Skip to content

run --ipc=shareable|container:<container> doesn't set up IPC namespace correctly #4702

New issue
New issue
Open
Open
run --ipc=shareable|container:<container> doesn't set up IPC namespace correctly#4702
Labels
bugSomething isn't working
@krig

Description

@krig
krig
opened on Jan 15, 2026

Description

I tested the shareable/container configuration for IPC, but it did not work as expected. The IPC namespace was not configured, I was expecting the processes from both containers to share the same IPC namespace ( /proc/<PID>/ns/ipc )

The nerdctl IPC configuration only sets up a shared /dev/shm mount, but doesn't set the IPC namespace for the processes.

Comparing Moby/Docker implementation:

https://github.com/moby/moby/blob/4d09d8c7b8bec471a428527f3ac099d918cd1341/daemon/oci_linux.go#L285

With nerdctl implementation:

nerdctl/pkg/ipcutil/ipcutil.go

Line 197 in 30bc993

if targetConIPC.Mode == Host {

...the docker implemementation does configure the IPC namespace as expected.

Steps to reproduce the issue

Describe the results you received and expected

Expected processes from both containers to share the same IPC namespace

What version of nerdctl are you using?

2.2

Are you using a variant of nerdctl? (e.g., Rancher Desktop)

None

Host information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions