On Thu, Apr 23, 2015 at 6:25 PM, Lennart Poettering <lenn...@poettering.net> wrote: > > The kernel doesn't have any nice userspace APIs to translate PIDs like > this, to my knowledge at least. > > That said, one can implement something like this by using the fact > that the kernel will translate user credentials that are sent via > AF_UNIX SCM_CREDENTIALS that pass through a PID namespace > boundary. hence, let's say you have one pid $n that identifies the > namespace you care about, and a container pid $a you want to translate > to host pid $b, then you'd create an AF_UNIX/SOCK_SEQPACKET > socketpair(), fork(), run setns() in the child to join the namespace > of $n, and send a single datagram to the parent with sendmsg(), while > explicitly specifiying the SCM_CREDENTIALS auxiliary field with the $a > in it, and exit. In the parent you use recvmsg() to read that datagram > with its SCM_CREDENTIALS, and use the pid you see as $b. Vice versa, > if you want to translate the other way you would send the datagram the > other way. > > nasty? absolutely! (also, only available for privileged processes, due > to the setns() call). > > I am not aware of any nicer way. >
I think /proc/<pid>/status in current linux.git has additional fields for the process PIDs in all namespaces, so you could probably get the "outer" PID by looking at the container's /proc. -- Mantas Mikulėnas <graw...@gmail.com> On Thu, Apr 23, 2015 at 6:25 PM, Lennart Poettering <lenn...@poettering.net> wrote: > On Fri, 24.04.15 00:10, WaLyong Cho (walyong....@samsung.com) wrote: > > > Hello, > > > > I'm looking for a proper way what method to map PID between host and > > container. > > > > In case of systemctl, if I know pid in container(let's call this pid_c) > > then I can find the pid in sight of host(let's call this pid_h) by using > > "systemctl -M {container} pid_c" in host shell. But I can not find pid_c > > when I know pid_h by using "systemctl status pid_h". > > > > The former seems possible by parsing machine cgroup. > > In the latter case, can we also find the pid_c? > > > > And is there any other method to map between those? > > For example, when if I use lxc then how I find each pid? (lxc-ps?) > > According to my search, namespace can give me some of hints about this. > > I could not find more detail. > > Is there any proper libs or tools for this? > > The kernel doesn't have any nice userspace APIs to translate PIDs like > this, to my knowledge at least. > > That said, one can implement something like this by using the fact > that the kernel will translate user credentials that are sent via > AF_UNIX SCM_CREDENTIALS that pass through a PID namespace > boundary. hence, let's say you have one pid $n that identifies the > namespace you care about, and a container pid $a you want to translate > to host pid $b, then you'd create an AF_UNIX/SOCK_SEQPACKET > socketpair(), fork(), run setns() in the child to join the namespace > of $n, and send a single datagram to the parent with sendmsg(), while > explicitly specifiying the SCM_CREDENTIALS auxiliary field with the $a > in it, and exit. In the parent you use recvmsg() to read that datagram > with its SCM_CREDENTIALS, and use the pid you see as $b. Vice versa, > if you want to translate the other way you would send the datagram the > other way. > > nasty? absolutely! (also, only available for privileged processes, due > to the setns() call). > > I am not aware of any nicer way. > > Lennart > > -- > Lennart Poettering, Red Hat > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- Mantas Mikulėnas <graw...@gmail.com>
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel