lxc-unshare(1)lxc-unshare(1)NAMElxc-unshare - Run a task in a new set of namespaces.
SYNOPSIS
lxc-clone {-s namespaces} {-u user} {command}
DESCRIPTIONlxc-unshare can be used to run a task in a cloned set of namespaces.
This command is mainly provided for testing purposes. Despite its
name, it always uses clone rather than unshare to create the new task
with fresh namespaces. Apart from testing kernel regressions this
should make no difference.
OPTIONS-s namespaces
Specify the namespaces to attach to, as a pipe-separated list,
e.g. NETWORK|IPC. Allowed values are MOUNT, PID, UTSNAME, IPC,
USER and NETWORK. This allows one to change the context of the
process to e.g. the network namespace of the container while re‐
taining the other namespaces as those of the host.
-u user
Specify a user which the new task should become. This option is
only valid if a user namespace is unshared.
EXAMPLES
To spawn a new shell with its own UTS (hostname) namespace,
lxc-clone -s UTSNAME /bin/bash
If the hostname is changed in that shell, the change will not be re‐
flected on the host.
To spawn a shell in a new network, pid, and mount namespace,
lxc-clone -s "NETWORK|PID|MOUNT" /bin/bash
The resulting shell will have pid 1 and will see no network interfaces.
After re-mounting /proc in that shell,
mount -t proc proc /proc
ps output will show there are no other processes in the namespace.
SEE ALSOlxc(1), lxc-create(1), lxc-destroy(1), lxc-start(1), lxc-stop(1), lxc-
execute(1), lxc-kill(1), lxc-console(1), lxc-monitor(1), lxc-wait(1),
lxc-cgroup(1), lxc-ls(1), lxc-ps(1), lxc-info(1), lxc-freeze(1), lxc-
unfreeze(1), lxc-attach(1), lxc.conf(5)AUTHOR
Daniel Lezcano <daniel.lezcano@free.fr>
Tue Jul 9 14:17:14 CDT 2013 lxc-unshare(1)