In celebration of the arrival of 2010, the 9gridchan.org community gridding development team - aka one guy with a basement full of ethernet cables - would like to announce several new tools for Plan 9. In this post I'll talk about writable /proc/pid/ns, and in a later message, "rootless" post-kernel load booting. Everything mentioned is available on sources now in contrib/mycroftiv. All of this software receives testing and use on three native hardware Plan 9 systems and a swarm of qemu VMs. mycroftiv/writeprocns contains all files relevant to this post, modified versions of 3 kernel source files in /sys/src/9/port.
Motivation: Per process namespaces are one of the glories of Plan 9. Getting the most out of Plan 9, especially a grid of machines, requires fine-grained control of namespace construction. There are some occasional inconveniences caused by the fact that currently running processes other than the shell do not have a consistent mechanism for acquiring newly made mounts or binds. Plan 9 already has a representation of process namespace available in /proc and processes may freely modify their own namespace at runtime. Making /proc/pid/ns act as a control interface to trigger modifications to the namespace of a running process seems consistent with the design. Writable /proc/pid/ns is simple in usage: you can perform arbitrary namespace operations on running processes you own just by echoing the standard command to that processes' ns file. This can be used for purposes such as bringing newly mounted services into the namespace of your running plumber, or adding a mount underneath your running rio. Example: 9fs sources ps |grep rio echo 'mount /srv/sources /n/sources' >/proc/863/ns #first rio proc Open new windows within rio and the sources mount is in place. Standard bind and mount flags and spec and unmount are all supported, but all mounts are done without an auth file descriptor. This is not as much of a limitation as it might seem because any external mount requiring auth can be made available locally non-authed via /srv - and in the most common case of a 9fs connection to a fossil server, fossil will accept non-authed mounts of a previously authed file descriptor. Import takes a flag (-s srvname) to post a /srv which will not require additional reauthentication. In addition to adding in new bindings to running processes like rio, plumber, dossrv, and exportfs, this mechanism is also fully network transparent and useful when importing /proc from remote machines. Rewriting the namespace of remote processes is a powerful mechanism for fine-grained interactive control. Aux/lines can be used for wholesale modifications to a namespace. Implementation: simple conceptually. Writing a namespace operation to the ns file in /proc produces a parallel sequence of actions as that process itself issuing the equivalent syscall. The existing routines in 9/port/sysfile.c and 9/port/chan.c are all written to operate on 'up', the current process - so I created near-identical versions of the syscalls and channel operations which take a Proc *targp parameter and address resources via targp-> rather than up->. This does create a bit of inelegant duplication but has the advantage of leaving all the existing namespace operation code paths untouched. I hope this approach is fundamentally sound, and I have attempted to test it extensively on my local grid of native and virtual machines. I have not found any bugs or inconsistencies, but given the importance of chan.c I think this code would need additional review and testing before use on production machines. I would like to submit an evolved version of these patches to the main distribution after some review and testing by more experienced plan 9 kernel programmers, because I believe the functionality of modifying the ns of processes you own is useful and the mechanism of simply writing the standard ns commands to the ns file is clear and in harmony with the overall system. I would like to also acknowledge the work done on "namespace crossings" as described by http://www.cs.cmu.edu/~412/history/2006F/nscross/ - this differs in purpose and implementation but springs from somewhat similar motivations. I haven't investigated the code but I'm sure its more sophisticated than my snarf+paste based approach! All the modifications are to files in /sys/src/9/port, so bind -b /n/sources/contrib/mycroftiv/writeprocns /sys/src/9/port and then compile the kernel of your choice from within that namespace to test without modifying your original kernel source. A console message is printed for each ns command as it is initiated from within devproc.c - these are not error messages. If they irritate you, comment them out in the new procnsreq function at the end of the modified devproc.c. mycrof...@sphericalharmony.com Ben Kidwell 9gridchan.org provides a variety of public plan 9 services project channel: #plan9chan on irc.freenode.net for 9gridchan questions, tech support, suggestions also in #plan9 for general Plan 9 discussion Thanks as always to all other Plan 9 authors, developers, maintainers and community for the world's best OS and software
