On 02/08/2013 06:32 PM, Serge Hallyn wrote: > > Also fix some tabs-as-spaces in lxc_unshare.c itself. > lxc-unshare: run usage() on '-h' > > Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
Acked-by: Stéphane Graber <stgra...@ubuntu.com> > --- > configure.ac | 1 + > doc/Makefile.am | 1 + > doc/lxc-unshare.sgml.in | 161 > ++++++++++++++++++++++++++++++++++++++++++++++++ > src/lxc/lxc_unshare.c | 16 ++--- > 4 files changed, 172 insertions(+), 7 deletions(-) > create mode 100644 doc/lxc-unshare.sgml.in > > diff --git a/configure.ac b/configure.ac > index 6402024..eb4b714 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -326,6 +326,7 @@ AC_CONFIG_FILES([ > doc/common_options.sgml > doc/see_also.sgml > doc/legacy/lxc-ls.sgml > + doc/lxc-unshare.sgml > > doc/rootfs/Makefile > > diff --git a/doc/Makefile.am b/doc/Makefile.am > index e54a087..750398c 100644 > --- a/doc/Makefile.am > +++ b/doc/Makefile.am > @@ -18,6 +18,7 @@ man_MANS = \ > lxc-console.1 \ > lxc-freeze.1 \ > lxc-unfreeze.1 \ > + lxc-unshare.1 \ > lxc-monitor.1 \ > lxc-wait.1 \ > lxc-ps.1 \ > diff --git a/doc/lxc-unshare.sgml.in b/doc/lxc-unshare.sgml.in > new file mode 100644 > index 0000000..4132d4c > --- /dev/null > +++ b/doc/lxc-unshare.sgml.in > @@ -0,0 +1,161 @@ > +<!-- > + > +lxc: linux Container library > + > +(C) Copyright IBM Corp. 2007, 2008 > + > +Authors: > +Daniel Lezcano <dlezcano at fr.ibm.com> > +Serge Hallyn <serge.hallyn at ubuntu.com> > + > +This library is free software; you can redistribute it and/or > +modify it under the terms of the GNU Lesser General Public > +License as published by the Free Software Foundation; either > +version 2.1 of the License, or (at your option) any later version. > + > +This library is distributed in the hope that it will be useful, > +but WITHOUT ANY WARRANTY; without even the implied warranty of > +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > +Lesser General Public License for more details. > + > +You should have received a copy of the GNU Lesser General Public > +License along with this library; if not, write to the Free Software > +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > + > +--> > + > +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" > "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ > + > +<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml"> > +<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml"> > +]> > + > +<refentry> > + > + <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo> > + > + <refmeta> > + <refentrytitle>lxc-unshare</refentrytitle> > + <manvolnum>1</manvolnum> > + </refmeta> > + > + <refnamediv> > + <refname>lxc-unshare</refname> > + > + <refpurpose> > + Run a task in a new set of namespaces. > + </refpurpose> > + </refnamediv> > + > + <refsynopsisdiv> > + <cmdsynopsis> > + <command>lxc-clone</command> > + <arg choice="req">-s <replaceable>namespaces</replaceable></arg> > + <arg choice="req">-u <replaceable>user</replaceable></arg> > + <arg choice="req">command</arg> > + </cmdsynopsis> > + </refsynopsisdiv> > + > + <refsect1> > + <title>Description</title> > + > + <para> > + <command>lxc-unshare</command> can be used to run a task in a cloned > set > + of namespaces. This command is mainly provided for testing purposes. > + Despite its name, it always uses clone rather than unshare to create > + the new task with fresh namespaces. Apart from testing kernel > + regressions this should make no difference. > + </para> > + > + </refsect1> > + > + <refsect1> > + > + <title>Options</title> > + > + <variablelist> > + > + <varlistentry> > + <term> > + <option>-s <replaceable>namespaces</replaceable></option> > + </term> > + <listitem> > + <para> > + Specify the namespaces to attach to, as a pipe-separated list, > + e.g. <replaceable>NETWORK|IPC</replaceable>. Allowed values are > + <replaceable>MOUNT</replaceable>, <replaceable>PID</replaceable>, > + <replaceable>UTSNAME</replaceable>, <replaceable>IPC</replaceable>, > + <replaceable>USER </replaceable> and > + <replaceable>NETWORK</replaceable>. This allows one to change > + the context of the process to e.g. the network namespace of the > + container while retaining the other namespaces as those of the > + host. > + </para> > + </listitem> > + </varlistentry> > + > + <varlistentry> > + <term> > + <option>-u <replaceable>user</replaceable></option> > + </term> > + <listitem> > + <para> > + Specify a user which the new task should become. This option is > + only valid if a user namespace is unshared. > + </para> > + </listitem> > + </varlistentry> > + > + </variablelist> > + > + </refsect1> > + > + <refsect1> > + <title>Examples</title> > + <para> > + To spawn a new shell with its own UTS (hostname) namespace, > + <programlisting> > + lxc-clone -s UTSNAME /bin/bash > + </programlisting> > + If the hostname is changed in that shell, the change will not be > + reflected on the host. > + </para> > + <para> > + To spawn a shell in a new network, pid, and mount namespace, > + <programlisting> > + lxc-clone -s "NETWORK|PID|MOUNT" /bin/bash > + </programlisting> > + The resulting shell will have pid 1 and will see no network interfaces. > + After re-mounting /proc in that shell, > + <programlisting> > + mount -t proc proc /proc > + </programlisting> > + ps output will show there are no other processes in the namespace. > + </para> > + </refsect1> > + > + &seealso; > + > + <refsect1> > + <title>Author</title> > + <para>Daniel Lezcano <email>daniel.lezc...@free.fr</email></para> > + </refsect1> > + > +</refentry> > + > +<!-- Keep this comment at the end of the file > +Local variables: > +mode: sgml > +sgml-omittag:t > +sgml-shorttag:t > +sgml-minimize-attributes:nil > +sgml-always-quote-attributes:t > +sgml-indent-step:2 > +sgml-indent-data:t > +sgml-parent-document:nil > +sgml-default-dtd-file:nil > +sgml-exposed-tags:nil > +sgml-local-catalogs:nil > +sgml-local-ecat-files:nil > +End: > +--> > diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c > index df91456..d92a96a 100644 > --- a/src/lxc/lxc_unshare.c > +++ b/src/lxc/lxc_unshare.c > @@ -125,11 +125,13 @@ int main(int argc, char *argv[]) > .flags = &flags, > }; > > - while ((opt = getopt(argc, argv, "s:u:")) != -1) { > + while ((opt = getopt(argc, argv, "s:u:h")) != -1) { > switch (opt) { > case 's': > namespaces = optarg; > break; > + case 'h': > + usage(argv[0]); > case 'u': > uid = lookup_user(optarg); > if (uid == -1) > @@ -137,10 +139,10 @@ int main(int argc, char *argv[]) > } > } > > - if (argv[optind] == NULL) { > - ERROR("a command to execute in the new namespace is required"); > - return 1; > - } > + if (argv[optind] == NULL) { > + ERROR("a command to execute in the new namespace is required"); > + return 1; > + } > > args = &argv[optind]; > > @@ -148,8 +150,8 @@ int main(int argc, char *argv[]) > if (ret) > return ret; > > - ret = lxc_fill_namespace_flags(namespaces, &flags); > - if (ret) > + ret = lxc_fill_namespace_flags(namespaces, &flags); > + if (ret) > usage(argv[0]); > > if (!(flags & CLONE_NEWUSER) && uid != -1) { > -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
