Wednesday, December 9, 2009

unshare(1)

The unshare(1) is a new command line interface to unshare Linux syscall and allows a program to run with some parts of the process execution context unshared from parent. This new command is available in util-linux-ng 2.17 (thanks to Mikhail Gusarov who is author of the command).

Currently, the unshare(1) command allows to disassociates:
  • mount namespace
  • UTS (since kernel 2.6.19, independent hostname and domainname)
  • IPC namespace (System V message queues, semaphores, and shared memory)
  • network namespace (since kernel 2.6.24, independent IP stacks, IP routing tables, firewall, ...)

Probably the most attractive is unshared mount namespace (see Mike Hommey's "newns" or pam_namespace).

For example I have two xterms, let's start a new bash with unshared mount namespace in the first session:

Session1:

# unshare --mount /bin/bash
# mount /dev/sda1 /mnt/test
# grep test /proc/mounts
/dev/sda1 /mnt/test ext3 rw,relatime,errors=continue,user_xattr,acl,data=ordered 0 0
Session2:

# grep test /proc/mounts
# ll /mnt/test
total 0
... the /mnt/test filesystem is visible in the Session1 only. That's all, pretty simple and pretty useful :-)

26 comments:

  1. Interesting. This is a nice feature. Can you think of any use cases? I'd like to use it but don't know where. :)

    ReplyDelete
  2. One example would be mounting something on a multiuser system, where you don't want the other users see your (private) mountpoints.

    ReplyDelete
  3. very nice if you use fuse/ssh to mount a remote home dir

    ReplyDelete
  4. Very good! unshare definantly looks intersting

    but it seems the name 'unshare' is already a command for NFS. Is there any chance that util-linux-ng's unshare would cause a conflict with nfs' 'unshare'?

    ReplyDelete
  5. > the name 'unshare' is already a command for NFS

    on Linux? I see the unshare NFS command on SCO or Sun. For example:

    http://www.math.utah.edu/~beebe/unix/u/unshare.html

    ReplyDelete
  6. Oops... Sorry. I just saw the results in Google when I was looking for the usage for util-linux-ng's unshare, and I got worried before I read that it was for Sun's NFS (actually I thought that NFS would have the same commands across the platforms anyway).

    BTW: I installed the NFS tools in Ubuntu, and there was no unshare command.

    Sorry about that.

    ReplyDelete
  7. I got worried before I read that it was for Sun's NFS (actually I thought that NFS would have the same commands across the platforms anyway).

    ReplyDelete
  8. his is a nice feature. Can you think of any use cases? I'd like to use it but don't know where.

    ReplyDelete
  9. is already a command for NFS. Is there any chance that util-linux-ng's unshare would cause a conflict with nfs' 'unshare'?

    ReplyDelete
  10. Can you think of any use cases? I'd like to use it but don't know where.

    ReplyDelete
  11. What does this mean? Is it like avh-p3200bt?

    ReplyDelete
  12. Thanks for this great post, i find it very interesting and very well thought out and put together. I look forward to reading your work in the future.

    ReplyDelete
  13. I have just started to learn some Linux. This will probably be useful for me. Thanks!

    ReplyDelete
  14. Very handy as I just started learning all the programming code of linux. This was beneficial.

    ReplyDelete
  15. This usually necessitates that we broaden our thinking and explore less conformist ways of meeting and processing information.

    ReplyDelete
  16. I’ll immediately grab your rss as I can not find your email subscription link or e-newsletter service. Do you have any? Please let me know so that I could subscribe. Thanks.

    ReplyDelete
  17. nice topic , its good that you have talked about it

    ReplyDelete
  18. Interesting post about 'unshare(1)'. Thanks for sharing.
    roku reviews | roku deals | hulu roku

    ReplyDelete
  19. Great website, looks very clean and organized. Keep up the good work!

    ReplyDelete
  20. I am not familiar with the use of unshared. Is it good for games or for memory?

    ReplyDelete
  21. This drew roars of chants from campaign headquarters in Chicago, where staff chanted "Plouffe" repeatedly, forcing him to give a talking

    ReplyDelete