unshare
run program with some namespaces unshared from parent
Synopsis
unshare
[options] program [arguments]
add an example, a script, a trick and tips
examples
no example yet ...
... Feel free to add your own example above to help other Linux-lovers !
description
Unshares
specified namespaces from parent process and then executes
specified program. Unshareable namespaces are:
mount namespace
mounting and unmounting
filesystems will not affect rest of the system
(CLONE_NEWNS flag),
UTS namespace
setting hostname, domainname
will not affect rest of the system (CLONE_NEWUTS
flag),
IPC namespace
process will have independent
namespace for System V message queues, semaphore sets and
shared memory segments (CLONE_NEWIPC flag),
network namespace
process will have independent
IPv4 and IPv6 stacks, IP routing tables, firewall rules, the
/proc/net and /sys/class/net directory trees,
sockets etc. (CLONE_NEWNET flag).
See the clone(2) for exact
semantics of the flags.
options
-h,
--help
Print a help message,
-m,
--mount
Unshare the mount
namespace,
-u,
--uts
Unshare the UTS namespace,
-i,
--ipc
Unshare the IPC namespace,
-n,
--net
Unshare the network
namespace.
availability
The unshare command is part of the util-linux package and is
available from ftp://ftp.kernel.org/pub/linux/utils/util-linux/.
notes
The unshare command drops potential privileges before executing
the target program. This allows to setuid unshare.
bugs
None known so
far.
see also
unshare,
clone
author
Mikhail Gusarov
<dottedmag[:at:]dottedmag[:dot:]net>