[lxc-devel] [PATCH] add lxc-unshare man page, and make 'lxc-unshare -h' work.

Fri Feb 8 23:32:32 UTC 2013

Also fix some tabs-as-spaces in lxc_unshare.c itself.
lxc-unshare: run usage() on '-h'

Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
 configure.ac            |   1 +
 doc/Makefile.am         |   1 +
 doc/lxc-unshare.sgml.in | 161 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/lxc/lxc_unshare.c   |  16 ++---
 4 files changed, 172 insertions(+), 7 deletions(-)
 create mode 100644 doc/lxc-unshare.sgml.in

diff --git a/configure.ac b/configure.ac
index 6402024..eb4b714 100644
--- a/configure.ac
+++ b/configure.ac
@@ -326,6 +326,7 @@ AC_CONFIG_FILES([
 	doc/common_options.sgml
 	doc/see_also.sgml
 	doc/legacy/lxc-ls.sgml
+	doc/lxc-unshare.sgml
 
 	doc/rootfs/Makefile
 
diff --git a/doc/Makefile.am b/doc/Makefile.am
index e54a087..750398c 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -18,6 +18,7 @@ man_MANS = \
 	lxc-console.1 \
 	lxc-freeze.1 \
 	lxc-unfreeze.1 \
+	lxc-unshare.1 \
 	lxc-monitor.1 \
 	lxc-wait.1 \
 	lxc-ps.1 \
diff --git a/doc/lxc-unshare.sgml.in b/doc/lxc-unshare.sgml.in
new file mode 100644
index 0000000..4132d4c
--- /dev/null
+++ b/doc/lxc-unshare.sgml.in
@@ -0,0 +1,161 @@
+<!--
+
+lxc: linux Container library
+
+(C) Copyright IBM Corp. 2007, 2008
+
+Authors:
+Daniel Lezcano <dlezcano at fr.ibm.com>
+Serge Hallyn <serge.hallyn at ubuntu.com>
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+-->
+
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+
+<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
+<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
+]>
+
+<refentry>
+
+  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
+
+  <refmeta>
+    <refentrytitle>lxc-unshare</refentrytitle>
+    <manvolnum>1</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>lxc-unshare</refname>
+
+    <refpurpose>
+      Run a task in a new set of namespaces.
+    </refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>lxc-clone</command>
+      <arg choice="req">-s <replaceable>namespaces</replaceable></arg>
+      <arg choice="req">-u <replaceable>user</replaceable></arg>
+      <arg choice="req">command</arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>
+      <command>lxc-unshare</command> can be used to run a task in a cloned set
+      of namespaces.  This command is mainly provided for testing purposes.
+      Despite its name, it always uses clone rather than unshare to create
+      the new task with fresh namespaces.  Apart from testing kernel
+      regressions this should make no difference.
+    </para>
+
+  </refsect1>
+
+  <refsect1>
+
+    <title>Options</title>
+
+    <variablelist>
+
+      <varlistentry>
+	<term>
+	  <option>-s <replaceable>namespaces</replaceable></option>
+	</term>
+	<listitem>
+	  <para>
+	    Specify the namespaces to attach to, as a pipe-separated list,
+	    e.g. <replaceable>NETWORK|IPC</replaceable>. Allowed values are
+	    <replaceable>MOUNT</replaceable>, <replaceable>PID</replaceable>,
+	    <replaceable>UTSNAME</replaceable>, <replaceable>IPC</replaceable>,
+	    <replaceable>USER </replaceable> and
+	    <replaceable>NETWORK</replaceable>. This allows one to change
+	    the context of the process to e.g. the network namespace of the
+	    container while retaining the other namespaces as those of the
+	    host.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>
+	  <option>-u <replaceable>user</replaceable></option>
+	</term>
+	<listitem>
+	  <para>
+	    Specify a user which the new task should become.  This option is
+	    only valid if a user namespace is unshared.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>Examples</title>
+      <para>
+        To spawn a new shell with its own UTS (hostname) namespace,
+        <programlisting>
+          lxc-clone -s UTSNAME /bin/bash
+        </programlisting>
+	If the hostname is changed in that shell, the change will not be
+	reflected on the host.
+      </para>
+      <para>
+        To spawn a shell in a new network, pid, and mount namespace,
+        <programlisting>
+          lxc-clone -s "NETWORK|PID|MOUNT" /bin/bash
+        </programlisting>
+	The resulting shell will have pid 1 and will see no network interfaces.
+	After re-mounting /proc in that shell,
+        <programlisting>
+          mount -t proc proc /proc
+        </programlisting>
+	ps output will show there are no other processes in the namespace.
+      </para>
+  </refsect1>
+
+  &seealso;
+
+  <refsect1>
+    <title>Author</title>
+    <para>Daniel Lezcano <email>daniel.lezcano at free.fr</email></para>
+  </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-default-dtd-file:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+-->
diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c
index df91456..d92a96a 100644
--- a/src/lxc/lxc_unshare.c
+++ b/src/lxc/lxc_unshare.c
@@ -125,11 +125,13 @@ int main(int argc, char *argv[])
 		.flags = &flags,
 	};
 
-	while ((opt = getopt(argc, argv, "s:u:")) != -1) {
+	while ((opt = getopt(argc, argv, "s:u:h")) != -1) {
 		switch (opt) {
 		case 's':
 			namespaces = optarg;
 			break;
+		case 'h':
+			usage(argv[0]);
 		case 'u':
 			uid = lookup_user(optarg);
 			if (uid == -1)
@@ -137,10 +139,10 @@ int main(int argc, char *argv[])
 		}
 	}
 
-    if (argv[optind] == NULL) {
-        ERROR("a command to execute in the new namespace is required");
-        return 1;
-    }
+	if (argv[optind] == NULL) {
+		ERROR("a command to execute in the new namespace is required");
+		return 1;
+	}
 
 	args = &argv[optind];
 
@@ -148,8 +150,8 @@ int main(int argc, char *argv[])
 	if (ret)
 		return ret;
 
-        ret = lxc_fill_namespace_flags(namespaces, &flags);
- 	if (ret)
+	ret = lxc_fill_namespace_flags(namespaces, &flags);
+	if (ret)
 		usage(argv[0]);
 
 	if (!(flags & CLONE_NEWUSER) && uid != -1) {
-- 
1.8.1.2



