1SEUNSHARE(8)                     User Commands                    SEUNSHARE(8)
2
3
4

NAME

6       seunshare  - Run cmd with alternate homedir, tmpdir and/or SELinux con‐
7       text
8

SYNOPSIS

10       seunshare [ -v ] [ -c ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z
11       context ] -- executable [args]
12

DESCRIPTION

14       Run  the  executable  within the specified context, using the alternate
15       home directory and /tmp directory.  The seunshare command unshares from
16       the  default  namespace,  then  mounts the specified homedir and tmpdir
17       over the default homedir and /tmp. Finally it tells the kernel to  exe‐
18       cute the application under the specified SELinux context.
19
20
21       -h homedir
22              Alternate  homedir  to be used by the application.  Homedir must
23              be owned by the user.
24
25       -t tmpdir
26              Use alternate tempory directory to mount on /tmp.   tmpdir  must
27              be owned by the user.
28
29       -c --cgroups
30              Use  cgroups to control this copy of seunshare.  Specify parame‐
31              ters in /etc/sysconfig/sandbox.  Max memory usage and cpu  usage
32              are  to  be specified in percent.  You can specify which CPUs to
33              use by numbering them 0,1,2... etc.
34
35       -C --capabilities
36              Allow apps executed within the namespace  to  use  capabilities.
37              Default is no capabilities.
38
39       -k --kill
40              Kill all processes with matching MCS level.
41
42       -Z context
43              Use alternate SELinux context while runing the executable.
44
45       -v     Verbose output
46

SEE ALSO

48       runcon(1), sandbox(8), selinux(8)
49

AUTHOR

51       This  manual  page  was  written  by  Dan Walsh <dwalsh@redhat.com> and
52       Thomas Liu <tliu@fedoraproject.org>
53
54
55
56seunshare                          May 2010                       SEUNSHARE(8)
Impressum