SEUNSHARE(8) User Commands SEUNSHARE(8)NAMEseunshare - Run cmd with alternate homedir, tmpdir and/or SELinux con‐
text
SYNOPSISseunshare [ -v ] [ -c ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z
context ] -- executable [args]
DESCRIPTION
Run the executable within the specified context, using the alternate
home directory and /tmp directory. The seunshare command unshares from
the default namespace, then mounts the specified homedir and tmpdir
over the default homedir and /tmp. Finally it tells the kernel to exe‐
cute the application under the specified SELinux context.
-h homedir
Alternate homedir to be used by the application. Homedir must
be owned by the user.
-t tmpdir
Use alternate tempory directory to mount on /tmp. tmpdir must
be owned by the user.
-c --cgroups
Use cgroups to control this copy of seunshare. Specify parame‐
ters in /etc/sysconfig/sandbox. Max memory usage and cpu usage
are to be specified in percent. You can specify which CPUs to
use by numbering them 0,1,2... etc.
-C --capabilities
Allow apps executed within the namespace to use capabilities.
Default is no capabilities.
-k --kill
Kill all processes with matching MCS level.
-Z context
Use alternate SELinux context while runing the executable.
-v Verbose output
SEE ALSOruncon(1), sandbox(8), selinux(8)AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com> and
Thomas Liu <tliu@fedoraproject.org>
seunshare May 2010 SEUNSHARE(8)