diff options
author | Karel Zak | 2013-11-18 12:50:27 +0100 |
---|---|---|
committer | Karel Zak | 2013-11-18 12:50:27 +0100 |
commit | c07f86e7ac383e195f08617358eb034950b2712a (patch) | |
tree | 6bac4d1ab78d288746c2c8d9688401b78eba9c92 /sys-utils/unshare.1 | |
parent | lsblk: fix -D segfault (diff) | |
download | kernel-qcow2-util-linux-c07f86e7ac383e195f08617358eb034950b2712a.tar.gz kernel-qcow2-util-linux-c07f86e7ac383e195f08617358eb034950b2712a.tar.xz kernel-qcow2-util-linux-c07f86e7ac383e195f08617358eb034950b2712a.zip |
unshare: add more hints about mount namespaces to the man page
There is also idea (by Lennart) to add --propagation=[shared|private|slave|off]
to unshare(1), but it seems unnecessary and too complex as everyone can call
mount(8) after unshare(1) to setup a proper namespace.
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'sys-utils/unshare.1')
-rw-r--r-- | sys-utils/unshare.1 | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sys-utils/unshare.1 b/sys-utils/unshare.1 index b78ace833..1f5273eba 100644 --- a/sys-utils/unshare.1 +++ b/sys-utils/unshare.1 @@ -19,6 +19,10 @@ Mounting and unmounting filesystems will not affect the rest of the system (\fBCLONE_NEWNS\fP flag), except for filesystems which are explicitly marked as shared (with \fBmount --make-shared\fP; see \fI/proc/self/mountinfo\fP for the \fBshared\fP flags). + +It's recommended to use \fBmount --make-rprivate\fP or \fBmount --make-rslave\fP +after \fBunshare --mount\fP to make sure that mountpoints in the new namespace +are really unshared from parental namespace. .TP .BR "UTS namespace" Setting hostname or domainname will not affect the rest of the system. @@ -74,10 +78,12 @@ running it directly. This is useful when creating a new pid namespace. Just before running the program, mount the proc filesystem at the \fImountpoint\fP (default is /proc). This is useful when creating a new pid namespace. It also implies creating a new mount namespace since the /proc mount would otherwise -mess up existing programs on the system. +mess up existing programs on the system. The new proc filesystem is explicitly +mounted as private (by MS_PRIVATE|MS_REC). .SH SEE ALSO .BR unshare (2), -.BR clone (2) +.BR clone (2), +.BR mount (8) .SH BUGS None known so far. .SH AUTHOR |