How to run a command in another process's network namespace?

linux namespaces network-namespace

6,191

Solution 1

$ sudo nsenter -t 16882 -n ip link show

where ip link show is an example of a command to run in the network namespace of the target program with pid 16882.

-t flag is for specifying the target program's pid

-n flag stands for network namespace of the target program

ip netns exec expects the name of the network namespace, not a file path.

You can find the network namespace name of a process using ip netns identify <pid>.

P.S. ifconfig may not be installed on modern Linux systems; use equivalent ip commands instead.

6,191

Updated on September 18, 2022

Admin almost 2 years
There is a process running in its own network namespace. I would like to telnet to the machine and run a command in this process network namespace, something like that (17543 is the pid of the process with its own network namespace):
```
# ip netns exec /proc/17543/ns/net ifconfig
Cannot open network namespace "/proc/17543/ns/net": No such file or directory
# ls /proc/17543/ns/net
/proc/17543/ns/net
```
It complains that the network namespace is not there, but it looks that the file is there. How can I run a command in another process network namespace?
A.B over 5 years

If the namespace wasn't setup with ip netns, then ip netns can't be used. Either nsenter is required, or mounting /proc/17543/ns/net at the proper place (on a dummy file in /var/run/netns/ ) to make ip netns believe it created it, can work. I do the later often to link a running lxc container with an ip netns name for convenience.