A guess:
(from the man page for setns(2), on Ubuntu 24.04):
"A multithreaded process may not change user namespace with *setns*
()."
Go processes are always multithreaded, unless you are using wasm/wasi, but
then
you would not have access to golang.org/x/sys/unix anyway.
Also the man page says that the fd should be in /proc/pid/ns, so I'm not
sure if /proc/pid/ns/user counts.
I would write a single threaded C program to check that. An LLM could
generate one for you in a moment.
On Monday, January 26, 2026 at 2:45:50 PM UTC-3 doubled lin wrote:
> test code:
> ```
> package main
>
> import (
> "fmt"
> "os"
> "runtime"
>
> "golang.org/x/sys/unix"
> )
>
> func main() {
> targetPid := "2356795"
>
> runtime.LockOSThread()
> defer runtime.UnlockOSThread()
>
> userNsPath := fmt.Sprintf("/proc/%s/ns/user", targetPid)
> fd, err := os.Open(userNsPath)
> if err != nil {
> fmt.Printf("Failed to open user namespace: %v\n", err)
> return
> }
> defer fd.Close()
>
> if err := unix.Setns(int(fd.Fd()), unix.CLONE_NEWUSER); err != nil {
> fmt.Printf("Failed to setns: %v\n", err)
> return
> }
>
> fmt.Println("Successfully entered user namespace")
>
> ns, err := os.Readlink("/proc/self/ns/user")
> if err != nil {
> fmt.Printf("Failed to read /proc/self/ns/user: %v\n", err)
> return
> }
> fmt.Println("Current /proc/self/ns/user:", ns)
> }
> ```
> run error:
> Failed to setns: invalid argument
>
> what's wrong with me?
>
> thanks in advantage
>
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/golang-nuts/ce164b00-f0e4-47d9-9bea-a6ffd4a2ee98n%40googlegroups.com.
