]>
Commit | Line | Data |
---|---|---|
f50f6cb5 | 1 | .\" Copyright (C) 2006, Janak Desai <janak@us.ibm.com> |
f919b6e4 | 2 | .\" and Copyright (C) 2006, 2012 Michael Kerrisk <mtk.manpages@gmail.com> |
2297bf0e | 3 | .\" |
95fb8859 | 4 | .\" SPDX-License-Identifier: GPL-1.0-or-later |
5cc01e9c | 5 | .\" |
d44c4bf3 | 6 | .\" Patch Justification: |
c13182ef MK |
7 | .\" unshare system call is needed to implement, using PAM, |
8 | .\" per-security_context and/or per-user namespace to provide | |
9 | .\" polyinstantiated directories. Using unshare and bind mounts, a | |
10 | .\" PAM module can create private namespace with appropriate | |
11 | .\" directories(based on user's security context) bind mounted on | |
12 | .\" public directories such as /tmp, thus providing an instance of | |
13 | .\" /tmp that is based on user's security context. Without the | |
14 | .\" unshare system call, namespace separation can only be achieved | |
15 | .\" by clone, which would require porting and maintaining all commands | |
16 | .\" such as login, and su, that establish a user session. | |
d44c4bf3 | 17 | .\" |
4c1c5274 | 18 | .TH unshare 2 (date) "Linux man-pages (unreleased)" |
5cc01e9c MK |
19 | .SH NAME |
20 | unshare \- disassociate parts of the process execution context | |
dc0f9fbb AC |
21 | .SH LIBRARY |
22 | Standard C library | |
8fc3b2cf | 23 | .RI ( libc ", " \-lc ) |
5cc01e9c MK |
24 | .SH SYNOPSIS |
25 | .nf | |
4f71ba5d | 26 | .B #define _GNU_SOURCE |
5cc01e9c | 27 | .B #include <sched.h> |
68e4db0a | 28 | .PP |
5cc01e9c MK |
29 | .BI "int unshare(int " flags ); |
30 | .fi | |
31 | .SH DESCRIPTION | |
c13182ef | 32 | .BR unshare () |
15784e0a | 33 | allows a process (or thread) to disassociate parts of its execution |
f0d0f68d | 34 | context that are currently being shared with other processes (or threads). |
732e54dd | 35 | Part of the execution context, such as the mount namespace, is shared |
c13182ef | 36 | implicitly when a new process is created using |
5cc01e9c MK |
37 | .BR fork (2) |
38 | or | |
c13182ef | 39 | .BR vfork (2), |
5cc01e9c | 40 | while other parts, such as virtual memory, may be |
15784e0a | 41 | shared by explicit request when creating a process or thread using |
5cc01e9c | 42 | .BR clone (2). |
efeece04 | 43 | .PP |
c13182ef | 44 | The main use of |
5cc01e9c MK |
45 | .BR unshare () |
46 | is to allow a process to control its | |
47 | shared execution context without creating a new process. | |
efeece04 | 48 | .PP |
c13182ef MK |
49 | The |
50 | .I flags | |
51 | argument is a bit mask that specifies which parts of | |
52 | the execution context should be unshared. | |
5cc01e9c MK |
53 | This argument is specified by ORing together zero or more |
54 | of the following constants: | |
55 | .TP | |
56 | .B CLONE_FILES | |
57 | Reverse the effect of the | |
58 | .BR clone (2) | |
59 | .B CLONE_FILES | |
60 | flag. | |
c13182ef | 61 | Unshare the file descriptor table, so that the calling process |
5cc01e9c MK |
62 | no longer shares its file descriptors with any other process. |
63 | .TP | |
64 | .B CLONE_FS | |
65 | Reverse the effect of the | |
66 | .BR clone (2) | |
c13182ef | 67 | .B CLONE_FS |
5cc01e9c | 68 | flag. |
9ee4a2b6 | 69 | Unshare filesystem attributes, so that the calling process |
f7b8bdbe MK |
70 | no longer shares its root directory |
71 | .RB ( chroot (2)), | |
72 | current directory | |
73 | .RB ( chdir (2)), | |
74 | or umask | |
75 | .RB ( umask (2)) | |
76 | attributes with any other process. | |
5cc01e9c | 77 | .TP |
216131bd MK |
78 | .BR CLONE_NEWCGROUP " (since Linux 4.6)" |
79 | This flag has the same effect as the | |
80 | .BR clone (2) | |
81 | .B CLONE_NEWCGROUP | |
82 | flag. | |
83 | Unshare the cgroup namespace. | |
84 | Use of | |
1ae6b2c7 | 85 | .B CLONE_NEWCGROUP |
216131bd | 86 | requires the |
1ae6b2c7 | 87 | .B CAP_SYS_ADMIN |
216131bd MK |
88 | capability. |
89 | .TP | |
6881dc47 | 90 | .BR CLONE_NEWIPC " (since Linux 2.6.19)" |
25539b1b MK |
91 | This flag has the same effect as the |
92 | .BR clone (2) | |
93 | .B CLONE_NEWIPC | |
94 | flag. | |
1024e8ff | 95 | Unshare the IPC namespace, |
25539b1b | 96 | so that the calling process has a private copy of the |
1024e8ff | 97 | IPC namespace which is not shared with any other process. |
25539b1b | 98 | Specifying this flag automatically implies |
1ae6b2c7 | 99 | .B CLONE_SYSVSEM |
25539b1b MK |
100 | as well. |
101 | Use of | |
1ae6b2c7 | 102 | .B CLONE_NEWIPC |
25539b1b | 103 | requires the |
1ae6b2c7 | 104 | .B CAP_SYS_ADMIN |
25539b1b MK |
105 | capability. |
106 | .TP | |
6881dc47 | 107 | .BR CLONE_NEWNET " (since Linux 2.6.24)" |
b3bc5386 MK |
108 | This flag has the same effect as the |
109 | .BR clone (2) | |
110 | .B CLONE_NEWNET | |
111 | flag. | |
112 | Unshare the network namespace, | |
61f22790 LAG |
113 | so that the calling process is moved into a |
114 | new network namespace which is not shared | |
115 | with any previously existing process. | |
6f2b4a65 | 116 | Use of |
1ae6b2c7 | 117 | .B CLONE_NEWNET |
b3bc5386 | 118 | requires the |
1ae6b2c7 | 119 | .B CAP_SYS_ADMIN |
b3bc5386 MK |
120 | capability. |
121 | .TP | |
5cc01e9c MK |
122 | .B CLONE_NEWNS |
123 | .\" These flag name are inconsistent: | |
c13182ef | 124 | .\" CLONE_NEWNS does the same thing in clone(), but CLONE_VM, |
5cc01e9c MK |
125 | .\" CLONE_FS, and CLONE_FILES reverse the action of the clone() |
126 | .\" flags of the same name. | |
c8e4c1bd | 127 | This flag has the same effect as the |
5cc01e9c MK |
128 | .BR clone (2) |
129 | .B CLONE_NEWNS | |
130 | flag. | |
732e54dd | 131 | Unshare the mount namespace, |
4df2eb09 | 132 | so that the calling process has a private copy of |
5cc01e9c MK |
133 | its namespace which is not shared with any other process. |
134 | Specifying this flag automatically implies | |
135 | .B CLONE_FS | |
136 | as well. | |
486d4e9b | 137 | Use of |
1ae6b2c7 | 138 | .B CLONE_NEWNS |
486d4e9b | 139 | requires the |
1ae6b2c7 | 140 | .B CAP_SYS_ADMIN |
486d4e9b | 141 | capability. |
e203673a MK |
142 | For further information, see |
143 | .BR mount_namespaces (7). | |
a948ae52 | 144 | .TP |
8f141c5e MK |
145 | .BR CLONE_NEWPID " (since Linux 3.8)" |
146 | This flag has the same effect as the | |
147 | .BR clone (2) | |
148 | .B CLONE_NEWPID | |
149 | flag. | |
150 | Unshare the PID namespace, | |
37ee2d61 | 151 | so that the calling process has a new PID namespace for its children |
8f141c5e | 152 | which is not shared with any previously existing process. |
2193656a MK |
153 | The calling process is |
154 | .I not | |
155 | moved into the new namespace. | |
156 | The first child created by the calling process will have | |
157 | the process ID 1 and will assume the role of | |
158 | .BR init (1) | |
159 | in the new namespace. | |
1ae6b2c7 | 160 | .B CLONE_NEWPID |
3c881e7c | 161 | automatically implies |
1ae6b2c7 | 162 | .B CLONE_THREAD |
3c881e7c | 163 | as well. |
8f141c5e | 164 | Use of |
1ae6b2c7 | 165 | .B CLONE_NEWPID |
8f141c5e | 166 | requires the |
1ae6b2c7 | 167 | .B CAP_SYS_ADMIN |
8f141c5e | 168 | capability. |
5c8d010b MK |
169 | For further information, see |
170 | .BR pid_namespaces (7). | |
8f141c5e | 171 | .TP |
e5a5efc8 MK |
172 | .BR CLONE_NEWTIME " (since Linux 5.6)" |
173 | Unshare the time namespace, | |
174 | so that the calling process has a new time namespace for its children | |
175 | which is not shared with any previously existing process. | |
176 | The calling process is | |
177 | .I not | |
178 | moved into the new namespace. | |
179 | Use of | |
1ae6b2c7 | 180 | .B CLONE_NEWTIME |
e5a5efc8 | 181 | requires the |
1ae6b2c7 | 182 | .B CAP_SYS_ADMIN |
e5a5efc8 MK |
183 | capability. |
184 | For further information, see | |
185 | .BR time_namespaces (7). | |
186 | .TP | |
c2cd5a7f MK |
187 | .BR CLONE_NEWUSER " (since Linux 3.8)" |
188 | This flag has the same effect as the | |
189 | .BR clone (2) | |
190 | .B CLONE_NEWUSER | |
191 | flag. | |
192 | Unshare the user namespace, | |
193 | so that the calling process is moved into a new user namespace | |
194 | which is not shared with any previously existing process. | |
5afd65d1 | 195 | As with the child process created by |
36ec1f75 MK |
196 | .BR clone (2) |
197 | with the | |
198 | .B CLONE_NEWUSER | |
199 | flag, the caller obtains a full set of capabilities in the new namespace. | |
88f48716 | 200 | .IP |
1ae6b2c7 | 201 | .B CLONE_NEWUSER |
88f48716 | 202 | requires that the calling process is not threaded; specifying |
1ae6b2c7 | 203 | .B CLONE_NEWUSER |
88f48716 | 204 | automatically implies |
4c3d7431 | 205 | .BR CLONE_THREAD . |
6bab36f8 | 206 | Since Linux 3.9, |
4c3d7431 MK |
207 | .\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71 |
208 | .\" https://lwn.net/Articles/543273/ | |
1ae6b2c7 | 209 | .B CLONE_NEWUSER |
6bab36f8 MK |
210 | also automatically implies |
211 | .BR CLONE_FS . | |
1ae6b2c7 | 212 | .B CLONE_NEWUSER |
88f48716 | 213 | requires that the user ID and group ID |
6f6808f9 | 214 | of the calling process are mapped to user IDs and group IDs in the |
37ee2d61 | 215 | user namespace of the calling process at the time of the call. |
efeece04 | 216 | .IP |
f647dc5e | 217 | For further information on user namespaces, see |
333446b9 | 218 | .BR user_namespaces (7). |
c2cd5a7f | 219 | .TP |
667f4c78 | 220 | .BR CLONE_NEWUTS " (since Linux 2.6.19)" |
78449461 MK |
221 | This flag has the same effect as the |
222 | .BR clone (2) | |
223 | .B CLONE_NEWUTS | |
224 | flag. | |
225 | Unshare the UTS IPC namespace, | |
226 | so that the calling process has a private copy of the | |
227 | UTS namespace which is not shared with any other process. | |
228 | Use of | |
1ae6b2c7 | 229 | .B CLONE_NEWUTS |
78449461 | 230 | requires the |
1ae6b2c7 | 231 | .B CAP_SYS_ADMIN |
78449461 MK |
232 | capability. |
233 | .TP | |
9bfc9cb1 | 234 | .BR CLONE_SYSVSEM " (since Linux 2.6.26)" |
29015225 | 235 | .\" commit 9edff4ab1f8d82675277a04e359d0ed8bf14a7b7 |
a948ae52 MK |
236 | This flag reverses the effect of the |
237 | .BR clone (2) | |
238 | .B CLONE_SYSVSEM | |
239 | flag. | |
0d829b76 MK |
240 | Unshare System\ V semaphore adjustment |
241 | .RI ( semadj ) | |
242 | values, | |
243 | so that the calling process has a new empty | |
244 | .I semadj | |
245 | list that is not shared with any other process. | |
246 | If this is the last process that has a reference to the process's current | |
247 | .I semadj | |
248 | list, then the adjustments in that list are applied | |
249 | to the corresponding semaphores, as described in | |
250 | .BR semop (2). | |
eb359a09 | 251 | .\" CLONE_NEWNS If CLONE_SIGHAND is set and signals are also being shared |
5cc01e9c | 252 | .\" (i.e., current->signal->count > 1), force CLONE_THREAD. |
3d5f4595 | 253 | .PP |
4dd85833 MK |
254 | In addition, |
255 | .BR CLONE_THREAD , | |
256 | .BR CLONE_SIGHAND , | |
257 | and | |
1ae6b2c7 | 258 | .B CLONE_VM |
4dd85833 MK |
259 | can be specified in |
260 | .I flags | |
261 | if the caller is single threaded (i.e., it is not sharing | |
262 | its address space with another process or thread). | |
263 | In this case, these flags have no effect. | |
130fbed6 | 264 | (Note also that specifying |
1ae6b2c7 | 265 | .B CLONE_THREAD |
130fbed6 MK |
266 | automatically implies |
267 | .BR CLONE_VM , | |
268 | and specifying | |
1ae6b2c7 | 269 | .B CLONE_VM |
130fbed6 MK |
270 | automatically implies |
271 | .BR CLONE_SIGHAND .) | |
f231195f MK |
272 | .\" As at 3.9, the following forced implications also apply, |
273 | .\" although the relevant flags are not yet implemented. | |
274 | .\" If CLONE_THREAD is set force CLONE_VM. | |
275 | .\" If CLONE_VM is set, force CLONE_SIGHAND. | |
276 | .\" | |
4dd85833 MK |
277 | If the process is multithreaded, then |
278 | the use of these flags results in an error. | |
279 | .\" See kernel/fork.c::check_unshare_flags() | |
280 | .PP | |
c13182ef | 281 | If |
5cc01e9c MK |
282 | .I flags |
283 | is specified as zero, then | |
284 | .BR unshare () | |
285 | is a no-op; | |
286 | no changes are made to the calling process's execution context. | |
287 | .SH RETURN VALUE | |
c13182ef MK |
288 | On success, zero returned. |
289 | On failure, \-1 is returned and | |
290 | .I errno | |
5cc01e9c MK |
291 | is set to indicate the error. |
292 | .SH ERRORS | |
293 | .TP | |
eab64696 MK |
294 | .B EINVAL |
295 | An invalid bit was specified in | |
296 | .IR flags . | |
297 | .TP | |
4dd85833 MK |
298 | .B EINVAL |
299 | .BR CLONE_THREAD , | |
300 | .BR CLONE_SIGHAND , | |
301 | or | |
1ae6b2c7 | 302 | .B CLONE_VM |
4dd85833 MK |
303 | was specified in |
304 | .IR flags , | |
305 | and the caller is multithreaded. | |
306 | .TP | |
1f1c28e0 | 307 | .B EINVAL |
1ae6b2c7 | 308 | .B CLONE_NEWIPC |
1f1c28e0 MK |
309 | was specified in |
310 | .IR flags , | |
311 | but the kernel was not configured with the | |
312 | .B CONFIG_SYSVIPC | |
313 | and | |
1ae6b2c7 | 314 | .B CONFIG_IPC_NS |
1f1c28e0 MK |
315 | options. |
316 | .TP | |
317 | .B EINVAL | |
1ae6b2c7 | 318 | .B CLONE_NEWNET |
1f1c28e0 MK |
319 | was specified in |
320 | .IR flags , | |
321 | but the kernel was not configured with the | |
322 | .B CONFIG_NET_NS | |
323 | option. | |
324 | .TP | |
325 | .B EINVAL | |
1ae6b2c7 | 326 | .B CLONE_NEWPID |
1f1c28e0 MK |
327 | was specified in |
328 | .IR flags , | |
329 | but the kernel was not configured with the | |
330 | .B CONFIG_PID_NS | |
331 | option. | |
332 | .TP | |
333 | .B EINVAL | |
1ae6b2c7 | 334 | .B CLONE_NEWUSER |
1f1c28e0 MK |
335 | was specified in |
336 | .IR flags , | |
337 | but the kernel was not configured with the | |
338 | .B CONFIG_USER_NS | |
339 | option. | |
340 | .TP | |
341 | .B EINVAL | |
1ae6b2c7 | 342 | .B CLONE_NEWUTS |
1f1c28e0 MK |
343 | was specified in |
344 | .IR flags , | |
345 | but the kernel was not configured with the | |
346 | .B CONFIG_UTS_NS | |
347 | option. | |
348 | .TP | |
7827e176 | 349 | .B EINVAL |
1ae6b2c7 | 350 | .B CLONE_NEWPID |
7827e176 | 351 | was specified in |
e20f826d MK |
352 | .IR flags , |
353 | but the process has previously called | |
354 | .BR unshare () | |
355 | with the | |
1ae6b2c7 | 356 | .B CLONE_NEWPID |
e20f826d | 357 | flag. |
7827e176 | 358 | .TP |
eab64696 MK |
359 | .B ENOMEM |
360 | Cannot allocate sufficient memory to copy parts of caller's | |
361 | context that need to be unshared. | |
362 | .TP | |
b20e22ae MK |
363 | .BR ENOSPC " (since Linux 3.7)" |
364 | .\" commit f2302505775fd13ba93f034206f1e2a587017929 | |
365 | .B CLONE_NEWPID | |
366 | was specified in flags, | |
367 | but the limit on the nesting depth of PID namespaces | |
368 | would have been exceeded; see | |
369 | .BR pid_namespaces (7). | |
370 | .TP | |
b5742ecc MK |
371 | .BR ENOSPC " (since Linux 4.9; beforehand " EUSERS ) |
372 | .B CLONE_NEWUSER | |
373 | was specified in | |
374 | .IR flags , | |
375 | and the call would cause the limit on the number of | |
376 | nested user namespaces to be exceeded. | |
377 | See | |
378 | .BR user_namespaces (7). | |
efeece04 | 379 | .IP |
b5742ecc MK |
380 | From Linux 3.11 to Linux 4.8, the error diagnosed in this case was |
381 | .BR EUSERS . | |
382 | .TP | |
2f7a331e MK |
383 | .BR ENOSPC " (since Linux 4.9)" |
384 | One of the values in | |
385 | .I flags | |
386 | specified the creation of a new user namespace, | |
387 | but doing so would have caused the limit defined by the corresponding file in | |
1ae6b2c7 | 388 | .I /proc/sys/user |
2f7a331e MK |
389 | to be exceeded. |
390 | For further details, see | |
391 | .BR namespaces (7). | |
392 | .TP | |
5cc01e9c | 393 | .B EPERM |
486d4e9b | 394 | The calling process did not have the required privileges for this operation. |
365d292a MK |
395 | .TP |
396 | .B EPERM | |
1ae6b2c7 | 397 | .B CLONE_NEWUSER |
365d292a MK |
398 | was specified in |
399 | .IR flags , | |
400 | but either the effective user ID or the effective group ID of the caller | |
401 | does not have a mapping in the parent namespace (see | |
f58fb24f | 402 | .BR user_namespaces (7)). |
cdd25f2e | 403 | .TP |
40a47a16 MK |
404 | .BR EPERM " (since Linux 3.9)" |
405 | .\" commit 3151527ee007b73a0ebd296010f1c0454a919c7d | |
12f74390 AM |
406 | .B CLONE_NEWUSER |
407 | was specified in | |
40a47a16 MK |
408 | .I flags |
409 | and the caller is in a chroot environment | |
410 | .\" FIXME What is the rationale for this restriction? | |
411 | (i.e., the caller's root directory does not match the root directory | |
412 | of the mount namespace in which it resides). | |
413 | .TP | |
b320d728 | 414 | .BR EUSERS " (from Linux 3.11 to Linux 4.8)" |
cdd25f2e MK |
415 | .B CLONE_NEWUSER |
416 | was specified in | |
417 | .IR flags , | |
b5742ecc MK |
418 | and the limit on the number of nested user namespaces would be exceeded. |
419 | See the discussion of the | |
1ae6b2c7 | 420 | .B ENOSPC |
b5742ecc | 421 | error above. |
ff457ccb | 422 | .SH VERSIONS |
5cc01e9c MK |
423 | The |
424 | .BR unshare () | |
425 | system call was added to Linux in kernel 2.6.16. | |
3113c7f3 | 426 | .SH STANDARDS |
2dd578fd MK |
427 | The |
428 | .BR unshare () | |
8382f16d | 429 | system call is Linux-specific. |
ff457ccb | 430 | .SH NOTES |
c13182ef | 431 | Not all of the process attributes that can be shared when |
5cc01e9c MK |
432 | a new process is created using |
433 | .BR clone (2) | |
434 | can be unshared using | |
435 | .BR unshare (). | |
3c4e652d | 436 | In particular, as at kernel 3.8, |
f26fe082 | 437 | .\" FIXME all of the following needs to be reviewed for the current kernel |
c13182ef | 438 | .BR unshare () |
5cc01e9c MK |
439 | does not implement flags that reverse the effects of |
440 | .BR CLONE_SIGHAND , | |
3d5f4595 | 441 | .\" However, we can do unshare(CLONE_SIGHAND) if CLONE_SIGHAND |
5cc01e9c MK |
442 | .\" was not specified when doing clone(); i.e., unsharing |
443 | .\" signal handlers is permitted if we are not actually | |
444 | .\" sharing signal handlers. mtk | |
3d5f4595 MK |
445 | .BR CLONE_THREAD , |
446 | or | |
3d5f4595 | 447 | .BR CLONE_VM . |
3c4e652d | 448 | .\" However, we can do unshare(CLONE_VM) if CLONE_VM |
3d5f4595 MK |
449 | .\" was not specified when doing clone(); i.e., unsharing |
450 | .\" virtual memory is permitted if we are not actually | |
451 | .\" sharing virtual memory. mtk | |
5cc01e9c MK |
452 | Such functionality may be added in the future, if required. |
453 | .\" | |
454 | .\"9) Future Work | |
455 | .\"-------------- | |
456 | .\"The current implementation of unshare does not allow unsharing of | |
457 | .\"signals and signal handlers. Signals are complex to begin with and | |
458 | .\"to unshare signals and/or signal handlers of a currently running | |
459 | .\"process is even more complex. If in the future there is a specific | |
460 | .\"need to allow unsharing of signals and/or signal handlers, it can | |
461 | .\"be incrementally added to unshare without affecting legacy | |
462 | .\"applications using unshare. | |
463 | .\" | |
8f4ed646 PR |
464 | .PP |
465 | Creating all kinds of namespace, except user namespaces, requires the | |
466 | .B CAP_SYS_ADMIN | |
467 | capability. | |
468 | However, since creating a user namespace automatically confers a full set of | |
469 | capabilities, | |
470 | creating both a user namespace and any other type of namespace in the same | |
471 | .BR unshare () | |
472 | call does not require the | |
473 | .B CAP_SYS_ADMIN | |
474 | capability in the original namespace. | |
a14af333 | 475 | .SH EXAMPLES |
f919b6e4 MK |
476 | The program below provides a simple implementation of the |
477 | .BR unshare (1) | |
478 | command, which unshares one or more namespaces and executes the | |
08e54e51 | 479 | command supplied in its command-line arguments. |
f919b6e4 MK |
480 | Here's an example of the use of this program, |
481 | running a shell in a new mount namespace, | |
482 | and verifying that the original shell and the | |
483 | new shell are in separate mount namespaces: | |
e646a1ba | 484 | .PP |
f919b6e4 | 485 | .in +4n |
e646a1ba | 486 | .EX |
f919b6e4 MK |
487 | $ \fBreadlink /proc/$$/ns/mnt\fP |
488 | mnt:[4026531840] | |
2c1acf16 | 489 | $ \fBsudo ./unshare \-m /bin/bash\fP |
f919b6e4 MK |
490 | # \fBreadlink /proc/$$/ns/mnt\fP |
491 | mnt:[4026532325] | |
b8302363 | 492 | .EE |
f919b6e4 | 493 | .in |
efeece04 | 494 | .PP |
f919b6e4 MK |
495 | The differing output of the two |
496 | .BR readlink (1) | |
497 | commands shows that the two shells are in different mount namespaces. | |
498 | .SS Program source | |
499 | \& | |
33857069 | 500 | .\" SRC BEGIN (unshare.c) |
e7d0bb47 | 501 | .EX |
f5d401dd | 502 | /* unshare.c |
f919b6e4 MK |
503 | |
504 | A simple implementation of the unshare(1) command: unshare | |
505 | namespaces and execute a command. | |
506 | */ | |
507 | #define _GNU_SOURCE | |
5a5208c1 | 508 | #include <err.h> |
f919b6e4 | 509 | #include <sched.h> |
f919b6e4 | 510 | #include <stdio.h> |
4ae706b0 AC |
511 | #include <stdlib.h> |
512 | #include <unistd.h> | |
f919b6e4 | 513 | |
f919b6e4 MK |
514 | static void |
515 | usage(char *pname) | |
516 | { | |
d1a71985 MK |
517 | fprintf(stderr, "Usage: %s [options] program [arg...]\en", pname); |
518 | fprintf(stderr, "Options can be:\en"); | |
beb5a76e | 519 | fprintf(stderr, " \-C unshare cgroup namespace\en"); |
d1a71985 MK |
520 | fprintf(stderr, " \-i unshare IPC namespace\en"); |
521 | fprintf(stderr, " \-m unshare mount namespace\en"); | |
522 | fprintf(stderr, " \-n unshare network namespace\en"); | |
523 | fprintf(stderr, " \-p unshare PID namespace\en"); | |
beb5a76e | 524 | fprintf(stderr, " \-t unshare time namespace\en"); |
d1a71985 MK |
525 | fprintf(stderr, " \-u unshare UTS namespace\en"); |
526 | fprintf(stderr, " \-U unshare user namespace\en"); | |
f919b6e4 MK |
527 | exit(EXIT_FAILURE); |
528 | } | |
529 | ||
530 | int | |
531 | main(int argc, char *argv[]) | |
532 | { | |
533 | int flags, opt; | |
534 | ||
535 | flags = 0; | |
536 | ||
beb5a76e | 537 | while ((opt = getopt(argc, argv, "CimnptuU")) != \-1) { |
f919b6e4 | 538 | switch (opt) { |
beb5a76e | 539 | case \(aqC\(aq: flags |= CLONE_NEWCGROUP; break; |
f919b6e4 MK |
540 | case \(aqi\(aq: flags |= CLONE_NEWIPC; break; |
541 | case \(aqm\(aq: flags |= CLONE_NEWNS; break; | |
542 | case \(aqn\(aq: flags |= CLONE_NEWNET; break; | |
543 | case \(aqp\(aq: flags |= CLONE_NEWPID; break; | |
beb5a76e | 544 | case \(aqt\(aq: flags |= CLONE_NEWTIME; break; |
f919b6e4 MK |
545 | case \(aqu\(aq: flags |= CLONE_NEWUTS; break; |
546 | case \(aqU\(aq: flags |= CLONE_NEWUSER; break; | |
547 | default: usage(argv[0]); | |
548 | } | |
549 | } | |
550 | ||
551 | if (optind >= argc) | |
552 | usage(argv[0]); | |
553 | ||
554 | if (unshare(flags) == \-1) | |
5a5208c1 | 555 | err(EXIT_FAILURE, "unshare"); |
f919b6e4 | 556 | |
f5d401dd | 557 | execvp(argv[optind], &argv[optind]); |
5a5208c1 | 558 | err(EXIT_FAILURE, "execvp"); |
f919b6e4 | 559 | } |
e7d0bb47 | 560 | .EE |
33857069 | 561 | .\" SRC END |
5cc01e9c | 562 | .SH SEE ALSO |
e939d607 | 563 | .BR unshare (1), |
c13182ef MK |
564 | .BR clone (2), |
565 | .BR fork (2), | |
19a98048 | 566 | .BR kcmp (2), |
47b0eb1e | 567 | .BR setns (2), |
3d02560d | 568 | .BR vfork (2), |
41096af1 | 569 | .BR namespaces (7) |
efeece04 | 570 | .PP |
b49c2acb | 571 | .I Documentation/userspace\-api/unshare.rst |
173fe7e7 | 572 | in the Linux kernel source tree |
5bbb004d ES |
573 | .\" commit f504d47be5e8fa7ecf2bf660b18b42e6960c0eb2 |
574 | (or | |
575 | .I Documentation/unshare.txt | |
576 | before Linux 4.12) |