Support running with child namespaces

By default pgrep/pkill should not kill processes in a namespace it is not
part of. If this is allowed, it allows callers to break namespaces they did
not expect to affect, requiring rewrite of all callers to fix.

So by default, we should work in the current namespace. If --ns 0 is
specified, they we look at all namespaces, and if any other pid is specified
we continue to look in only that namespace.

Signed-off-by: Debabrata Banerjee <dbanerje@akamai.com>

References:
 procps-ng/procps!41
This commit is contained in:
Debabrata Banerjee 2017-02-08 18:42:39 -05:00 committed by Craig Small
parent b2d7f620c0
commit 0e39102f75

View File

@ -144,7 +144,7 @@ static int __attribute__ ((__noreturn__)) usage(int opt)
fputs(_(" -F, --pidfile <file> read PIDs from file\n"), fp);
fputs(_(" -L, --logpidfile fail if PID file is not locked\n"), fp);
fputs(_(" --ns <PID> match the processes that belong to the same\n"
" namespace as <pid>\n"), fp);
" namespace as <pid> or 0 for all namespaces\n"), fp);
fputs(_(" --nslist <ns,...> list which namespaces will be considered for\n"
" the --ns option.\n"
" Available namespaces: ipc, mnt, net, pid, user, uts\n"), fp);
@ -805,8 +805,6 @@ static void parse_opts (int argc, char **argv)
* break; */
case NS_OPTION:
opt_ns_pid = atoi(optarg);
if (opt_ns_pid == 0)
usage ('?');
++criteria_count;
break;
case NSLIST_OPTION:
@ -861,6 +859,7 @@ int main (int argc, char **argv)
textdomain(PACKAGE);
atexit(close_stdout);
opt_ns_pid = getpid();
parse_opts (argc, argv);
procs = select_procs (&num);