Linux command
unshare 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Example
unshare -n command
Example
unshare -m --pid --fork command
Example
unshare -n /bin/bash
Example
unshare -r command
Example
unshare --mount --uts --ipc --net --pid --fork command
说明
unshare creates new namespaces and then executes the specified program within them. If no program is specified, it runs the shell. Namespaces provide isolation for system resources.
参数
- -f, --fork
- Fork before executing (required for PID namespace)
- -r, --map-root-user
- Map current user to root in user namespace
- --map-user=UID
- Map to specified UID in user namespace
- --map-group=GID
- Map to specified GID in user namespace
- -R, --root=DIR
- Set root directory
- -w, --wd=DIR
- Set working directory
- --propagation private|shared|slave|unchanged
- Set mount propagation
- --mount-proc=DIR
- Mount /proc in new mount namespace
- --kill-child=signame
- When unshare terminates, send signal to the forked child (default: SIGKILL). Useful with --pid to kill entire process tree.
- -c, --map-current-user
- Map current effective user and group IDs to themselves in the new user namespace. Implies --setgroups=deny and --user.
- -S, --setuid _uid_
- Set the user ID in the entered namespace.
- -G, --setgid _gid_
- Set the group ID in the entered namespace and drop supplementary groups.
- --setgroups allow|deny
- Allow or deny setgroups(2) in a user namespace.
- --keep-caps
- Keep capabilities granted in the user namespace in the child process.
FAQ
What is the unshare command used for?
unshare creates new namespaces and then executes the specified program within them. If no program is specified, it runs the shell. Namespaces provide isolation for system resources.
How do I run a basic unshare example?
Run `unshare -n command` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -f, --fork do in unshare?
Fork before executing (required for PID namespace)