I have an LXC and the host kernel and am trying to have a netns
that is created in the LXC appear in the host kernel. It does,
but with a different inode.

In the other direction it works fine. i.e. I create the netns in the
host and the same inode appears in the LXC.

Looking at the comments in attach_recursive_mnt() it looks like
I'm doing the correct thing, the host kernel /var/run/netns on
the host is mounted into the LXC as follows:

if [ ! -d /var/run/netns ];
then
mkdir -p /var/run/netns
mount --rbind /var/run/netns /var/run/netns
mount --make-rshared /var/run/netns
fi

mkdir -p $LXC_PATH/var/run/netns
mount --rbind /var/run/netns $LXC_PATH/var/run/netns

/var/run/netns in the lxc is marked as shared and appears in
the host kernel as shared also e.g. on the host:

findmnt -o TARGET,PROPAGATION | grep netns
| |-/run/netns shared
| | `-/run/netns/hostns shared

here is the example, hostns was created in the host, lxc1 created in the guest LXC. Host output:

[host:/var/run/netns]$ ls -li
4026533261 -r--r--r-- 1 root root 0 Aug 22 19:22 hostns
39414 ---------- 1 root root 0 Aug 22 19:23 lxc1

LXC output:
4026533261 -r--r--r-- 1 root root 0 Aug 22 19:22 hostns
4026533524 -r--r--r-- 1 root root 0 Aug 22 19:23 lxc1

I'm starting to think this is a kernel bug - but not sure where to debug to approach this. Permissions issue perhaps ?

BTW I've also hacked in libvirt to make sure the tree is MS_REC|MS_SHARED for /var/run/netns, didn't help. And tried various combinations of mount --make-rslave. Running out of ideas 8)

BTWBTW normal files work fine. inode mirroring works in both directions, so this seems peculiar to network namespaces... code pointers or anything welcome!


tx

neil