1NSENTER(1) User Commands NSENTER(1)
2
6 nsenter - run program with namespaces of other processes
7
9 nsenter [options] [program [arguments]]
10
12 Enters the namespaces of one or more other processes and then executes
13 the specified program. Enterable namespaces are:
14 mount namespace
16 Mounting and unmounting filesystems will not affect the rest of
17 the system (CLONE_NEWNS flag), except for filesystems which are
18 explicitly marked as shared (with mount --make-shared; see /proc
19 /self/mountinfo for the shared flag).
20 UTS namespace
22 Setting hostname or domainname will not affect the rest of the
23 system. (CLONE_NEWUTS flag)
24 IPC namespace
26 The process will have an independent namespace for System V mes‐
27 sage queues, semaphore sets and shared memory segments. (CLONE_
28 NEWIPC flag)
29 network namespace
31 The process will have independent IPv4 and IPv6 stacks, IP rout‐
32 ing tables, firewall rules, the /proc/net and /sys/class/net
33 directory trees, sockets, etc. (CLONE_NEWNET flag)
34 PID namespace
36 Children will have a set of PID to process mappings separate
37 from the nsenter process (CLONE_NEWPID flag). nsenter will fork
38 by default if changing the PID namespace, so that the new pro‐
39 gram and its children share the same PID namespace and are visi‐
40 ble to each other. If --no-fork is used, the new program will
41 be exec'ed without forking.
42 See clone(2) for the exact semantics of the flags.
44 If program is not given, then ``${SHELL}'' is run (default: /bin/sh).
46
49 -t, --target pid
50 Specify a target process to get contexts from. The paths to the
51 contexts specified by pid are:
52 /proc/pid/ns/mnt the mount namespace
54 /proc/pid/ns/uts the UTS namespace
55 /proc/pid/ns/ipc the IPC namespace
56 /proc/pid/ns/net the network namespace
57 /proc/pid/ns/pid the PID namespace
58 /proc/pid/root the root directory
59 /proc/pid/cwd the working directory respectively
60 -m, --mount[=file]
62 Enter the mount namespace. If no file is specified, enter the
63 mount namespace of the target process. If file is specified,
64 enter the mount namespace specified by file.
65 -u, --uts[=file]
67 Enter the UTS namespace. If no file is specified, enter the UTS
68 namespace of the target process. If file is specified, enter
69 the UTS namespace specified by file.
70 -i, --ipc[=file]
72 Enter the IPC namespace. If no file is specified, enter the IPC
73 namespace of the target process. If file is specified, enter
74 the IPC namespace specified by file.
75 -n, --net[=file]
77 Enter the network namespace. If no file is specified, enter the
78 network namespace of the target process. If file is specified,
79 enter the network namespace specified by file.
80 -p, --pid[=file]
82 Enter the PID namespace. If no file is specified, enter the PID
83 namespace of the target process. If file is specified, enter
84 the PID namespace specified by file.
85 -r, --root[=directory]
87 Set the root directory. If no directory is specified, set the
88 root directory to the root directory of the target process. If
89 directory is specified, set the root directory to the specified
90 directory.
91 -w, --wd[=directory]
93 Set the working directory. If no directory is specified, set
94 the working directory to the working directory of the target
95 process. If directory is specified, set the working directory
96 to the specified directory.
97 -F, --no-fork
99 Do not fork before exec'ing the specified program. By default,
100 when entering a PID namespace, nsenter calls fork before calling
101 exec so that any children will also be in the newly entered PID
102 namespace.
103 -V, --version
105 Display version information and exit.
106 -h, --help
108 Display help text and exit.
109
111 setns(2), clone(2)
112
114 Eric Biederman ⟨ebiederm@xmission.com⟩
115
117 The nsenter command is part of the util-linux package and is available
118 from Linux Kernel Archive ⟨ftp://ftp.kernel.org/pub/linux/utils/util-
119 linux/⟩.
120util-linux June 2013 NSENTER(1)