> The current set of namespaces in the kernel are: mount, pid, uts, ipc, net, user, and cgroup. [...] [Time is] not namespaced. [...] The kernel keyring is another item not namespaced.<p>I've always argued that "everything is a file" is an exaggeration. These moments make the extent of that exaggeration clear.<p>If everything truly was a file, the only thing you would need to namespace is the filesystem. But in reality there are a lot of other kernel objects that are not files at all.
Since this was written a time namespace was proposed: <a href="https://www.phoronix.com/scan.php?page=news_item&px=Linux-Time-Namespace-RFC" rel="nofollow">https://www.phoronix.com/scan.php?page=news_item&px=Linux-Ti...</a>
I wonder whether namespacing time would also result in those namespaces being able to have separate "clocks" (time backends? time schedulers?) that progress at different rates, or for different reasons.<p>Being able to put a process into a time namespace with a deterministic "clock" would obviate a large benefit of <a href="http://www.zerovm.org/" rel="nofollow">http://www.zerovm.org/</a>.<p>Also, having "clock slew" be a matter of perspective—with processes that <i>can</i> handle leap seconds seeing them happen instantaneously; and processes that <i>can't</i> handle leap-seconds, seeing slewed time—would be nice. Then you could have different system facilities that care about <i>monotonic</i> time, vs. <i>synced to calendar</i> time, vs. <i>one second per second</i> time, all having that kind of time available to them as "the time", rather than through different APIs.
I personally miss core pattern namespacing. I would love to give some of my containers a custom coredump handler, but this is impossible.<p>And in general, a sysctls settings namespace would be really useful. Sure, sometimes it makes no sense to namespace a setting, but net.ipv4.tcp_congestion_control for example? I'd love to be able to change it without modifying the code.
You can't change time in container, but it's possible to change timezone files.<p>With generating fake timezones it is possible to change time in container.