On Fri, Sep 09, 2022 at 04:34:25PM +0200, Stefano Brivio wrote:On Thu, 8 Sep 2022 13:59:07 +1000 David Gibson <david(a)gibson.dropbear.id.au> wrote:Well.. this is strictly for the spawning command case, so we're creating the network ns rather than joining one.Currently --userns is only allowed when pasta is attaching to an existing netns or PID, and is prohibited when creating a new netns by spawning a command or shell. With the new handling of userns, this check isn't neccessary. I'm not sure if there's any use case for --userns with a spawned command, but it's strictly more flexible and requires zero extra code, so we might as well.I think it's helpful because one might not be able to join a network namespace without first joining a given user namespace.So, if you want to run any network-ish command in such a network namespace, using pasta instead of nsenter for whatever reason, this possibility might be practical.Good point, I'll adjust. -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibsonSigned-off-by: David Gibson <david(a)gibson.dropbear.id.au> --- conf.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/conf.c b/conf.c index 27d520e..ec191c2 100644 --- a/conf.c +++ b/conf.c @@ -561,11 +561,6 @@ static int conf_pasta_ns(int *netns_only, char *userns, char *netns, } } - if (*userns && !*netns) { - err("--userns requires --netns or PID"); - return -EINVAL; - }I guess we should now drop this sentence about --userns from the man page: This option requires --netns or a PID to be specified. ...either drop it, or clarify that a command might also be given instead, I'm not sure.