Home > process > Starting isolated namespace inside network namespace

Starting isolated namespace inside network namespace

February 12Hits:0
Advertisement

I've managed to create two network namespaces (ns1 and ns2) and connect them via veth connection. They can ping each other fine, and even ssh one into another (provided I started sshd).

What I would want to do now is to start some process inside ns1 (let's say vi) that can't be seen or atleast can't be modified/killed from ns2. Is that possible?

I tried using

unshare -p vi 

on ns1 but it's still killable from ns2. I can understand it beeing killable from global/default network namespace since it's derived from it, but ns2 shouldn't be able to kill a process inside ns1. Atleast that's what I want to achieve. Any help would be appreciated.

Related Articles

  • Starting isolated namespace inside network namespaceFebruary 12

    I've managed to create two network namespaces (ns1 and ns2) and connect them via veth connection. They can ping each other fine, and even ssh one into another (provided I started sshd). What I would want to do now is to start some process inside ns1

  • Importing namespaces inside another namespaceFebruary 9

    I generally like to organize classes I make into modules by using namespaces, and I also don't go more than 2 namespaces deep but it's still painstakingly hard to fully qualify everything. I've thought of using using directives but I don't want some

  • Iptables LOG rule inside a network namespaceMay 13

    I'm trying to setup iptables rules for a docker container. I'm using nsenter to execute the iptables command inside of the container's network namespace: # log access to port 8080 PID=$(docker inspect --format "{{.State.Pid}}" $ID) /home/ubuntu/

  • access tap interface in network namespace across machinesNovember 15

    I want to be able to access services running on a TAP interface within a namespace from outside the machine where it is running. I have setup that looks like this - VM1/Machine1 +eth0 : Public Network +eth1 : Private Network (IP: 192.168.2.5/24) VM2/

  • Feed all traffic through OpenVPN for a specific network namespace onlyAugust 8

    I am trying to set up a VPN (using OpenVPN) such that all of the traffic, and only the traffic, to/from specific processes goes through the VPN; other processes should continue to use the physical device directly. It is my understanding that the way

  • Secure way to allow any user to run programs in specific network namespaceMarch 13

    I have a cell modem connected to my server that I want to use as a means to get notification emails out when the landline dies. To nicely separate normal network access and this exceptional cell modem access, I created a network namespace and created

  • How to allow applications in network namespace access to global filesystem?April 23

    I have several applications that are potentially high-risk and high-throughput (like bind, ntpd, etc.). I plan on having a "management domain" for OS tasks, updates, SNMP, automation, etc. and a "service domain" that only includes the

  • cannot ping linux network namespace within the same subnetMay 28

    Here is a quick summary of the issue. I cannot communicate with a linux network namespace within the same subnet. I am running Ubuntu 14.04.1 LTS on a headless server. I have been troubleshooting this for about a week, so thanks in advanced for any r

  • Dnsmasq problem with Linux network namespaceOctober 26

    I have tried to use dnsmasq as the name server for virtual machines. On all the vm-s, /etc/resolv.conf indicates the vm need to access 192.168.15.3 to resolve the domain names. However, the interface holding 192.168.15.3 is lying inside a network nam

  • How to provide connectivity to a bridge running in a different network namespace?December 22

    I have a bridge running in a different network namespace. I want to access this bridge in host system. For e.g: I have created a network namepsace: my_namespace. Now inside this network namepsace i have created a bridge with different interfaces. I w

  • port forwarding to application in network namespace with vpnJanuary 25

    I was able to set up a network namespace, establish a tunnel with openvpn and start an application that uses this tunnel inside the namespace. So far so good, but this application can be accessed via a web interface and I cant't figure out how to rou

  • Is sa1200 All using directives must be placed inside the namespace (StyleCop) purely cosmetic? July 1

    Possible Duplicate: Should Usings be inside or outside the namespace sa1200 All using directives must be placed inside the namespace (StyleCop) Is this just for code readibility or is there any actual advantage to doing so? Does it help the GC someho

  • Creating a new network namespace on LinuxMay 25

    I'd like to create a new network namespace on Linux. http://www.spinics.net/lists/linux-containers/msg10895.html tells me that I can attach a shell to an existing namespace with ID X by running: $ chnetns X /bin/sh This works fine if the namespace al

  • Howto query and change network namespace on linux?July 19

    I was wondering if there is a way to Query the network namespace the current shell is in Change the current network namespace of the current shell I know I can do things like sudo ip netns exec <namespace_name> <some command> to execute a cert

  • How to move wireless connection to other network namespace?October 3

    # ip link set wlan0 netns 1 RTNETLINK answers: Invalid argument It works for usual ethernet. It also works for proprietary broadcom "wl" driver. How to do it for usual mac80211-based driver? --------------Solutions------------- You need to move

  • Linux network namespaces - ping fails on specific vethJanuary 21

    I just started to exploring network namespaces. I try to implement the following simple setting following the article in http://www.opencloudblog.com/?p=42 +--------+ +-----------+ +--------+ | |------+ +------+ |------+ +------| | |nstest2 |veth-2++

  • Creating VLANs between network namespaces

    Creating VLANs between network namespaces January 23

    I want to implement the topology shown in the figure below using network namespaces (ns1 to ns4). I can implement the above topology without splitting the network into two different VLANs using the following commands (based on this article, titled: I

  • Network connectivity issue between different hosts from a network namespace in one hostJune 11

    I have created two Ubuntu 12.04 VMs using VMWare Player with NAT network configuration. I am able to ping them from each other. After that, I created a network namespace in one of them and add a virtual interface. From the network namespace I can acc

  • How to set DNS exclusively for a Network Namespace in LinuxJuly 22

    I've created a network namespace in Linux. I thought there was a resolv.conf file for each namespaces created but it's not the case on my system. I don't have the following path /etc/netns/namespace_name/resolv.conf.. The folder netns doesn't exist.

  • How to set DNS exclusively for a Network NamespaceJuly 22

    I've created a network namespace. I thought there was a resolv.conf file for each namespaces created but it's not the case on my system (Ubuntu 14.04). I don't have the following path /etc/netns/namespace_name/resolv.conf.. The folder netns doesn't e

Copyright (C) 2018 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.514 s.