From 9272a9dfbc9acb2b6201bb7556a523d56ff2c0f0 Mon Sep 17 00:00:00 2001
From: Rob Landley <rob@landley.net>
Date: Mon, 12 Dec 2011 23:49:55 -0600
Subject: [PATCH] Implement unshare.

---
 toys/unshare.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 toys/unshare.c

diff --git a/toys/unshare.c b/toys/unshare.c
new file mode 100644
index 0000000..c708ebe
--- /dev/null
+++ b/toys/unshare.c
@@ -0,0 +1,44 @@
+/* vi: set sw=4 ts=4:
+ *
+ * unshare.c - run command in new context
+ *
+ * Copyright 2011 Rob Landley <rob@landley.net>
+ *
+ * Not in SUSv4.
+
+USE_UNSHARE(NEWTOY(unshare, "<1^nium", TOYFLAG_USR|TOYFLAG_BIN))
+
+config UNSHARE
+	bool "unshare"
+	default y
+	help
+	  usage: unshare [-muin] COMMAND...
+
+	  Create new namespace(s) for this process and its children, so some
+	  attribute is not shared with the parent process.  This is part of
+	  Linux Containers.  Each process can have its own:
+
+	  -m	Mount/unmount tree
+	  -u	Host and domain names
+	  -i	SysV IPC (message queues, semaphores, shared memory)
+	  -n	Network address, sockets, routing, iptables
+*/
+
+#include "toys.h"
+
+#include <sched.h>
+
+void unshare_main(void)
+{
+	unsigned flags[]={CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWNET,0};
+	unsigned f=0;
+	int i;
+
+	for (i=0; flags[i]; i++)
+		if (toys.optflags & (1<<i))
+			f |= flags[i];
+
+	if(unshare(f)) perror_exit("failed");
+
+	xexec(toys.optargs);
+}
-- 
2.7.4