1UNSHARE(1)                       User Commands                      UNSHARE(1)
2
3
4

NAME

6       unshare - run program with some namespaces unshared from parent
7

SYNOPSIS

9       unshare [options] program [arguments]
10

DESCRIPTION

12       Unshares the indicated namespaces from the parent process and then exe‐
13       cutes the specified program.  The namespaces to be unshared  are  indi‐
14       cated via options.  Unshareable namespaces are:
15
16       mount namespace
17              Mounting  and unmounting filesystems will not affect the rest of
18              the system (CLONE_NEWNS flag), except for filesystems which  are
19              explicitly  marked  as  shared  (with  mount  --make-shared; see
20              /proc/self/mountinfo for the shared flags).
21
22              It's recommended to use mount --make-rprivate or  mount  --make-
23              rslave  after  unshare  --mount to make sure that mountpoints in
24              the new namespace are really unshared from parental namespace.
25
26       UTS namespace
27              Setting hostname or domainname will not affect the rest  of  the
28              system.  (CLONE_NEWUTS flag)
29
30       IPC namespace
31              The process will have an independent namespace for System V mes‐
32              sage  queues,  semaphore  sets  and  shared   memory   segments.
33              (CLONE_NEWIPC flag)
34
35       network namespace
36              The process will have independent IPv4 and IPv6 stacks, IP rout‐
37              ing tables, firewall rules,  the  /proc/net  and  /sys/class/net
38              directory trees, sockets, etc.  (CLONE_NEWNET flag)
39
40       pid namespace
41              Children  will  have  a  distinct set of PID to process mappings
42              from their parent.  (CLONE_NEWPID flag)
43
44       See clone(2) for the exact semantics of the flags.
45

OPTIONS

47       -h, --help
48              Display help text and exit.
49
50       -i, --ipc
51              Unshare the IPC namespace.
52
53       -m, --mount
54              Unshare the mount namespace.
55
56       -n, --net
57              Unshare the network namespace.
58
59       -p, --pid
60              Unshare the pid namespace.  See also the --fork and --mount-proc
61              options.
62
63       -u, --uts
64              Unshare the UTS namespace.
65
66       -f, --fork
67              Fork  the specified program as a child process of unshare rather
68              than running it directly.  This is useful when  creating  a  new
69              pid namespace.
70
71       --mount-proc[=mountpoint]
72              Just  before  running  the program, mount the proc filesystem at
73              the mountpoint (default is /proc).  This is useful when creating
74              a  new  pid  namespace.   It  also  implies creating a new mount
75              namespace since the /proc mount would otherwise mess up existing
76              programs  on  the  system. The new proc filesystem is explicitly
77              mounted as private (by MS_PRIVATE|MS_REC).
78

SEE ALSO

80       unshare(2), clone(2), mount(8)
81

BUGS

83       None known so far.
84

AUTHOR

86       Mikhail Gusarov <dottedmag@dottedmag.net>
87

AVAILABILITY

89       The unshare command is part of the util-linux package and is  available
90       from ftp://ftp.kernel.org/pub/linux/utils/util-linux/.
91
92
93
94util-linux                         July 2013                        UNSHARE(1)
Impressum