Julian Thomé wrote:
Hello mailing list,
Daniel Lezcano wrote a patch to make it possible to connect to a unix
domain socket, which belongs to another network namespace.
The patch from Daniel Lezcano is as follows:
I refreshed it against 2.6.33 and put in attachment. Compiled but not
tested ;)
Hope that helps.
-- Daniel
Subject: share af_unix socket through fs
From: Daniel Lezcano <daniel.lezc...@free.fr>
This patch allows to connect to a socket belonging to another
network namespace but visible via the file system.
The 'host' network namespace has to allow another network
namespace to use its sockets via sysctl:
echo 1 > /proc/sys/net/unix/share_via_fs
Signed-off-by: Daniel Lezcano <daniel.lezc...@free.fr>
---
include/linux/sysctl.h | 1 +
include/net/netns/unix.h | 1 +
net/unix/af_unix.c | 4 +++-
net/unix/sysctl_net_unix.c | 8 ++++++++
4 files changed, 13 insertions(+), 1 deletion(-)
Index: linux-2.6/include/net/netns/unix.h
===================================================================
--- linux-2.6.orig/include/net/netns/unix.h
+++ linux-2.6/include/net/netns/unix.h
@@ -7,6 +7,7 @@
struct ctl_table_header;
struct netns_unix {
int sysctl_max_dgram_qlen;
+ bool sysctl_share_via_fs;
struct ctl_table_header *ctl;
};
Index: linux-2.6/net/unix/af_unix.c
===================================================================
--- linux-2.6.orig/net/unix/af_unix.c
+++ linux-2.6/net/unix/af_unix.c
@@ -292,7 +292,8 @@ struct sock *unix_find_socket_byinode(st
&unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
struct dentry *dentry = unix_sk(s)->dentry;
- if (!net_eq(sock_net(s), net))
+ if (!sock_net(s)->unx.sysctl_share_via_fs &&
+ !net_eq(sock_net(s), net))
continue;
if (dentry && dentry->d_inode == i) {
@@ -2229,6 +2230,7 @@ static int unix_net_init(struct net *net
int error = -ENOMEM;
net->unx.sysctl_max_dgram_qlen = 10;
+ net->unx.sysctl_share_via_fs = false;
if (unix_sysctl_register(net))
goto out;
Index: linux-2.6/net/unix/sysctl_net_unix.c
===================================================================
--- linux-2.6.orig/net/unix/sysctl_net_unix.c
+++ linux-2.6/net/unix/sysctl_net_unix.c
@@ -22,6 +22,13 @@ static ctl_table unix_table[] = {
.mode = 0644,
.proc_handler = proc_dointvec
},
+ {
+ .procname = "share_via_fs",
+ .data = &init_net.unx.sysctl_share_via_fs,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec
+ },
{ }
};
@@ -40,6 +47,7 @@ int unix_sysctl_register(struct net *net
goto err_alloc;
table[0].data = &net->unx.sysctl_max_dgram_qlen;
+ table[1].data = &net->unx.sysctl_share_via_fs;
net->unx.ctl = register_net_sysctl_table(net, unix_path, table);
if (net->unx.ctl == NULL)
goto err_reg;
Index: linux-2.6/include/linux/sysctl.h
===================================================================
--- linux-2.6.orig/include/linux/sysctl.h
+++ linux-2.6/include/linux/sysctl.h
@@ -289,6 +289,7 @@ enum
NET_UNIX_DESTROY_DELAY=1,
NET_UNIX_DELETE_DELAY=2,
NET_UNIX_MAX_DGRAM_QLEN=3,
+ NET_UNIX_SHARE_VIA_FS=4,
};
/* /proc/sys/net/netfilter */
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
