Manual Reference Pages  - UNSHARE (1)

NAME

unshare - run program with some namespaces unshared from parent

CONTENTS

Synopsis
Description
Options
Notes
See Also
Bugs
Author
Availability

SYNOPSIS

unshare [options] program [arguments]

DESCRIPTION

Unshares specified namespaces from parent process and then executes specified program. Unshareable namespaces are:
mount namespace
  mounting and unmounting filesystems will not affect rest of the system (CLONE_NEWNS flag),
UTS namespace
  setting hostname, domainname will not affect rest of the system (CLONE_NEWUTS flag),
IPC namespace
  process will have independent namespace for System V message queues, semaphore sets and shared memory segments (CLONE_NEWIPC flag),
network namespace
  process will have independent IPv4 and IPv6 stacks, IP routing tables, firewall rules, the /proc/net and /sys/class/net directory trees, sockets etc. (CLONE_NEWNET flag).
See the clone(2) for exact semantics of the flags.
 

OPTIONS

-h, --help
  Print a help message,
-m, --mount
  Unshare the mount namespace,
-u, --uts
  Unshare the UTS namespace,
-i, --ipc
  Unshare the IPC namespace,
-n, --net
  Unshare the network namespace.

NOTES

The unshare command drops potential privileges before executing the target program. This allows to setuid unshare.

SEE ALSO

unshare(2), clone(2)

BUGS

None known so far.

AUTHOR

Mikhail Gusarov <dottedmag@dottedmag.net>

AVAILABILITY

The unshare command is part of the util-linux package and is available from ftp://ftp.kernel.org/pub/linux/utils/util-linux/.


util-linux UNSHARE (1) October 2008
blog comments powered by Disqus