randomvariable/gist:bb62bbde78e7138fa491c7a618e9e8d5

## gistfile1.txt
#!/bin/bash

declare -A seenNamespaces
declare -A containerInfo

# Ensure ipcs command is available
ipcsPath=$(which ipcs)
if [ -z "$ipcsPath" ]; then
    echo "ipcs command could not be found"
    exit
fi

# Get the IPC namespace inodes of all running containers
while IFS= read -r containerID; do
    nsInode=$(crictl inspect "$containerID" | jq -r '.info.runtimeSpec.linux.namespaces[] | select(.type=="ipc") | .path' | xargs stat -c %i 2>/dev/null)
    containerName=$(crictl inspect "$containerID" | jq -r '.info.metadata.name')
    if [ -n "$nsInode" ] && [ -n "$containerName" ]; then
        containerInfo["$nsInode"]="ID: $containerID, Name: $containerName"
    fi
done < <(crictl ps -q)

# Iterate over all processes
for pid in $(ps -e -o pid=); do
    ipc_ns="/proc/$pid/ns/ipc"

    # If ipc namespace file exists and is readable
    if [ -r "$ipc_ns" ]; then
        inode=$(stat -c %i "$ipc_ns" 2>/dev/null)

        # If the inode number is valid and not seen yet
        if [ -n "$inode" ] && [ -z "${seenNamespaces[$inode]}" ]; then
            containerDetails=${containerInfo["$inode"]}

            # Only proceed if this process is part of a container
            if [ -n "$containerDetails" ]; then
                # Mark this namespace as seen
                seenNamespaces["$inode"]=1

                echo "IPCS for PID $pid, Container $containerDetails, Namespace (inode: $inode):"
                echo "====================================="

                # Execute ipcs command from the host filesystem in the namespace of the PID
                nsenter -t $pid -i "$ipcsPath"

                echo "====================================="
                echo ""
            fi
        fi
    fi
done
	#!/bin/bash

	declare -A seenNamespaces
	declare -A containerInfo

	# Ensure ipcs command is available
	ipcsPath=$(which ipcs)
	if [ -z "$ipcsPath" ]; then
	echo "ipcs command could not be found"
	exit
	fi

	# Get the IPC namespace inodes of all running containers
	while IFS= read -r containerID; do
	nsInode=$(crictl inspect "$containerID" \| jq -r '.info.runtimeSpec.linux.namespaces[] \| select(.type=="ipc") \| .path' \| xargs stat -c %i 2>/dev/null)
	containerName=$(crictl inspect "$containerID" \| jq -r '.info.metadata.name')
	if [ -n "$nsInode" ] && [ -n "$containerName" ]; then
	containerInfo["$nsInode"]="ID: $containerID, Name: $containerName"
	fi
	done < <(crictl ps -q)

	# Iterate over all processes
	for pid in $(ps -e -o pid=); do
	ipc_ns="/proc/$pid/ns/ipc"

	# If ipc namespace file exists and is readable
	if [ -r "$ipc_ns" ]; then
	inode=$(stat -c %i "$ipc_ns" 2>/dev/null)

	# If the inode number is valid and not seen yet
	if [ -n "$inode" ] && [ -z "${seenNamespaces[$inode]}" ]; then
	containerDetails=${containerInfo["$inode"]}

	# Only proceed if this process is part of a container
	if [ -n "$containerDetails" ]; then
	# Mark this namespace as seen
	seenNamespaces["$inode"]=1

	echo "IPCS for PID $pid, Container $containerDetails, Namespace (inode: $inode):"
	echo "====================================="

	# Execute ipcs command from the host filesystem in the namespace of the PID
	nsenter -t $pid -i "$ipcsPath"

	echo "====================================="
	echo ""
	fi
	fi
	fi
	done