How to obtain the PID in the parent namespace from the sub-pid namespace

At the end of the article "using an independent PID namespace to prevent mistaken killing processes", I encountered a problem, that is, the process in the parent PID namespace cannot use the PID value written through ECHO $> $ pidfile into the sub-pid namespace. When a process sends a signal, the target PID is in the same PID namespace as itself. At that time, my method was to use the PS + grep Method for searching. However, if there were multiple processes with the same name, this would also hit the wall. Is there any other way? Here I am, this kind of problem is what I want to encounter most, haha.
Do you still remember why PS-E is still the result of the parent process after entering bash of the sub-pid namespace? Because of the Mount proc, during the mount, procfs initializes a mount caller's PID namespace. after entering the sub-pid namespace, as long as you do not mount proc again, in this case, the Mount under/proc is still the original one. Under proc, There is a self Directory, which indicates the current process. Remember, the value obtained in the status file inside the self is the PID namespace when the procfs is mounted, that is, the parent PID namespace! The solution is:

echo $(cat /proc/self/status|awk -F ' ' '/PPid/{print $2}') >$pidfile

Why is it ppid? Because PID is not the PID of the script, but the cat program, because Cat is called by the script, it is natural to take its parent process PID. After executing the preceding command, just mount the new procfs. The following is a test script executed in the new PID namespace:

#! /Bin/bashecho $ # unload the new procfs, expose the old procfsumount/proccat/proc/self/status | awk-F '''/ppid/{print $2} '# Remount the new procfsmount-T proc/ proccat/proc/self/status | awk-F '''/ppid/{print $2 }'

Other Namespaces
In addition to PID namespace, there are many namespaces in Linux. I am concerned about the network. Fortunately, to support virtualization and isolation, Linux implements netns, which is very simple, when clone is called, add the flag clone_newnet. An independent netns, Nic, route, iptables rule are isolated. A physical Nic can only belong to one namespace, use the following command to place a network card in a sub-namespace:
IP link set Dev ethx netns $ PID of sub-namespace in parent namespace
A typical application in this way is the management interface. The out-of-band Management port can be placed in an independent netns to completely isolate it from other business network cards.