sandbox/seunshare.8

.TH SEUNSHARE "8" "May 2010" "seunshare" "User Commands"
.SH NAME
seunshare \- Run cmd with alternate homedir, tmpdir and/or SELinux context
.SH SYNOPSIS
.B seunshare
[ -v ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
.br
.SH DESCRIPTION
.PP
Run the
.I executable
within the specified context, using the alternate home directory and /tmp directory.  The seunshare command unshares from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to execute the application under the specified SELinux context.

.TP
\fB\-h homedir\fR
Alternate homedir to be used by the application.  Homedir must be owned by the user.
.TP
\fB\-t\ tmpdir
Use alternate temporary directory to mount on /tmp.  tmpdir must be owned by the user.
.TP
\fB\-C --capabilities\fR
Allow apps executed within the namespace to use capabilities.  Default is no capabilities.
.TP
\fB\-k --kill\fR
Kill all processes with matching MCS level.
.TP
\fB\-Z\ context
Use alternate SELinux context while running the executable.
.TP
\fB\-v\fR
Verbose output
.SH "SEE ALSO"
.TP
runcon(1), sandbox(8), selinux(8)
.PP
.SH AUTHOR
This manual page was written by
.I Dan Walsh <dwalsh@redhat.com>
and
.I Thomas Liu <tliu@fedoraproject.org>