This adds support to unshare for time namespaces. With the newly added
options '-t, --time' and '--monotonic' and '--boottime' it is now
possible to change CLOCK_MONOTONIC and CLOCK_BOOTTIME in a new time
namespace.
The time namespace has been merged in kernel version 5.6 and an easy way
to test it is using CLOCK_BOOTTIME and the uptime command:
# uptime
11:08:26 up 20:28, 1 user, load average: 0.00, 0.00, 0.00
# ./unshare --fork --time --boottime 100000000 uptime
11:08:29 up 1158 days, 6:15, 1 user, load average: 0.00, 0.00, 0.00
Signed-off-by: Adrian Reber <areber@redhat.com>
This patch introduces two new parameters to set the
user ID and the group ID of the program to be executed.
Setting group ID also drops supplementary groups.
The option names used are the same as for nsenter,
-S, --setuid and -G, --setgid.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch instroduces two new parameters to set the new
root and the new working directory in this new root.
This allows to combine "unshare chroot" in one command,
and doing like this the /proc filesystem is correctly
mounted in the new root with "--mount-proc".
The new parameters are -R, --root and -w, --wd. The names
are the same as for nsenter, except for "-r" that is already
used by "--map-root-user" and replaced by "-R".
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This allows to conveniently kill the entire process tree
below the forked program, a common problem when scripting
tasks that need to reliably fully terminate without leaving
reparented subprocesses behind.
The example added to the man page shows the most common use.
Implemented using prctl(PR_SET_PDEATHSIG, ...).
Users who know the short options can just hit the short option instead
of tab, and it's not likely that it would be helpful to present a list
of single character options to users who don't know them, doing so
just unnecessarily trashes the list of suggestions.
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>