pysetns

Note

Requires execution from ROOT!

class pysetns.Namespace[source]

Namespace object

__init__(target_pid, ns_types=NS_ALL, target_gid=None, target_uid=None, do_fork=False, true_user=False, keep_caps=False)[source]
Parameters:

  • target_pid (int | str) – The pid of the process whose namespace you want to access

  • ns_types (int) –

    Namespace types to be accessed. These are bitwise. NS_ALL included all of this:

    • NS_TIME - time namespace (since Linux 5.8)

    • NS_MNT - mount namespace group (since Linux 3.8)

    • NS_CGROUP - cgroup namespace (since Linux 4.6)

    • NS_UTS - utsname namespace (since Linux 3.0)

    • NS_IPC - ipc namespace (since Linux 3.0)

    • NS_USER - user namespace (since Linux 3.8)

    • NS_PID - pid namespace (since Linux 3.8)

    • NS_NET - network namespace (since Linux 3.0)

  • target_gid (int | None) –

  • target_uid (int | None) – The GID and UID of the user you want to access in NS_USER as. If None, the GID and UID of the process owner will be used

  • do_fork (bool) – Enter into the namespace in a separate process. If ns_types includes NS_USER or NS_PID, entering into the namespace will be done in a separate process and do_fork value is ignored

  • true_user (bool) – If False (default), entering into NS_USER will be done by simply switching to target GID and UID (target_gid, target_uid), otherwise through a system call, but then returning from the namespace will not be possible and the program will need to be terminated, and in this case the UserNamespaceWarning exception will be raised

  • keep_caps (bool) – Preserve root capabilities if you need to perform an action on behalf of a user with administrator rights. Only relevant if ns_types includes NS_USER

Raises:

  • FileNotFoundError, OSError – if target_pid is not valid

  • TypeError – if ns_types is not valid

enter(target, *args, **kwargs)[source]

Enter into namespace and execute target function with its args and kwargs. Exiting namespaces will happen automatically. But if this needs to be done inside the target function, pass the namespace object as one of the parameters to it and call the Namespace.exit() method. If an error occurs while entering into namespace, it will be written to the Namespace.errors attribute in the format {ns_type: error}, and if it was not the only ns_type, work will continue. Errors caused by the operation of the target function will be ignored, so take care of them yourself.

Return type:

None

Raise:

UserNamespaceWarning on exiting when true_user parameter of the Namespace is True

exit(errcode=0)[source]

Exit from namespace and set the errcode if required. You usually don’t need to call this method yourself. If the errcode is set to 11 (EAGAIN), the Namespace.retry attribute will be set to True.

Return type:

None

Raise:

UserNamespaceWarning when true_user parameter of the Namespace is True

exception pysetns.UserNamespaceWarning[source]
__init__(gid, uid, pid)[source]
pysetns.get_ns_string(ns_types)[source]

Represents namespace types ns_types in string view :type ns_types: int :rtype: str