Hacker News new | ask | show | jobs
by coppsilgold 452 days ago
> if all I want to do is use UNIX domain sockets

I routinely --unshare-net with UDS ro-binds.

You may be using abstract sockets (@/path/uds.sock) and those do require the same netns I think.
1 comments
l0kod 450 days ago
Landlock supports scoped abstract UNIX socket: https://docs.kernel.org/userspace-api/landlock.html#ipc-scop...

Landlock doesn't use namespaces, they are orthogonal.

link