Manual Command Description
1
General Commands
2
System Calls
3
Library Functions
4
Special Files
5
File Formats
6
Games
7
Conventions and Miscellany
8
Admin
Home
  1. Admin(8)

seunshare

seunshare — Run cmd with alternate homedir, tmpdir and/or SELinux context

Synopsis

seunshare [ -v ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]

Description

Run the executable within the specified context, using the alternate home directory and /tmp directory.  The seunshare command unshares from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to execute the application under the specified SELinux context.

-h homedir

Alternate homedir to be used by the application.  Homedir must be owned by the user.

-t tmpdir

Use alternate temporary directory to mount on /tmp.  tmpdir must be owned by the user.

-C --capabilities

Allow apps executed within the namespace to use capabilities.  Default is no capabilities.

-k --kill

Kill all processes with matching MCS level.

-Z context

Use alternate SELinux context while running the executable.

-v

Verbose output

See Also

runcon(1), sandbox(8), selinux(8)

Author

This manual page was written by Dan Walsh <dwalsh@redhat.com> and Thomas Liu <tliu@fedoraproject.org>

Referenced By

sandbox(8).

May 2010