Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   29550 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

VIRT-SANDBOX-SERVICE-CLONE(1Virtualization SupporVIRT-SANDBOX-SERVICE-CLONE(1)

NAME
       virt-sandbox-service clone - clone an existing Secure container

SYNOPSIS
       Clone a Security container

	 virt-sandbox-service [-c URI] clone [-h] [-p PATH] [-s SECURITY-OPTS] SOURCE DEST

DESCRIPTION
       virt-sandbox-service is used to manage secure sandboxed system
       services.  These applications will be launched via libvirt and run
       within a virtualization technology such as LinuX Containers (LXC), or
       optionally QEMU/KVM. The container / virtual machines will be secured
       by SELinux and resource separated using cgroups.

       The clone command will clone the SOURCE security sandbox container into
       the DEST security sandbox container.

OPTIONS
       -h, --help
	   Display help message

       -c URI, --connect URI
	   The connection URI for the hypervisor (currently only LXC URIs are
	   supported).

       -p PATH, --path PATH
	   Set path to copy container content from/to. This argument must
	   match the value of the "-p" arg given when creating the original
	   source container.

	   Default: "/var/lib/libvirt/filesystems".

       -s SECURITY-OPTIONS, --security=SECURITY-OPTIONS
	   Use alternative security options. SECURITY-OPTIONS is a set of
	   key=val pairs, separated by commas. The following options are valid
	   for SELinux

	   dynamic
	       Dynamically allocate an SELinux label, using the default base
	       context.	 The default base context is
	       system_u:system_r:svirt_lxc_net_t:s0 for LXC,
	       system_u:system_r:svirt_t:s0 for KVM,
	       system_u:system_r:svirt_tcg_t:s0 for QEMU.

	   dynamic,label=USER:ROLE:TYPE:LEVEL
	       Dynamically allocate an SELinux label, using the base context
	       USER:ROLE:TYPE:LEVEL, instead of the default base context.

	   static,label=USER:ROLE:TYPE:LEVEL
	       To set a completely static label. For example,
	       static,label=system_u:system_r:svirt_t:s0:c412,c355

EXAMPLE
       Execute /bin/sh in httpd1 container

	# virt-sandbox-service clone -s static,label=system_u:system_r:svirt_lxc_net_t:s0:c1,c2 httpd1 httpd2

SEE ALSO
       libvirt(8), selinux(8), systemd(8), "virt-sandbox-service(1)"

FILES
       Container content will be stored in subdirectories of
       /var/lib/libvirt/filesystems, by default.  You can manage the content
       in these directories outside of the container and processes within the
       container will see the content.

AUTHORS
       Daniel Walsh <dwalsh@redhat.com> Daniel P. Berrange <dan@berrange.com>

COPYRIGHT
       Copyright (C) 2011-2013 Red Hat, Inc.

LICENSE
       virt-sandbox is distributed under the terms of the GNU LGPL v2+.	 This
       is free software; see the source for copying conditions.	 There is NO
       warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
       PURPOSE

libvirt-sandbox-0.5.0		  2013-10-03	 VIRT-SANDBOX-SERVICE-CLONE(1)

Vote for polarhome