Mercurial > hg > toybox

view toys/other/unshare.c @ 1215:4eaac3e63fa7 draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Cleanup freeramdisk: tabs to 2 spaces, square brackets for option name, do optional cleanup under if (CFG_TOYBOX_FREE) guard.
author Rob Landley <rob@landley.net>
date Sun, 09 Mar 2014 14:38:51 -0500
parents 0d0c01ac5c63
children 33b3b5f9e6c6
line wrap: on
line source

/* unshare.c - run command in new context
 *
 * Copyright 2011 Rob Landley <rob@landley.net>

USE_UNSHARE(NEWTOY(unshare, "<1^niumpU", TOYFLAG_USR|TOYFLAG_BIN))

config UNSHARE
  bool "unshare"
  default y
  depends on TOYBOX_CONTAINER
  help
    usage: unshare [-muin] COMMAND...

    Create new namespace(s) for this process and its children, so some
    attribute is not shared with the parent process.  This is part of
    Linux Containers.  Each process can have its own:

    -i	SysV IPC (message queues, semaphores, shared memory)
    -m	Mount/unmount tree
    -n	Network address, sockets, routing, iptables
    -p	Process IDs and init
    -u	Host and domain names
    -U  UIDs, GIDs, capabilities
*/

#include "toys.h"
#include <linux/sched.h>
extern int unshare (int __flags);

void unshare_main(void)
{
  unsigned flags[]={CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWNET,
                    CLONE_NEWPID, CLONE_NEWUSER, 0};
  unsigned f=0;
  int i;

  for (i=0; flags[i]; i++) if (toys.optflags & (1<<i)) f |= flags[i];

  if(unshare(f)) perror_exit("failed");

  xexec_optargs(0);
}