Implement unshare.

diff --git a/toys/unshare.c b/toys/unshare.c
new file mode 100644 (file)
index 0000000..c708ebe
--- /dev/null
+++ b/toys/unshare.c
@@ -0,0 +1,44 @@
+/* vi: set sw=4 ts=4:
+ *
+ * unshare.c - run command in new context
+ *
+ * Copyright 2011 Rob Landley <rob@landley.net>
+ *
+ * Not in SUSv4.
+
+USE_UNSHARE(NEWTOY(unshare, "<1^nium", TOYFLAG_USR|TOYFLAG_BIN))
+
+config UNSHARE
+       bool "unshare"
+       default y
+       help
+         usage: unshare [-muin] COMMAND...
+
+         Create new namespace(s) for this process and its children, so some
+         attribute is not shared with the parent process.  This is part of
+         Linux Containers.  Each process can have its own:
+
+         -m    Mount/unmount tree
+         -u    Host and domain names
+         -i    SysV IPC (message queues, semaphores, shared memory)
+         -n    Network address, sockets, routing, iptables
+*/
+
+#include "toys.h"
+
+#include <sched.h>
+
+void unshare_main(void)
+{
+       unsigned flags[]={CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWNET,0};
+       unsigned f=0;
+       int i;
+
+       for (i=0; flags[i]; i++)
+               if (toys.optflags & (1<<i))
+                       f |= flags[i];
+
+       if(unshare(f)) perror_exit("failed");
+
+       xexec(toys.optargs);
+}