[ViewVC] Contents of: cvs/Linux-Clone/README

NAME
    Linux::Clone - an interface to the linux clone(2) and unshare(2)
    syscalls

SYNOPSIS
     use Linux::Clone;

DESCRIPTION
    This module exposes the linux clone(2) and unshare(2) syscalls to Perl.

    $retval = unshare $flags
        The following CLONE_ flag values (without CLONE_ prefix) are
        supported for unshare, if found, in this release. See the
        documentation for unshare(2) for more info on what they do:

           Linux::Clone::FILES
           Linux::Clone::FS
           Linux::Clone::NEWNS   (in unshare, implies FS)
           Linux::Clone::VM      (in unshare, implies SIGHAND)
           Linux::Clone::THREAD  (in unshare, implies VM, SIGHAND)
           Linux::Clone::SIGHAND
           Linux::Clone::SYSVSEM
           Linux::Clone::NEWUTS
           Linux::Clone::NEWIPC
           Linux::Clone::NEWNET

        Example: unshare the network namespace and prove that by calling
        ifconfig, showing only an unconfigured lo interface.

           Linux::Clone::unshare Linux::Clone::NEWNET
              and "unshare: $!";
           system "ifconfig -a";

        Example: unshare the network namespace, initialise the loopback
        interface, create a veth interface pair, put one interface into the
        parent processes namespace (use ifconfig -a from another shell),
        configure the other interface with 192.168.99.2 -> 192.168.99.1 and
        start a shell.

           use Linux::Clone;

           # unshare our network namespace
           Linux::Clone::unshare Linux::Clone::NEWNET
             and "unshare: $!";

           my $ppid = getppid;

           system "
              # configure loopback interface
              ip link set lo up
              ip route add 127.0.0.0/8 dev lo

              # create veth pair
              ip link add name veth_master type veth peer name veth_slave

              # move veth_master to our parent process' namespace
              ip link set veth_master netns $ppid

              # configure the local interface
              ip link set veth_slave up
              ip addr add 192.168.99.2/32 dev veth_slave
              ip route add 192.168.99.1/32 dev veth_slave
           ";

           print <<EOF;
           say hi to your new network namespace, use exit to return.

           try this from another shell to get networking up:

           ip link set veth_master up
           ip addr add 192.168.99.1/32 dev veth_master
           ip route add 192.168.99.2/32 dev veth_master

           EOF
           system "bash";

        Example: unshare the filesystem namespace and make a confusing bind
        mount only visible to the current process.

           use Linux::Clone;

           Linux::Clone::unshare Linux::Clone::NEWNS
              and die "unshare: $!";

           # now bind-mount /lib over /etc and ls -l /etc - scary
           system "mount -n --bind /lib /etc";
           system "ls -l /etc";

    $retval = Linux::Clone::clone $coderef, $stacksize, $flags[, $ptid,
    $tls, $ctid]
        Clones a new process as specified via $flags and calls $coderef
        without any arguments (a closure might help you if you need to pass
        arguments without global variables). The return value from coderef
        is returned to the system.

        The $stacksize specifies how large a stack to allocate for the
        child. If it is 0, then a default stack size (currently 4MB) will be
        allocated. There is currently no way to free this area again in the
        child.

        $ptid, if specified, will receive the thread id, $tls, if specified,
        must contain a "struct user_desc" and $ctid is currently totally
        unsupported and must not be specified.

        Since this call basically bypasses both perl and your libc (for
        example, $$ might reflect the parent *or* child pid in the child),
        you need to be very careful when using this call, which means you
        should probably have a very good understanding of perl memory
        management and how fork and clone work.

        The following flags are supported for clone, in addition to all
        flags supported by "unshare", above, and a signal number. When in
        doubt, refer to the clone(2) manual page.

           Linux::Clone::PTRACE
           Linux::Clone::VFORK
           Linux::Clone::SETTLS         (not yet implemented)
           Linux::Clone::PARENT_SETTID  (not yet implemented)
           Linux::Clone::CHILD_SETTID   (not yet implemented)
           Linux::Clone::CHILD_CLEARTID (not yet implemented)
           Linux::Clone::DETACHED
           Linux::Clone::UNTRACED
           Linux::Clone::NEWUSER
           Linux::Clone::NEWPID
           Linux::Clone::IO

        Note that for practical reasons you basically must not use
        "Linux::Clone::VM" or "Linux::Clone::VFORK", as perl is unlikely to
        cope with that.

        This is the glibc clone call, it cannot be used to emulate fork.

        Example: do a fork-like clone, sharing nothing, slightly confusing
        perl and your libc, and exit immediately.

           my $pid = Linux::Clone::clone sub { warn "in child"; 77 }, 0, POSIX::SIGCHLD;

AUTHOR
     Marc Lehmann <schmorp@schmorp.de>
     http://home.schmorp.de/

Revision:	1.1
Committed:	Mon Nov 28 05:43:03 2011 UTC (12 years, 5 months ago) by root
Branch:	MAIN
CVS Tags:	rel-0_01
Log Message:	0.01
#	Content
1	NAME
2	Linux::Clone - an interface to the linux clone(2) and unshare(2)
3	syscalls
4
5	SYNOPSIS
6	use Linux::Clone;
7
8	DESCRIPTION
9	This module exposes the linux clone(2) and unshare(2) syscalls to Perl.
10
11	$retval = unshare $flags
12	The following CLONE_ flag values (without CLONE_ prefix) are
13	supported for unshare, if found, in this release. See the
14	documentation for unshare(2) for more info on what they do:
15
16	Linux::Clone::FILES
17	Linux::Clone::FS
18	Linux::Clone::NEWNS (in unshare, implies FS)
19	Linux::Clone::VM (in unshare, implies SIGHAND)
20	Linux::Clone::THREAD (in unshare, implies VM, SIGHAND)
21	Linux::Clone::SIGHAND
22	Linux::Clone::SYSVSEM
23	Linux::Clone::NEWUTS
24	Linux::Clone::NEWIPC
25	Linux::Clone::NEWNET
26
27	Example: unshare the network namespace and prove that by calling
28	ifconfig, showing only an unconfigured lo interface.
29
30	Linux::Clone::unshare Linux::Clone::NEWNET
31	and "unshare: $!";
32	system "ifconfig -a";
33
34	Example: unshare the network namespace, initialise the loopback
35	interface, create a veth interface pair, put one interface into the
36	parent processes namespace (use ifconfig -a from another shell),
37	configure the other interface with 192.168.99.2 -> 192.168.99.1 and
38	start a shell.
39
40	use Linux::Clone;
41
42	# unshare our network namespace
43	Linux::Clone::unshare Linux::Clone::NEWNET
44	and "unshare: $!";
45
46	my $ppid = getppid;
47
48	system "
49	# configure loopback interface
50	ip link set lo up
51	ip route add 127.0.0.0/8 dev lo
52
53	# create veth pair
54	ip link add name veth_master type veth peer name veth_slave
55
56	# move veth_master to our parent process' namespace
57	ip link set veth_master netns $ppid
58
59	# configure the local interface
60	ip link set veth_slave up
61	ip addr add 192.168.99.2/32 dev veth_slave
62	ip route add 192.168.99.1/32 dev veth_slave
63	";
64
65	print <<EOF;
66	say hi to your new network namespace, use exit to return.
67
68	try this from another shell to get networking up:
69
70	ip link set veth_master up
71	ip addr add 192.168.99.1/32 dev veth_master
72	ip route add 192.168.99.2/32 dev veth_master
73
74	EOF
75	system "bash";
76
77	Example: unshare the filesystem namespace and make a confusing bind
78	mount only visible to the current process.
79
80	use Linux::Clone;
81
82	Linux::Clone::unshare Linux::Clone::NEWNS
83	and die "unshare: $!";
84
85	# now bind-mount /lib over /etc and ls -l /etc - scary
86	system "mount -n --bind /lib /etc";
87	system "ls -l /etc";
88
89	$retval = Linux::Clone::clone $coderef, $stacksize, $flags[, $ptid,
90	$tls, $ctid]
91	Clones a new process as specified via $flags and calls $coderef
92	without any arguments (a closure might help you if you need to pass
93	arguments without global variables). The return value from coderef
94	is returned to the system.
95
96	The $stacksize specifies how large a stack to allocate for the
97	child. If it is 0, then a default stack size (currently 4MB) will be
98	allocated. There is currently no way to free this area again in the
99	child.
100
101	$ptid, if specified, will receive the thread id, $tls, if specified,
102	must contain a "struct user_desc" and $ctid is currently totally
103	unsupported and must not be specified.
104
105	Since this call basically bypasses both perl and your libc (for
106	example, $$ might reflect the parent or child pid in the child),
107	you need to be very careful when using this call, which means you
108	should probably have a very good understanding of perl memory
109	management and how fork and clone work.
110
111	The following flags are supported for clone, in addition to all
112	flags supported by "unshare", above, and a signal number. When in
113	doubt, refer to the clone(2) manual page.
114
115	Linux::Clone::PTRACE
116	Linux::Clone::VFORK
117	Linux::Clone::SETTLS (not yet implemented)
118	Linux::Clone::PARENT_SETTID (not yet implemented)
119	Linux::Clone::CHILD_SETTID (not yet implemented)
120	Linux::Clone::CHILD_CLEARTID (not yet implemented)
121	Linux::Clone::DETACHED
122	Linux::Clone::UNTRACED
123	Linux::Clone::NEWUSER
124	Linux::Clone::NEWPID
125	Linux::Clone::IO
126
127	Note that for practical reasons you basically must not use
128	"Linux::Clone::VM" or "Linux::Clone::VFORK", as perl is unlikely to
129	cope with that.
130
131	This is the glibc clone call, it cannot be used to emulate fork.
132
133	Example: do a fork-like clone, sharing nothing, slightly confusing
134	perl and your libc, and exit immediately.
135
136	my $pid = Linux::Clone::clone sub { warn "in child"; 77 }, 0, POSIX::SIGCHLD;
137
138	AUTHOR
139	Marc Lehmann <schmorp@schmorp.de>
140	http://home.schmorp.de/
141