def open_process_namespaces(pid, namespace_fd, namespaces): for ct_ns in namespaces: try: # arg 0 means readonly namespace_fd[ct_ns] = libc.open('/proc/' + pid + '/ns/' + ct_ns, 0) if namespace_fd[ct_ns] == -1: errno_msg = misc.get_errno_msg(libc) error_msg = 'Opening the %s namespace file failed: %s' \ % (ct_ns, errno_msg) logger.warning(error_msg) if ct_ns == 'mnt': raise Exception(error_msg) except Exception as e: error_msg = 'The open() syscall failed with: %s' % e logger.warning(error_msg) if ct_ns == 'mnt': raise e
def attach_to_process_namespaces(namespace_fd, ct_namespaces): for ct_ns in ct_namespaces: try: if hasattr(libc, 'setns'): r = libc.setns(namespace_fd[ct_ns], 0) else: # The Linux kernel ABI should be stable enough __NR_setns = 308 r = libc.syscall(__NR_setns, namespace_fd[ct_ns], 0) if r == -1: errno_msg = misc.get_errno_msg(libc) error_msg = ('Could not attach to the container %s ' 'namespace (fd=%s): %s' % (ct_ns, namespace_fd[ct_ns], errno_msg)) logger.warning(error_msg) if ct_ns == 'mnt': raise Exception(error_msg) except Exception as e: error_msg = 'The setns() syscall failed with: %s' % e logger.warning(error_msg) if ct_ns == 'mnt': logger.exception(e) raise e