First time posting here so I appreciate your help and patience. After reading about namespaces, looking on various forums including this thread and trial and error I'm still looking for answers for a task (not a production implementation) I need to accomplish.
I need to create a namespace that has HTTP process as the only process running in it. If that HTTP process dies the namespace the HTTP process contained in should die too as this is the natural behaviour of namespaces (unless bind-mount is used). That should be achieved using the unshare command.
I tried various ways to achieve it and the best scenario I had the desired result for 5 seconds until the HTTP process contained in my PID namespace was dumped on the global init and thus killed the namespace it was in. I know this is apache default behaviour but why won't the main apache process stay attached to the init process inside the PID namespace?
I'm using Fedora 20 running util-linux 2.24.2 so --fork and --mount-proc options are supported.
Update 1: I have tried using network namespace but couldn't find a way to remain with only one process, httpd, as a child to the namespace.
Moving to pid namespace. I'm using
unshare –fp --mount-proc -- /usr/sbin/httpd –k start –DFOREGROUND
It works well for the first time. The httpd process runs as the only child of the namespace. When I kill the child the father is dead which is what I want. If I repeat the same command I start to see issues that are probably a result of --mount-proc option. Is there's anything I'm missing here with --mount-proc option usability?
docker. – Bratchley Oct 31 '14 at 19:22