[lxc-devel] [PATCH] add lxc-unshare man page, and make 'lxc-unshare -h' work.

Fri, 08 Feb 2013 15:34:19 -0800 

Also fix some tabs-as-spaces in lxc_unshare.c itself.
lxc-unshare: run usage() on '-h'

Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
---
 configure.ac            |   1 +
 doc/Makefile.am         |   1 +
 doc/lxc-unshare.sgml.in | 161 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/lxc/lxc_unshare.c   |  16 ++---
 4 files changed, 172 insertions(+), 7 deletions(-)
 create mode 100644 doc/lxc-unshare.sgml.in

diff --git a/configure.ac b/configure.ac
index 6402024..eb4b714 100644
--- a/configure.ac
+++ b/configure.ac
@@ -326,6 +326,7 @@ AC_CONFIG_FILES([
        doc/common_options.sgml
        doc/see_also.sgml
        doc/legacy/lxc-ls.sgml
+       doc/lxc-unshare.sgml
 
        doc/rootfs/Makefile
 
diff --git a/doc/Makefile.am b/doc/Makefile.am
index e54a087..750398c 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -18,6 +18,7 @@ man_MANS = \
        lxc-console.1 \
        lxc-freeze.1 \
        lxc-unfreeze.1 \
+       lxc-unshare.1 \
        lxc-monitor.1 \
        lxc-wait.1 \
        lxc-ps.1 \
diff --git a/doc/lxc-unshare.sgml.in b/doc/lxc-unshare.sgml.in
new file mode 100644
index 0000000..4132d4c
--- /dev/null
+++ b/doc/lxc-unshare.sgml.in
@@ -0,0 +1,161 @@
+<!--
+
+lxc: linux Container library
+
+(C) Copyright IBM Corp. 2007, 2008
+
+Authors:
+Daniel Lezcano <dlezcano at fr.ibm.com>
+Serge Hallyn <serge.hallyn at ubuntu.com>
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+-->
+
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" 
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [
+
+<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
+<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
+]>
+
+<refentry>
+
+  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
+
+  <refmeta>
+    <refentrytitle>lxc-unshare</refentrytitle>
+    <manvolnum>1</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>lxc-unshare</refname>
+
+    <refpurpose>
+      Run a task in a new set of namespaces.
+    </refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>lxc-clone</command>
+      <arg choice="req">-s <replaceable>namespaces</replaceable></arg>
+      <arg choice="req">-u <replaceable>user</replaceable></arg>
+      <arg choice="req">command</arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>
+      <command>lxc-unshare</command> can be used to run a task in a cloned set
+      of namespaces.  This command is mainly provided for testing purposes.
+      Despite its name, it always uses clone rather than unshare to create
+      the new task with fresh namespaces.  Apart from testing kernel
+      regressions this should make no difference.
+    </para>
+
+  </refsect1>
+
+  <refsect1>
+
+    <title>Options</title>
+
+    <variablelist>
+
+      <varlistentry>
+       <term>
+         <option>-s <replaceable>namespaces</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+           Specify the namespaces to attach to, as a pipe-separated list,
+           e.g. <replaceable>NETWORK|IPC</replaceable>. Allowed values are
+           <replaceable>MOUNT</replaceable>, <replaceable>PID</replaceable>,
+           <replaceable>UTSNAME</replaceable>, <replaceable>IPC</replaceable>,
+           <replaceable>USER </replaceable> and
+           <replaceable>NETWORK</replaceable>. This allows one to change
+           the context of the process to e.g. the network namespace of the
+           container while retaining the other namespaces as those of the
+           host.
+         </para>
+       </listitem>
+      </varlistentry>
+
+      <varlistentry>
+       <term>
+         <option>-u <replaceable>user</replaceable></option>
+       </term>
+       <listitem>
+         <para>
+           Specify a user which the new task should become.  This option is
+           only valid if a user namespace is unshared.
+         </para>
+       </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>Examples</title>
+      <para>
+        To spawn a new shell with its own UTS (hostname) namespace,
+        <programlisting>
+          lxc-clone -s UTSNAME /bin/bash
+        </programlisting>
+       If the hostname is changed in that shell, the change will not be
+       reflected on the host.
+      </para>
+      <para>
+        To spawn a shell in a new network, pid, and mount namespace,
+        <programlisting>
+          lxc-clone -s "NETWORK|PID|MOUNT" /bin/bash
+        </programlisting>
+       The resulting shell will have pid 1 and will see no network interfaces.
+       After re-mounting /proc in that shell,
+        <programlisting>
+          mount -t proc proc /proc
+        </programlisting>
+       ps output will show there are no other processes in the namespace.
+      </para>
+  </refsect1>
+
+  &seealso;
+
+  <refsect1>
+    <title>Author</title>
+    <para>Daniel Lezcano <email>daniel.lezc...@free.fr</email></para>
+  </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-default-dtd-file:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+-->
diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c
index df91456..d92a96a 100644
--- a/src/lxc/lxc_unshare.c
+++ b/src/lxc/lxc_unshare.c
@@ -125,11 +125,13 @@ int main(int argc, char *argv[])
                .flags = &flags,
        };
 
-       while ((opt = getopt(argc, argv, "s:u:")) != -1) {
+       while ((opt = getopt(argc, argv, "s:u:h")) != -1) {
                switch (opt) {
                case 's':
                        namespaces = optarg;
                        break;
+               case 'h':
+                       usage(argv[0]);
                case 'u':
                        uid = lookup_user(optarg);
                        if (uid == -1)
@@ -137,10 +139,10 @@ int main(int argc, char *argv[])
                }
        }
 
-    if (argv[optind] == NULL) {
-        ERROR("a command to execute in the new namespace is required");
-        return 1;
-    }
+       if (argv[optind] == NULL) {
+               ERROR("a command to execute in the new namespace is required");
+               return 1;
+       }
 
        args = &argv[optind];
 
@@ -148,8 +150,8 @@ int main(int argc, char *argv[])
        if (ret)
                return ret;
 
-        ret = lxc_fill_namespace_flags(namespaces, &flags);
-       if (ret)
+       ret = lxc_fill_namespace_flags(namespaces, &flags);
+       if (ret)
                usage(argv[0]);
 
        if (!(flags & CLONE_NEWUSER) && uid != -1) {
-- 
1.8.1.2


------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel

Reply via email to