Quoting Andrei Vagin ([email protected]): > Recently Eric added user namespace counters. User namespace counters is > a feature that allows to limit the number of various kernel objects a > user can create. These limits are set via /proc/sys/user/ sysctls on a > per user namespace basis and are applicable to all users in that > namespace. > > User namespace counters are not in the upstream tree yet, > you can find them in Eric's tree: > https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/log/?h=for-testing > > This patch adds /proc/<pid>/userns_counts files to provide current usage > of user namespace counters. > > > cat /proc/813/userns_counts > user_namespaces 101000 1 > pid_namespaces 101000 1 > ipc_namespaces 101000 4 > net_namespaces 101000 2 > mnt_namespaces 101000 5 > mnt_namespaces 100000 1 > > The meanings of the columns are as follows, from left to right: > > Name Object name > UID User ID > Usage Current usage > > The full documentation is in the second patch. > > v2: - describe this file in Documentation/filesystems/proc.txt > - move and rename into /proc/<pid>/userns_counts > > Cc: Serge Hallyn <[email protected]>
Acked-by: Serge Hallyn <[email protected]> > Cc: Kees Cook <[email protected]> > Cc: "Eric W. Biederman" <[email protected]> > Signed-off-by: Andrei Vagin <[email protected]> > > Andrei Vagin (1): > kernel: show current values of user namespace counters > > Kirill Kolyshkin (1): > Documentation: describe /proc/<pid>/userns_counts > > Documentation/filesystems/proc.txt | 30 +++++++++++ > fs/proc/array.c | 55 ++++++++++++++++++++ > fs/proc/base.c | 1 + > fs/proc/internal.h | 1 + > include/linux/user_namespace.h | 8 +++ > kernel/ucount.c | 102 > +++++++++++++++++++++++++++++++++++++ > 6 files changed, 197 insertions(+) > > -- > 2.5.5 > _______________________________________________ > Containers mailing list > [email protected] > https://lists.linuxfoundation.org/mailman/listinfo/containers
