Linux Namespaces: Is it possible for a network namespace to exist without being associated with a process? Linux Namespaces: Is it possible for a network namespace to exist without being associated with a process? docker docker

Linux Namespaces: Is it possible for a network namespace to exist without being associated with a process?


networking linux-kernel docker lxc linux-containers

Is it possible that a custom program creates an unnamed net ns, and it is left unassociated with any process?

Yes it's possible. According to Linux namespaces man page (http://man7.org/linux/man-pages/man7/namespaces.7.html):

Each process has a /proc/[pid]/ns/ subdirectory containing one entry for each namespace that supports being manipulated by setns(2):

Bind mounting (see mount(2)) one of the files in this directory to somewhere else in the filesystem keeps the corresponding namespace of the process specified by pid alive even if all processes currently in the namespace terminate.

About the other question:

is it possible to list out such (hidden) net ns from user-space, given that we do not know the paths to the inodes?

If you consider the above quote from the first question, by examining bound paths you should be able to find those hidden namespaces.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last