1lxc-unshare(1)                                                  lxc-unshare(1)
2
3
4

NAME

6       lxc-unshare - Run a task in a new set of namespaces.
7

SYNOPSIS

9       lxc-unshare {-s, --namespaces namespaces} [-u, --user user] [-H,
10                   --hostname hostname] [-i, --ifname ifname] [-d, --daemon]
11                   [-M, --remount] {command}
12

DESCRIPTION

14       lxc-unshare  can  be  used to run a task in a cloned set of namespaces.
15       This command is mainly provided  for  testing  purposes.   Despite  its
16       name,  it  always uses clone rather than unshare to create the new task
17       with fresh namespaces.  Apart  from  testing  kernel  regressions  this
18       should make no difference.
19

OPTIONS

21       -s, --namespaces namespaces
22              Specify  the  namespaces to attach to, as a pipe-separated list,
23              e.g. NETWORK|IPC. Allowed values are MOUNT, PID,  UTSNAME,  IPC,
24              USER  and  NETWORK. This allows one to change the context of the
25              process to e.g. the network namespace of the container while re‐
26              taining  the  other  namespaces  as those of the host. (The pipe
27              symbol needs to be escaped, e.g.   MOUNT\|PID  or  quoted,  e.g.
28              "MOUNT|PID".)
29
30       -u, --user user
31              Specify a userid which the new task should become.
32
33       -H, --hostname hostname
34              Set  the  hostname in the new container. Only allowed if the UT‐
35              SNAME namespace is set.
36
37       -i, --ifname interfacename
38              Move the named interface into the container. Only allowed if the
39              NETWORK namespace is set. You may specify this argument multiple
40              times to move multiple interfaces into container.
41
42       -d, --daemon
43              Daemonize (do not wait for the container to exit before exiting)
44
45       -M, --remount
46              Mount default filesystems (/proc /dev/shm  and  /dev/mqueue)  in
47              the container. Only allowed if MOUNT namespace is set.
48

EXAMPLES

50       To spawn a new shell with its own UTS (hostname) namespace,
51
52                 lxc-unshare -s UTSNAME /bin/bash
53
54
55       If  the  hostname  is changed in that shell, the change will not be re‐
56       flected on the host.
57
58       To spawn a shell in a new network, pid, and mount namespace,
59
60                 lxc-unshare -s "NETWORK|PID|MOUNT" /bin/bash
61
62
63       The resulting shell will have pid 1 and will see no network interfaces.
64       After re-mounting /proc in that shell,
65
66                 mount -t proc proc /proc
67
68
69       ps output will show there are no other processes in the namespace.
70
71       To spawn a shell in a new network, pid, mount, and hostname namespace.
72
73                 lxc-unshare -s "NETWORK|PID|MOUNT|UTSNAME" -M -H myhostname -i veth1 /bin/bash
74
75
76       The resulting shell will have pid 1 and will see two network interfaces
77       (lo and veth1). The hostname will be "myhostname" and /proc  will  have
78       been remounted. ps output will show there are no other processes in the
79       namespace.
80

SEE ALSO

82       lxc(7), lxc-create(1), lxc-copy(1), lxc-destroy(1), lxc-start(1),  lxc-
83       stop(1),  lxc-execute(1),  lxc-console(1), lxc-monitor(1), lxc-wait(1),
84       lxc-cgroup(1), lxc-ls(1), lxc-info(1), lxc-freeze(1),  lxc-unfreeze(1),
85       lxc-attach(1), lxc.conf(5)
86

AUTHOR

88       Daniel Lezcano <daniel.lezcano@free.fr>
89
90
91
92                                  2021-09-18                    lxc-unshare(1)
Impressum