lnx
github.com/tobert/lnxns
go get github.com/tobert/lnxns
lnx

github.com/tobert/lnxns

Create and use Linux namespaces from Go

by Amy Tobey

v0.0.0-20130325020643-b35a919ac187 (see all)License:BSD-3-Clause
go get github.com/tobert/lnxns
Readme

lnxns - Linux namespaces in Go

Warning

This is brand-new software. I've tested it minimally before pushing to Github. Do not expect signatures and layout to be consistent until this note disappears.

Requirements

Linux >= 2.6.24 with:

CONFIG_NAMESPACES=y
CONFIG_UTS_NS=y
CONFIG_IPC_NS=y
CONFIG_PID_NS=y
CONFIG_NET_NS=y (eventually)

Root or CAP_SYS_ADMIN privileges. Using setcap on a binary may not be safe on a multi-user system since input checking isn't very thorough.

Build

make
make test
make clean
make binaries

Example

If busybox is installed, this should work

sudo ./nschroot /bin /busybox ls /

mkdir -p /tmp/root
cp -a /bin/busybox /tmp/root
touch /tmp/root/foobar
go build -o nschroot nschroot.go && sudo ./nschroot /tmp/root /busybox ls

To use the 'cgroup' utility to put a process into a cgroup:

sudo ./cgroup -name awesome -program /usr/bin/touch -env bar=baz -- /tmp/foo

TODO

  • 'contain' utility that executes inside a namespaced/cgrouped container
  • capabilities helpers
  • veth setup

History

  • 2013-03-25: 'nschroot' and 'cgroup' are working
  • 2013-02-19: nschroot seems to work fine as root. Cgroups aren't there yet, but I should have a workable API soon.

Author

Al Tobey tobert@gmail.com @AlTobey

License

Copyright 2013 Albert P Tobey. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.

GitHub Stars

12

LAST COMMIT

9yrs ago

MAINTAINERS

0

CONTRIBUTORS

1

OPEN ISSUES

0

OPEN PRs

0
VersionTagPublished
v0.0.0-20130325020643-b35a919ac187
2yrs ago
No alternatives found
No tutorials found
Add a tutorial