Also creates a mount namespace with a cloned /run/resolvconf.
--c, --create Create a named network namespace. When running from
+-c, --create Create or destroy a named network namespace. When running from
the same network namespace as pid 1, this is set automatically.
A systemd created private network is in a network namespace
different than pid 1.
would be called from ExecStartPre, and or subsequent units called with
JoinsNamespaceOf= and PrivateNetwork=true.
-We also create a named mount namespace under /root/mount_namespaces, so we
-can alter some system config for this namespace. systemd
-command lines would be prefixed with:
+If resolvconf is installed, we create a named mount namespace under
+/root/mount_namespaces, so we can alter some system config for this
+namespace. systemd command lines would be prefixed with:
/usr/bin/nsenter --mount=/root/mount_namespaces/NS_NAME
ipd() { ip -n default "$@"; }
+
+
+# otherwise we are already in the network namespace and it's unnamed.
if $create; then
- # run ip in the network namespace
- ipnn() { ip -n $nn "$@"; }
-else
- # we are already in the network namespace and it's unnamed.
- # run ip in the network namespace
- ipnn() { ip "$@"; }
+ ipnnargs="-n $nn"
fi
+# run ip in the network namespace
+ipnn() { ip $ipnnargs "$@"; }
+
# default network namespace exec
dexec() { ip netns exec default "$@"; }
# mount namespace exec
ipnn route add default via $network.1
###### begin setup resolvconf
- if [[ -e /run/resolvconf ]]; then # resolvconf probably not installed
+ if [[ -e /run/resolvconf ]]; then # resolvconf probably installed
resolv_copy=/root/resolvconf-$nn
# this condition should never happen, just coding defensively
iankelling.org / git / newns / commitdiff