3 lxc: linux Container library
5 (C) Copyright IBM Corp. 2007, 2008
8 Daniel Lezcano <daniel.lezcano at free.fr>
9 Serge Hallyn <serge.hallyn at ubuntu.com>
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 2.1 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, write to the Free Software
23 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
27 <!DOCTYPE refentry PUBLIC @docdtd@ [
29 <!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
30 <!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
35 <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
38 <refentrytitle>lxc-unshare</refentrytitle>
39 <manvolnum>1</manvolnum>
43 <refname>lxc-unshare</refname>
46 Run a task in a new set of namespaces.
52 <command>lxc-unshare</command>
53 <arg choice="req">-s, --namespaces <replaceable>namespaces</replaceable></arg>
54 <arg choice="opt">-u, --user <replaceable>user</replaceable></arg>
55 <arg choice="opt">-H, --hostname <replaceable>hostname</replaceable></arg>
56 <arg choice="opt">-i, --ifname <replaceable>ifname</replaceable></arg>
57 <arg choice="opt">-d, --daemon</arg>
58 <arg choice="opt">-M, --remount</arg>
59 <arg choice="req">command</arg>
64 <title>Description</title>
67 <command>lxc-unshare</command> can be used to run a task in a cloned set
68 of namespaces. This command is mainly provided for testing purposes.
69 Despite its name, it always uses clone rather than unshare to create
70 the new task with fresh namespaces. Apart from testing kernel
71 regressions this should make no difference.
78 <title>Options</title>
84 <option>-s, --namespaces <replaceable>namespaces</replaceable></option>
88 Specify the namespaces to attach to, as a pipe-separated list,
89 e.g. <replaceable>NETWORK|IPC</replaceable>. Allowed values are
90 <replaceable>MOUNT</replaceable>, <replaceable>PID</replaceable>,
91 <replaceable>UTSNAME</replaceable>, <replaceable>IPC</replaceable>,
92 <replaceable>USER </replaceable> and
93 <replaceable>NETWORK</replaceable>. This allows one to change
94 the context of the process to e.g. the network namespace of the
95 container while retaining the other namespaces as those of the
96 host. (The pipe symbol needs to be escaped, e.g.
97 <replaceable>MOUNT\|PID</replaceable> or quoted, e.g.
98 <replaceable>"MOUNT|PID"</replaceable>.)
105 <option>-u, --user <replaceable>user</replaceable></option>
109 Specify a userid which the new task should become.
116 <option>-H, --hostname <replaceable>hostname</replaceable></option>
120 Set the hostname in the new container. Only allowed if
121 the UTSNAME namespace is set.
128 <option>-i, --ifname <replaceable>interfacename</replaceable></option>
132 Move the named interface into the container. Only allowed
133 if the NETWORK namespace is set. You may specify this
134 argument multiple times to move multiple interfaces into
142 <option>-d, --daemon</option>
146 Daemonize (do not wait for the container to exit before exiting)
153 <option>-M, --remount</option>
157 Mount default filesystems (/proc /dev/shm and /dev/mqueue)
158 in the container. Only allowed if MOUNT namespace is set.
168 <title>Examples</title>
170 To spawn a new shell with its own UTS (hostname) namespace,
172 lxc-unshare -s UTSNAME /bin/bash
174 If the hostname is changed in that shell, the change will not be
175 reflected on the host.
178 To spawn a shell in a new network, pid, and mount namespace,
180 lxc-unshare -s "NETWORK|PID|MOUNT" /bin/bash
182 The resulting shell will have pid 1 and will see no network interfaces.
183 After re-mounting /proc in that shell,
185 mount -t proc proc /proc
187 ps output will show there are no other processes in the namespace.
190 To spawn a shell in a new network, pid, mount, and hostname
193 lxc-unshare -s "NETWORK|PID|MOUNT|UTSNAME" -M -H myhostname -i veth1 /bin/bash
196 The resulting shell will have pid 1 and will see two network
197 interfaces (lo and veth1). The hostname will be "myhostname" and
198 /proc will have been remounted. ps output will show there are
199 no other processes in the namespace.
206 <title>Author</title>
207 <para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
212 <!-- Keep this comment at the end of the file
217 sgml-minimize-attributes:nil
218 sgml-always-quote-attributes:t
221 sgml-parent-document:nil
222 sgml-default-dtd-file:nil
223 sgml-exposed-tags:nil
224 sgml-local-catalogs:nil
225 sgml-local-ecat-files:nil