diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2021-09-29 16:11:06 +0200 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2021-10-07 04:05:15 +0200 |
| commit | 9a175cc2cea75b98fc3c20381f58dcabf24ef529 (patch) | |
| tree | 44e40e4dff717ec2e4d12402a47bcf33a6f4f92b /passt.1 | |
| parent | ab3283802206d19ea8509f5471b5c0928ca5835f (diff) | |
| download | passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar.gz passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar.bz2 passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar.lz passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar.xz passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.tar.zst passt-9a175cc2cea75b98fc3c20381f58dcabf24ef529.zip | |
pasta: Allow specifying paths and names of namespaces
Based on a patch from Giuseppe Scrivano, this adds the ability to:
- specify paths and names of target namespaces to join, instead of
a PID, also for user namespaces, with --userns
- request to join or create a network namespace only, without
entering or creating a user namespace, with --netns-only
- specify the base directory for netns mountpoints, with --nsrun-dir
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
[sbrivio: reworked logic to actually join the given namespaces when
they're not created, implemented --netns-only and --nsrun-dir,
updated pasta demo script and man page]
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'passt.1')
| -rw-r--r-- | passt.1 | 30 |
1 files changed, 24 insertions, 6 deletions
@@ -12,7 +12,7 @@ [\fIOPTION\fR]... .br .B pasta -[\fIOPTION\fR]... [\fITARGET_PID\fR] +[\fIOPTION\fR]... [\fIPID\fR|\fIPATH\fR|\fINAME\fR] .SH DESCRIPTION @@ -56,11 +56,10 @@ or with the \fBqrap\fR(1) wrapper. equivalent functionality to network namespaces, as the one offered by \fBpasst\fR for virtual machines. -If TARGET_PID is given, \fBpasta\fR associates to the user and network namespace -of the corresponding process. Otherwise, \fBpasta\fR creates a new user and -network namespace, and spawns an interactive shell within this context. A -\fItap\fR device within the network namespace is created to provide network -connectivity. +If PID, PATH or NAME are given, \fBpasta\fR associates to an existing user and +network namespace. Otherwise, \fBpasta\fR creates a new user and network +namespace, and spawns an interactive shell within this context. A \fItap\fR +device within the network namespace is created to provide network connectivity. For local TCP and UDP traffic only, \fBpasta\fR also implements a bypass path directly mapping Layer-4 sockets between \fIinit\fR and target namespaces, @@ -357,6 +356,25 @@ Configure UDP port forwarding from target namespace to init namespace. Default is \fBauto\fR. +.TP +.BR \-\-userns " " \fIspec +Target user namespace to join, as path or name (i.e. suffix for --nsrun-dir). If +PID is given, without this option, the user namespace will be the one of the +corresponding process. + +This option requires PID, PATH or NAME to be specified. + +.TP +.BR \-\-netns-only +Join or create only the network namespace, not a user namespace. This is implied +if PATH or NAME are given without \-\-userns. + +.TP +.BR \-\-nsrun-dir " " \fIpath +Directory for nsfs mountpoints, used as path prefix for names of namespaces. + +The default path is shown with --help. + .SH EXAMPLES .SS \fBpasta |