struct user_namespace {

struct kref kref;

struct hlist_head uidhash_table[UIDHASH_SZ]; struct user_struct *root_user;

As before, kref is a reference counter that tracks in how many places a user_namespace instance is required. For each user in the namespace, an instance of struct user_struct keeps track of the individual resource consumption, and the individual instances are accessible via the hash table uidhash_table.

The exact definition of user_struct is not interesting for our purposes. It suffices to know that some statistical elements like the number of open files or processes a user has are kept in there. What is much more interesting is that each user namespace accounts resource usage for its users completely detached from other namespaces — including accounting for the root user. This is possible because a new user_struct both for the current user and the root is created when a user namespace is cloned:

Continue reading here: Kernelusernamespacec

Was this article helpful?

0 0