UNSHARE(1) User Commands UNSHARE(1)NAMEunshare - run program with some namespaces unshared from parent
SYNOPSISunshare [options] program [arguments]
DESCRIPTION
Unshares specified namespaces from parent process and then executes
specified program. Unshareable namespaces are:
mount namespace
mounting and unmounting filesystems will not affect rest of the
system (CLONE_NEWNS flag), except for filesystems which are
explicitly marked as shared (by mount --make-shared). See
/proc/self/mountinfo for the shared flags.
UTS namespace
setting hostname, domainname will not affect rest of the system
(CLONE_NEWUTS flag).
IPC namespace
process will have independent namespace for System V message
queues, semaphore sets and shared memory segments (CLONE_NEWIPC
flag).
network namespace
process will have independent IPv4 and IPv6 stacks, IP routing
tables, firewall rules, the /proc/net and /sys/class/net direcā
tory trees, sockets etc. (CLONE_NEWNET flag).
pid namespace
children will have a distinct set of pid to process mappings
than their parent. (CLONE_NEWPID flag).
user namespace
process will have distinct set of uids, gids and capabilities.
(CLONE_NEWUSER flag).
See the clone(2) for exact semantics of the flags.
OPTIONS-h, --help
Print a help message,
-m, --mount
Unshare the mount namespace,
-u, --uts
Unshare the UTS namespace,
-i, --ipc
Unshare the IPC namespace,
-n, --net
Unshare the network namespace.
-p, --pid
Unshare the pid namespace.
-U, --user
Unshare the user namespace.
SEE ALSOunshare(2), clone(2)BUGS
None known so far.
AUTHOR
Mikhail Gusarov <dottedmag@dottedmag.net>
AVAILABILITY
The unshare command is part of the util-linux package and is available
from ftp://ftp.kernel.org/pub/linux/utils/util-linux/.
util-linux January 2013 UNSHARE(1)