[lxc-devel] [PATCH] add lxc-unshare man page, and make 'lxc-unshare -h' work.

Stéphane Graber stgraber at ubuntu.com
Fri Feb 8 23:36:28 UTC 2013 

On 02/08/2013 06:32 PM, Serge Hallyn wrote:
> 
> Also fix some tabs-as-spaces in lxc_unshare.c itself.
> lxc-unshare: run usage() on '-h'
> 
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> ---
>  configure.ac            |   1 +
>  doc/Makefile.am         |   1 +
>  doc/lxc-unshare.sgml.in | 161 ++++++++++++++++++++++++++++++++++++++++++++++++
>  src/lxc/lxc_unshare.c   |  16 ++---
>  4 files changed, 172 insertions(+), 7 deletions(-)
>  create mode 100644 doc/lxc-unshare.sgml.in
> 
> diff --git a/configure.ac b/configure.ac
> index 6402024..eb4b714 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -326,6 +326,7 @@ AC_CONFIG_FILES([
>  	doc/common_options.sgml
>  	doc/see_also.sgml
>  	doc/legacy/lxc-ls.sgml
> +	doc/lxc-unshare.sgml
>  
>  	doc/rootfs/Makefile
>  
> diff --git a/doc/Makefile.am b/doc/Makefile.am
> index e54a087..750398c 100644
> --- a/doc/Makefile.am
> +++ b/doc/Makefile.am
> @@ -18,6 +18,7 @@ man_MANS = \
>  	lxc-console.1 \
>  	lxc-freeze.1 \
>  	lxc-unfreeze.1 \
> +	lxc-unshare.1 \
>  	lxc-monitor.1 \
>  	lxc-wait.1 \
>  	lxc-ps.1 \
> diff --git a/doc/lxc-unshare.sgml.in b/doc/lxc-unshare.sgml.in
> new file mode 100644
> index 0000000..4132d4c
> --- /dev/null
> +++ b/doc/lxc-unshare.sgml.in
> @@ -0,0 +1,161 @@
> +<!--
> +
> +lxc: linux Container library
> +
> +(C) Copyright IBM Corp. 2007, 2008
> +
> +Authors:
> +Daniel Lezcano <dlezcano at fr.ibm.com>
> +Serge Hallyn <serge.hallyn at ubuntu.com>
> +
> +This library is free software; you can redistribute it and/or
> +modify it under the terms of the GNU Lesser General Public
> +License as published by the Free Software Foundation; either
> +version 2.1 of the License, or (at your option) any later version.
> +
> +This library is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +Lesser General Public License for more details.
> +
> +You should have received a copy of the GNU Lesser General Public
> +License along with this library; if not, write to the Free Software
> +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> +
> +-->
> +
> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
> +
> +<!ENTITY commonoptions SYSTEM "@builddir@/common_options.sgml">
> +<!ENTITY seealso SYSTEM "@builddir@/see_also.sgml">
> +]>
> +
> +<refentry>
> +
> +  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
> +
> +  <refmeta>
> +    <refentrytitle>lxc-unshare</refentrytitle>
> +    <manvolnum>1</manvolnum>
> +  </refmeta>
> +
> +  <refnamediv>
> +    <refname>lxc-unshare</refname>
> +
> +    <refpurpose>
> +      Run a task in a new set of namespaces.
> +    </refpurpose>
> +  </refnamediv>
> +
> +  <refsynopsisdiv>
> +    <cmdsynopsis>
> +      <command>lxc-clone</command>
> +      <arg choice="req">-s <replaceable>namespaces</replaceable></arg>
> +      <arg choice="req">-u <replaceable>user</replaceable></arg>
> +      <arg choice="req">command</arg>
> +    </cmdsynopsis>
> +  </refsynopsisdiv>
> +
> +  <refsect1>
> +    <title>Description</title>
> +
> +    <para>
> +      <command>lxc-unshare</command> can be used to run a task in a cloned set
> +      of namespaces.  This command is mainly provided for testing purposes.
> +      Despite its name, it always uses clone rather than unshare to create
> +      the new task with fresh namespaces.  Apart from testing kernel
> +      regressions this should make no difference.
> +    </para>
> +
> +  </refsect1>
> +
> +  <refsect1>
> +
> +    <title>Options</title>
> +
> +    <variablelist>
> +
> +      <varlistentry>
> +	<term>
> +	  <option>-s <replaceable>namespaces</replaceable></option>
> +	</term>
> +	<listitem>
> +	  <para>
> +	    Specify the namespaces to attach to, as a pipe-separated list,
> +	    e.g. <replaceable>NETWORK|IPC</replaceable>. Allowed values are
> +	    <replaceable>MOUNT</replaceable>, <replaceable>PID</replaceable>,
> +	    <replaceable>UTSNAME</replaceable>, <replaceable>IPC</replaceable>,
> +	    <replaceable>USER </replaceable> and
> +	    <replaceable>NETWORK</replaceable>. This allows one to change
> +	    the context of the process to e.g. the network namespace of the
> +	    container while retaining the other namespaces as those of the
> +	    host.
> +	  </para>
> +	</listitem>
> +      </varlistentry>
> +
> +      <varlistentry>
> +	<term>
> +	  <option>-u <replaceable>user</replaceable></option>
> +	</term>
> +	<listitem>
> +	  <para>
> +	    Specify a user which the new task should become.  This option is
> +	    only valid if a user namespace is unshared.
> +	  </para>
> +	</listitem>
> +      </varlistentry>
> +
> +    </variablelist>
> +
> +  </refsect1>
> +
> +  <refsect1>
> +    <title>Examples</title>
> +      <para>
> +        To spawn a new shell with its own UTS (hostname) namespace,
> +        <programlisting>
> +          lxc-clone -s UTSNAME /bin/bash
> +        </programlisting>
> +	If the hostname is changed in that shell, the change will not be
> +	reflected on the host.
> +      </para>
> +      <para>
> +        To spawn a shell in a new network, pid, and mount namespace,
> +        <programlisting>
> +          lxc-clone -s "NETWORK|PID|MOUNT" /bin/bash
> +        </programlisting>
> +	The resulting shell will have pid 1 and will see no network interfaces.
> +	After re-mounting /proc in that shell,
> +        <programlisting>
> +          mount -t proc proc /proc
> +        </programlisting>
> +	ps output will show there are no other processes in the namespace.
> +      </para>
> +  </refsect1>
> +
> +  &seealso;
> +
> +  <refsect1>
> +    <title>Author</title>
> +    <para>Daniel Lezcano <email>daniel.lezcano at free.fr</email></para>
> +  </refsect1>
> +
> +</refentry>
> +
> +<!-- Keep this comment at the end of the file
> +Local variables:
> +mode: sgml
> +sgml-omittag:t
> +sgml-shorttag:t
> +sgml-minimize-attributes:nil
> +sgml-always-quote-attributes:t
> +sgml-indent-step:2
> +sgml-indent-data:t
> +sgml-parent-document:nil
> +sgml-default-dtd-file:nil
> +sgml-exposed-tags:nil
> +sgml-local-catalogs:nil
> +sgml-local-ecat-files:nil
> +End:
> +-->
> diff --git a/src/lxc/lxc_unshare.c b/src/lxc/lxc_unshare.c
> index df91456..d92a96a 100644
> --- a/src/lxc/lxc_unshare.c
> +++ b/src/lxc/lxc_unshare.c
> @@ -125,11 +125,13 @@ int main(int argc, char *argv[])
>  		.flags = &flags,
>  	};
>  
> -	while ((opt = getopt(argc, argv, "s:u:")) != -1) {
> +	while ((opt = getopt(argc, argv, "s:u:h")) != -1) {
>  		switch (opt) {
>  		case 's':
>  			namespaces = optarg;
>  			break;
> +		case 'h':
> +			usage(argv[0]);
>  		case 'u':
>  			uid = lookup_user(optarg);
>  			if (uid == -1)
> @@ -137,10 +139,10 @@ int main(int argc, char *argv[])
>  		}
>  	}
>  
> -    if (argv[optind] == NULL) {
> -        ERROR("a command to execute in the new namespace is required");
> -        return 1;
> -    }
> +	if (argv[optind] == NULL) {
> +		ERROR("a command to execute in the new namespace is required");
> +		return 1;
> +	}
>  
>  	args = &argv[optind];
>  
> @@ -148,8 +150,8 @@ int main(int argc, char *argv[])
>  	if (ret)
>  		return ret;
>  
> -        ret = lxc_fill_namespace_flags(namespaces, &flags);
> - 	if (ret)
> +	ret = lxc_fill_namespace_flags(namespaces, &flags);
> +	if (ret)
>  		usage(argv[0]);
>  
>  	if (!(flags & CLONE_NEWUSER) && uid != -1) {
> 


-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130208/9500a0a7/attachment.pgp>

More information about the lxc-devel mailing list