SEUNSHARE(8) | User Commands | SEUNSHARE(8) |
NAME¶
seunshare - Run cmd with alternate homedir, tmpdir and/or SELinux context
SYNOPSIS¶
seunshare [ -v ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
DESCRIPTION¶
Run the executable within the specified context, using custom home directory and /tmp directory. The seunshare command unshares from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to execute the application under the specified SELinux context.
- -h homedir
- Alternate homedir to be used by the application. Homedir must be owned by the user
- -t tmpdir
- Use alternate temporary directory to mount on /tmp. tmpdir must be owned by the user
- -r runuserdir
- Use alternate temporary directory to mount on XDG_RUNTIME_DIR (/run/user/$UID). runuserdir must be owned by the user
- -C --capabilities
- Allow apps executed within the namespace to use capabilities. Default is no capabilities
- -k --kill
- Kill all processes with matching MCS level
- -Z context
- Use alternate SELinux context while running the executable
- -v
- Verbose output
EXAMPLE¶
Run bash with temporary /home and /tmp directory # USERHOMEDIR=`mktemp -d /tmp/home.XXXXXX`; USERTEMPDIR=`mktemp -d /tmp/temp.XXXXXX` # seunshare -v -h ${USERHOMEDIR} -t ${USERTEMPDIR} -- /bin/bash
SEE ALSO¶
AUTHOR¶
This manual page was written by Dan Walsh <dwalsh@redhat.com> and Thomas Liu <tliu@fedoraproject.org>
May 2010 | seunshare |