How to use the command `lsns` (with examples)

How to use the command `lsns` (with examples)

lsns is a powerful command-line tool used to list information about Linux namespaces. Namespaces are a critical aspect of the Linux kernel, providing the essential building blocks for containerization by isolating system resources such that processes inside a container cannot see or affect processes outside that container. The lsns command enables users to view and manage these namespaces, aiding in administration, debugging, and system analysis tasks.

Use case 1: List all namespaces

Code:

lsns

Motivation: Listing all namespaces on a system is often the first step in diagnosing issues related to resource isolation. By retrieving a comprehensive list of namespaces, a system administrator or developer can quickly assess the overall namespace landscape, identify any potentially problematic configurations, or verify that namespaces are set up according to plan.

Explanation: Running lsns without any additional arguments simply lists all namespaces present in the system. This command will output information including the namespace type, its ID, processes it is associated with, and more. This broad overview is useful for getting a complete picture of all the isolation contexts currently defined.

Example output:

        NS TYPE   NPROCS   PID USER COMMAND
4026531838 mnt       176     1 root /sbin/init
4026531839 uts       176     1 root /sbin/init
4026531840 ipc       176     1 root /sbin/init
4026531841 user      176     1 root /sbin/init
4026531842 pid       176     1 root /sbin/init
4026531957 net         1  2781 root /usr/bin/dbus-daemon --system --address
4026531956 mnt         1  2853 root /usr/lib/systemd/systemd-timesyncd

Use case 2: List namespaces in JSON format

Code:

lsns --json

Motivation: JSON (JavaScript Object Notation) is a lightweight data interchange format that is easy to read and write for humans and machines alike. When working with tools or scripts that require parsing of lsns output, JSON is often the preferred format because it can be seamlessly integrated into various programming languages and software environments. This makes it especially useful when you need to automate monitoring of the namespaces or integrate with systems like log managers or alerting tools.

Explanation: The --json flag converts the output of the lsns command into JSON format. This structured format facilitates easy parsing and manipulation of namespace data by various software tools and scripting languages such as Python, JavaScript, and Ruby.

Example output:

[
  {
    "ns": "4026531838",
    "type": "mnt",
    "nprocs": "176",
    "pid": "1",
    "user": "root",
    "command": "/sbin/init"
  },
  {
    "ns": "4026531839",
    "type": "uts",
    "nprocs": "176",
    "pid": "1",
    "user": "root",
    "command": "/sbin/init"
  }
  // additional entries...
]

Use case 3: List namespaces associated with the specified process

Code:

lsns --task pid

Motivation: Sometimes, you may need to troubleshoot or manage a specific process’s namespace relationship. By specifying a process ID (PID) in place of pid, you can narrow down the list to only those namespaces that a particular process interacts with. This is particularly valuable when examining containerized applications or while debugging namespace-related anomalies specific to the process.

Explanation: The --task flag followed by a specific PID tells lsns to display only the namespaces that are associated with the given process. This isolates the output to relevant data, making it easier to scrutinize and understand the namespace context for a single process instead of sifting through all system namespaces.

Example output:

        NS TYPE   NPROCS   PID USER COMMAND
4026531958 mnt         1 32650 user /bin/bash
4026531840 ipc         1 32650 user /bin/bash
4026531839 uts         1 32650 user /bin/bash

Use case 4: List the specified type of namespaces only

Code:

lsns --type net

Motivation: Different namespace types isolate different system resources such as the file system (mnt), network interfaces (net), processes (pid), IPC (ipc), and more. By focusing on a specific namespace type, users can streamline their analysis or management tasks. For instance, investigating network isolation issues in containers would necessitate limiting the output to network (net) namespaces.

Explanation: The --type option followed by a namespace type (such as mnt, net, ipc, user, pid, uts, cgroup, or time) tells lsns to only display namespaces of the specified type. This filters the results, allowing for a more targeted investigation of resource isolation specific to the access control area of concern.

Example output:

        NS TYPE   NPROCS   PID USER COMMAND
4026531957 net        10  1892 root /usr/sbin/dhcpd
4026531973 net         1  2304 user /usr/bin/python /home/user/network_script.py

Use case 5: List namespaces, only showing the namespace ID, type, PID, and command

Code:

lsns --output NS,TYPE,PID,COMMAND

Motivation: When you require a concise view focusing on IDs, types, related processes, and commands, this selective output could be beneficial. It minimizes cognitive load, reduces clutter, and hones in on critical information, making it easier to quickly assess the relationships and functions of various namespaces without being overwhelmed by other metadata.

Explanation: The --output option defines a custom format for the lsns output. By specifying NS, TYPE, PID, and COMMAND, only these fields will be included in the output, creating a streamlined view that highlights just the necessary points of interest to the system user or administrator.

Example output:

NS         TYPE        PID COMMAND
4026531836 mnt           1 /sbin/init
4026531837 uts           1 /sbin/init
4026531840 ipc           2 /usr/lib/systemd/systemd-journald

Conclusion:

The lsns command is a versatile tool for managing and inspecting Linux namespaces, tailored to a variety of use cases reflecting the complexity and depth of containerization and system isolation. By utilizing its varied options, administrators can glean insights into namespace set-ups, ensuring systems function efficiently and securely. Each use case highlights the tool’s adaptability, providing avenues to tailor outputs to any specific administrative or developmental demand.

Tags :

Related Posts

How to use the command 'fswebcam' (with examples)

How to use the command 'fswebcam' (with examples)

Fswebcam is a lightweight and straightforward command-line utility designed for Unix-like systems, allowing users to quickly capture pictures using a webcam.

Read More
How to Use the 'zip' Command (with examples)

How to Use the 'zip' Command (with examples)

The zip command is a powerful utility used for packaging and compressing multiple files or directories into a single archived file with the .

Read More
How to Use the Command 'blight' (with Examples)

How to Use the Command 'blight' (with Examples)

Blight is a highly useful command-line utility designed to manage and manipulate the brightness of your computer display with ease.

Read More