Chapter 2: Process Management and Scheduling
4 5 6 7 8 91 2 31
2 312 3parentparentParent
namespaceChildNamespaces
Figure 2-3: Namespaces can be related in a hierarchical order.
Each namespace has a parent from which it originates, and a
parent can have multiple children.the filesystem and is thus a simple namespace mechanism. True namespaces do, however, allow for
controlling much more than just the view on the filesystem.
New namespaces can be established in two ways:
- When a new process is created with theforkorclonesystem call, specific options control if
namespaces will be shared with the parent process, or if new namespaces are created. - Theunsharesystem call dissociates parts of a process from the parent, and this also includes
namespaces. See the manual pageunshare(2)for more information.
Once a process has been disconnected from the parent namespace using any of the two mechanisms
above, changing a — from its point of view — global property will not propagate into the parent names-
pace, and neither will a change on the parent side propagate into the child, at least for simple quantities.
The situation is more involved for filesystems where the sharing mechanisms are very powerful and
allow a plethora of possibilities, as discussed in Chapter 8.
Namespaces are currently still marked as experimental in the standard kernel, and development to make
all parts of the kernel fully namespace-aware are stillgoing on. As of kernel 2.6.24, the basic framework is,
however, set up and in place.^4 The fileDocumentation/namespaces/compatibility-list.txtprovides
information about some problems that are still present in the current state of the implementation.
(^4) This, however, does not imply that the approach was only recently developed. In fact, the methods have been used in production
systems over many years, but were only available as external kernel patches.