docker_under_the_hood_talk

demo - #02 unshare

steps to reproduce

1. unshare process (bash)

   sudo unshare --fork --uts --ipc --net --pid --mount --mount-proc bash
   

2. look to process table (host vs unshared process)

ps a

1. check interfaces (host vs unshared process)

ip a

1. try to change hostname (and check host vs unshared process)

hostname container
hostname

1. namespaces of unshare bash are other then self (host)

ls -al /proc/$unshare_pid/ns
# vs
ls -al /proc/self/ns