一段代码简单说明container是什么

#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sched.h>
#include <signal.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/wait.h>
#include <sys/mount.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

#define STACK_SIZE (1024 * 1024)

static char child_stack[STACK_SIZE];

char *const child_args[] = {
    "/bin/bash",
    NULL
};

int child_main(void *arg) {
    char *hostname = "container";
    char *mount_dir = "/tmp/container";
    char *rootfs = "/rootfs";

    printf("Container - inside the namespace\n");

    // set hostname
    sethostname(hostname, strlen(hostname));

    // mount proc file system
    mount("proc", "/proc", "proc", 0, NULL);

    // mount a tmpfs filesystem
    mkdir(mount_dir, 0777);
    mount("tmpfs", mount_dir, "tmpfs", 0, NULL);

    // execute command inside the container
    execv(child_args[0], child_args);

    printf("exec over, container over\n");
    return 0;
}

int main() {
    printf("Parent - before namespace\n");

    // create new namespace
    pid_t child_pid = clone(child_main, child_stack + STACK_SIZE, CLONE_NEWUTS | CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWNET | SIGCHLD, NULL);
    if (child_pid == -1) {
        perror("clone failed");
        exit(1);
    }

    printf("container process ok,pid=%d\n",child_pid);
    // wait for child process to finish
    waitpid(child_pid, NULL, 0);

    printf("Parent - after namespace\n");

    return 0;
}

gcc -o namespace container.c

./namespace