Tuesday, December 1, 2015

lsns(8) new command to list Linux namespaces

The namespaces are commonly used way how to isolate global (ipc, mount, net, ...) resource instances. Unfortunately, we have no command line tool to list namespaces. The new command lsns(8) tries to fill this gap.

Examples:

# lsns
        NS TYPE  NPROCS   PID USER   COMMAND
4026531836 pid      276     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026531837 user     276     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026531838 uts      276     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026531839 ipc      276     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026531840 mnt      269     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026531857 mnt        1    63 root   kdevtmpfs
4026531963 net      275     1 root   /usr/lib/systemd/systemd --system --deserialize 15
4026532189 mnt        1   545 root   /usr/lib/systemd/systemd-udevd
4026532390 net        1   776 rtkit  /usr/libexec/rtkit-daemon
4026532478 mnt        1   776 rtkit  /usr/libexec/rtkit-daemon
4026532486 mnt        1   847 colord /usr/libexec/colord
4026532518 mnt        3  6500 root   -bash
and list namespace content:
# lsns 4026532518
  PID  PPID USER COMMAND
 6500  6372 root -bash
19572  6500 root └─/usr/bin/mc -P /tmp/mc-root/mc.pwd.6500
19575 19572 root   └─bash -rcfile .bashrc
help output with columns description:
# lsns -h
  
Usage:
 lsns [options] [namespace]
  
List system namespaces.
  
Options:
 -J, --json             use JSON output format
 -l, --list             use list format output
 -n, --noheadings       don't print headings
 -o, --output list      define which output columns to use
 -p, --task pid         print process namespaces
 -r, --raw              use the raw output format
 -u, --notruncate       don't truncate text in columns
 -t, --type name        namespace type (mnt, net, ipc, user, pid, uts)
  
 -h, --help     display this help and exit
 -V, --version  output version information and exit
  
Available columns (for --output):
          NS  namespace identifier (inode number)
        TYPE  kind of namespace
        PATH  path to the namespace
      NPROCS  number of processes in the namespace
         PID  lowers PID in the namespace
        PPID  PPID of the PID
     COMMAND  command line of the PID
         UID  UID of the PID
        USER  username of the PID
  
For more details see lsns(8).
The important detail is that you can see only namespaces accessible from currently mounted /proc filesystem. The lsns(8) is not able to list persistent namespaces without processes where the namespace instance is hold by bind mounts of the /proc/[pid]/ns/[type] files and the output may be affected by unshared PID namespace and unshared /proc (see unshare(8) for more details).

... it will be probably available in util-linux v2.28 (~ January 2016).