summaryrefslogblamecommitdiffstats
path: root/sys-utils/unshare.1
blob: b78ace833a8a21ba12338b4d17c7be27e8ff1cea (plain) (tree) 
4205f1fda ^



87ec43b67 ^

4205f1fda ^

ef6acdb81 ^

4205f1fda ^


87ec43b67 ^

dde08a876 ^

4205f1fda ^


dde08a876 ^

87ec43b67 ^


4205f1fda ^


dde08a876 ^

bc87f8851 ^

dde08a876 ^


4205f1fda ^


dde08a876 ^


4205f1fda ^


dde08a876 ^


4205f1fda ^


dde08a876 ^



4205f1fda ^

bc7f9b95c ^

dde08a876 ^


bc7f9b95c ^


dde08a876 ^


e41e0f959 ^

dde08a876 ^

4205f1fda ^



b4362b6f8 ^

4205f1fda ^

ef6acdb81 ^

dde08a876 ^




4205f1fda ^

ef6acdb81 ^


bc7f9b95c ^


87ec43b67 ^


bc7f9b95c ^

dde08a876 ^



bc7f9b95c ^


5088ec338 ^


87ec43b67 ^


6728ca101 ^

87ec43b67 ^

6728ca101 ^




4205f1fda ^

8323d9fd5 ^


4205f1fda ^


ef6acdb81 ^

4205f1fda ^


601d12fb1 ^


1
2
3

4

5

6

7
8

9

10

11
12

13

14
15

16
17

18

19

20
21

22
23

24
25

26
27

28
29

30
31

32
33
34

35

36

37
38

39
40

41
42

43

44

45
46
47

48

49

50

51
52
53
54

55

56
57

58
59

60
61

62

63
64
65

66
67

68
69

70
71

72

73

74
75
76
77

78

79
80

81
82

83

84
85

86
87



                              
                                                      
        
                                                                

            
               
          

                 
                                                                           

                                                                       

                     
                                                                          
                                                                               

                                                                              

                   

                                                                      

                   

                                                                           

                       


                                                                             
   
                   

                                                                               

                    

                                                                    
   
                                                        


                     
                           
   
                    



                            
   

                              

                    

                                                         
   


                          

                           

                     

                                                                                
   
                                        



                                                                                  
            

                

                  
          

                                         

                                                                           
.\" Process this file with
.\" groff -man -Tascii lscpu.1
.\"
.TH UNSHARE 1 "July 2013" "util-linux" "User Commands"
.SH NAME
unshare \- run program with some namespaces unshared from parent
.SH SYNOPSIS
.B unshare
.RI [ options ]
.I program
.RI [ arguments ]
.SH DESCRIPTION
Unshares the indicated namespaces from the parent process and then executes
the specified program.  The namespaces to be unshared are indicated via
options.  Unshareable namespaces are:
.TP
.BR "mount namespace"
Mounting and unmounting filesystems will not affect the rest of the system
(\fBCLONE_NEWNS\fP flag), except for filesystems which are explicitly marked as
shared (with \fBmount --make-shared\fP; see \fI/proc/self/mountinfo\fP for the
\fBshared\fP flags).
.TP
.BR "UTS namespace"
Setting hostname or domainname will not affect the rest of the system.
(\fBCLONE_NEWUTS\fP flag)
.TP
.BR "IPC namespace"
The process will have an independent namespace for System V message queues,
semaphore sets and shared memory segments.  (\fBCLONE_NEWIPC\fP flag)
.TP
.BR "network namespace"
The process will have independent IPv4 and IPv6 stacks, IP routing tables,
firewall rules, the \fI/proc/net\fP and \fI/sys/class/net\fP directory trees,
sockets, etc.  (\fBCLONE_NEWNET\fP flag)
.TP
.BR "pid namespace"
Children will have a distinct set of PID to process mappings from their parent.
(\fBCLONE_NEWPID\fP flag)
.TP
.BR "user namespace"
The process will have a distinct set of UIDs, GIDs and capabilities.
(\fBCLONE_NEWUSER\fP flag)
.PP
See \fBclone\fR(2) for the exact semantics of the flags.
.SH OPTIONS
.TP
.BR \-h , " \-\-help"
Display help text and exit.
.TP
.BR \-i , " \-\-ipc"
Unshare the IPC namespace.
.TP
.BR \-m , " \-\-mount"
Unshare the mount namespace.
.TP
.BR \-n , " \-\-net"
Unshare the network namespace.
.TP
.BR \-p , " \-\-pid"
Unshare the pid namespace.
See also the \fB--fork\fP and \fB--mount-proc\fP options.
.TP
.BR \-u , " \-\-uts"
Unshare the UTS namespace.
.TP
.BR \-U , " \-\-user"
Unshare the user namespace.
.TP
.BR \-f , " \-\-fork"
Fork the specified \fIprogram\fR as a child process of \fBunshare\fR rather than
running it directly.  This is useful when creating a new pid namespace.
.TP
.BR \-\-mount-proc "[=\fImountpoint\fP]"
Just before running the program, mount the proc filesystem at the \fImountpoint\fP
(default is /proc).  This is useful when creating a new pid namespace.  It also
implies creating a new mount namespace since the /proc mount would otherwise
mess up existing programs on the system.
.SH SEE ALSO
.BR unshare (2),
.BR clone (2)
.SH BUGS
None known so far.
.SH AUTHOR
Mikhail Gusarov <dottedmag@dottedmag.net>
.SH AVAILABILITY
The unshare command is part of the util-linux package and is available from
ftp://ftp.kernel.org/pub/linux/utils/util-linux/.
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-15 21:18:34 +0200