sys-utils/unshare.1

   1 .\" Process this file with
   2 .\" groff -man -Tascii lscpu.1
   3 .\"
   4 .TH UNSHARE 1 "OCTOBER 2008" Linux "User Manuals"
   5 .SH NAME
   6 unshare \- run program with some namespaces unshared from parent
   7 .SH SYNOPSIS
   8 .B unshare
   9 .RI [ options ]
  10 program
  11 .RI [ arguments ]
  12 .SH DESCRIPTION
  13 Unshares specified namespaces from parent process and then executes specified
  14 program. Unshareable namespaces are:
  15 .TP
  16 .BR "mount namespace"
  17 mounting and unmounting filesystems will not affect rest of the system
  18 (\fBCLONE_NEWNS\fP flag),
  19 .TP
  20 .BR "UTS namespace"
  21 setting hostname, domainname will not affect rest of the system
  22 (\fBCLONE_NEWUTS\fP flag),
  23 .TP
  24 .BR "IPC namespace"
  25 process will have indpendent namespace for System V message queues, semaphore
  26 sets and shared memory segments (\fBCLONE_NEWIPC\fP flag),
  27 .TP
  28 .BR "network namespace"
  29 process will have independent IPv4 and IPv6 stacks, IP routing tables, firewall
  30 rules, the \fI/proc/net\fP and \fI/sys/class/net\fP directory trees, sockets
  31 etc. (\fBCLONE_NEWNET\fP flag).
  32 .TP
  33 See the clone(2) for exact semantics of the flags.
  34 .SH OPTIONS
  35 .TP
  36 .BR \-h , " \-\-help"
  37 Print a help message,
  38 .TP
  39 .BR \-m , " \-\-mount"
  40 Unshare the mount namespace,
  41 .TP
  42 .BR \-u , " \-\-uts"
  43 Unshare the UTC namespace,
  44 .TP
  45 .BR \-i , " \-\-ipc"
  46 Unshare the IPC namespace,
  47 .TP
  48 .BR \-n , " \-\-net"
  49 Unshare the network namespace.
  50 .SH NOTES
  51 The unshare command drops potential privileges before executing the
  52 target program. This allows to setuid unshare.
  53 .SH SEE ALSO
  54 unshare(2), clone(2)
  55 .SH BUGS
  56 None known so far.
  57 .SH AUTHOR
  58 Mikhail Gusarov <dottedmag@dottedmag.net>
  59 .SH AVAILABILITY
  60 The unshare command is part of the util-linux package and is available from
  61 ftp://ftp.kernel.org/pub/linux/utils/util-linux/.