
5 // to you under the Apache License, Version 2.0 (the
6 // "License"); you may not use this file except in compliance
7 // with the License. You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 
17 #ifndef __LINUX_NS_HPP__
18 #define __LINUX_NS_HPP__
19 
20 // This file contains Linux-only OS utilities.
21 #ifndef __linux__
22 #error "linux/ns.hpp is only available on Linux systems."
23 #endif
24 
25 #include <sched.h>
26 
27 #include <sys/syscall.h>
28 
29 #include <set>
30 #include <string>
31 
32 #include <stout/lambda.hpp>
33 #include <stout/nothing.hpp>
34 #include <stout/result.hpp>
35 #include <stout/try.hpp>
36 
37 #ifndef CLONE_NEWNS
38 #define CLONE_NEWNS 0x00020000
39 #endif
40 
41 #ifndef CLONE_NEWUTS
42 #define CLONE_NEWUTS 0x04000000
43 #endif
44 
45 #ifndef CLONE_NEWIPC
46 #define CLONE_NEWIPC 0x08000000
47 #endif
48 
49 #ifndef CLONE_NEWPID
50 #define CLONE_NEWPID 0x20000000
51 #endif
52 
53 #ifndef CLONE_NEWNET
54 #define CLONE_NEWNET 0x40000000
55 #endif
56 
57 #ifndef CLONE_NEWUSER
58 #define CLONE_NEWUSER 0x10000000
59 #endif
60 
61 #ifndef CLONE_NEWCGROUP
62 #define CLONE_NEWCGROUP 0x02000000
63 #endif
64 
65 // Define a 'setns' for compilation environments that don't already
66 // have one.
67 inline int setns(int fd, int nstype)
68 {
69 #ifdef SYS_setns
70  return ::syscall(SYS_setns, fd, nstype);
71 #elif defined(__x86_64__)
72  // A workaround for those hosts that have an old glibc (older than
73  // 2.14) but have a new kernel. The magic number '308' here is the
74  // syscall number for 'setns' on x86_64 architecture.
75  return ::syscall(308, fd, nstype);
76 #else
77 #error "setns is not available"
78 #endif
79 }
80 
81 namespace ns {
82 
83 // Returns the nstype (e.g., CLONE_NEWNET, CLONE_NEWNS, etc.) for the
84 // given namespace which can be used when calling ::setns.
85 Try<int> nstype(const std::string& ns);
86 
87 
88 // Returns all the supported namespaces by the kernel.
89 std::set<std::string> namespaces();
90 
91 
92 // Returns all the supported namespaces by the kernel.
93 std::set<int> nstypes();
94 
95 
96 // Re-associate the calling process with the specified namespace. The
97 // path refers to one of the corresponding namespace entries in the
98 // /proc/[pid]/ns/ directory (or bind mounted elsewhere). We do not
99 // allow a process with multiple threads to call this function because
100 // it will lead to some weird situations where different threads of a
101 // process are in different namespaces.
103  const std::string& path,
104  const std::string& ns,
105  bool checkMultithreaded = true);
106 
107 
108 // Re-associate the calling process with the specified namespace. The
109 // pid specifies the process whose namespace we will associate.
110 Try<Nothing> setns(pid_t pid, const std::string& ns);
111 
112 
113 // Get the inode number of the specified namespace for the specified
114 // pid. The inode number identifies the namespace and can be used for
115 // comparisons, i.e., two processes with the same inode for a given
116 // namespace type are in the same namespace.
117 Result<ino_t> getns(pid_t pid, const std::string& ns);
118 
119 
159  pid_t target,
160  int nstypes,
161  const lambda::function<int()>& f,
162  int flags);
163 
164 
165 // Returns the namespace flags in the string form of bitwise-ORing the
166 // flags, e.g., CLONE_NEWNS | CLONE_NEWNET.
167 std::string stringify(int flags);
168 
169 } // namespace ns {
170 
171 #endif // __LINUX_NS_HPP__
Try< pid_t > clone(pid_t target, int nstypes, const lambda::function< int()> &f, int flags)
Performs an os::clone after entering a set of namespaces for the specified target process...
F && f
Definition: defer.hpp:270
Definition: try.hpp:34
int setns(int fd, int nstype)
Definition: ns.hpp:67
Try< Nothing > setns(const std::string &path, const std::string &ns, bool checkMultithreaded=true)
Definition: result.hpp:40
std::set< int > nstypes()
DWORD pid_t
Definition: windows.hpp:187
std::set< std::string > namespaces()
#define flags
Definition: decoder.hpp:18
Result< ino_t > getns(pid_t pid, const std::string &ns)
Try< int > nstype(const std::string &ns)
std::string stringify(int flags)